Image by sentavio on Freepik

Because of the recent technological advancements, every aspect of our lives has been affected significantly (most of the time positively, but sometimes also negatively). One example of this is the way businesses conduct their operations have changed whether it is from the way they do their logistics or the way they market themselves, it is increasingly becoming more apparent that more and more of our lives is being carried out in the cyber space. Thus, my reasoning for the selection of the topic of cyber security is to raise awareness and to also deepen my knowledge about the dangers of ignorance in this technological era.

When talking about cyber security, we must start at cyber threats. Cyber threats include cyber warfare, cybercrime, cyber terrorism, and cyber espionage, etc. poses a threat not only to the government or specific corporations but also each and every individual with access to the internet. Almost all of our personal and other sensitive data is uploaded on the internet through one or more channels. This of course poses as a threat for everybody especially governments because the leak of sensitive data or illegal access to the government’s cyber space may lead to severe consequences such as economical damage, disruption of the air traffic control system, etc. But so far, it is hard to come up with a definitive and comprehensive definition of the term “cyber-attack” because of the complex and diverse dimensions that the term encompasses.

Cyber attacks fall into a broader context than what is traditionally called information operations which is the integrated use of the main capabilities of electronic warfare, psychological, computer network, military trickery and security operations in coordination with special support and relevant abilities and to penetration, stop, destroy or hijack human decisions.

Relevant fundamentals to cyber security:

  • Information operations also include computer network operation which consists of the attack, the defense, and utilization enabling which can be summarized as the process of collecting and analyzing data which may serve as a precursor for the attack. Enabling operations in a computer network exploitation context can be carried out with the intent of stealing data
  • Consequences of cyber warfare include catastrophic damage to the country’s image at the international level, catastrophic damage to the political and economic relations of the country, extensive human casualties or danger to public health and safety, Internal chaos, and many more.
  • Encryption is a tool for encrypting data with a key that is required to decrypt said data. This can be used as an attack strategy. This system of data encryption strategy is called the encryption system.

This is a visual representation (venn diagram) of some common terms in discussing cyber threat.

There have been many attempts from experts in the field for giving a definition for cyber attack such as from Richard Clark which describes cyber-attacks as “actions taken by countries to infiltrate the computers or computer networks of a country or other countries to cause damage or disruption”. This is a flawed definition because it does not distinguish between the forms of disruption, and like Richard Clarks’s definition, other experts’ definitions are also flawed in one way or another.

 Next is cyber security. The increasing threat of cyber attacks leads to a defensive stance to protect private and customer data against a competitor taken by organizations and governments. Cyber-security includes practical measures to protect information, networks and data against internal or external threats. Cyber-security professionals protect networks, servers, intranets, and computer systems. Cyber-security ensures that only authorized individuals have access to that information (Ahmed Jamal et al., 2021). Cyber security itself is a broad term which includes several different types such as operational security, cloud security, etc.

In the cyber-security topic, there is a “policy” for cyber security which is not well defined but it is a very common and well accepted concept. This concept is usually applied to the relevant areas of the regulator. The content of the security policy is determined by the objectives of the relevant regulatory body. Therefore, the policies of national and corporate cyber security are very different.

In conclusion, the cyberspace and its characteristics such as anonymity, vulnerability, and asymmetry need to be met with a certain level of caution. Security is no longer as clear cut as it was where enemies of the state for example can be identified geographically. All organizations and governments need to accommodate these changes and be prepared for the threats they may pose.

 

Case example of cybersecurity:

https://m.economictimes.com/news/india/kaspersky-says-blocked-over-74-million-local-threats-in-india-last-year/articleshow/107849398.cms

In this news article, it is said that Kaspersky (which is a cybersecurity company which specializes in antivirus, internet security, password management, endpoint security, and other cybersecurity products and services) blocked more than 74 million local threats in India in 2023 alone. This highlights the severity of the threat we are facing in the cyber space.