All the secrets of Cyber Security: Cyberoo's blog.

Computer data security: why a firewall and antivirus software are not enough

Written by cyberoo-admin | 27 July 2021

In an age now dominated by data such as the one we live in, it is obvious that to protect company information assets from increasingly targeted and sophisticated cyber attacks and therefore to guarantee computer data security, a firewall and antivirus software (although they are always essential) are no longer enough.

In fact, cyber threats circulating on the Internet have reached a much higher degree of evolution compared with traditional passive defense systems. It is therefore appropriate that data-driven companies adopt preventive, multifunctional, advanced security technologies that can block potential intrusions on the company perimeter as well as malware, ransomware and phishing attacks before they can damage systems or work activities.


Computer data security: understanding the threats

In this respect, it is worth remembering that a cyber attack is defined by the National Initiative For Cybersecurity Careers And Studies (NICCS) as an attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity, and more generally speaking, it involves the intentional act of attempting to bypass one or more security services or controls of an information system to alter the confidentiality, integrity and availability (CIA) of data.

Over time, as we were saying, cyber attacks have become increasingly targeted and can exploit the vulnerabilities of information systems targeted to bypass protection systems set up to defend information assets.

To guarantee company security, in addition to using detection tools by malware and firewalls, intense Cyber Threat Intelligence activity is therefore also essential, which helps prevent attacks from cyber criminals.

Cyber Threat Intelligence includes, in particular, the collection and analysis of useful information to identify possible cyber threats from a technical point of view and in terms of resources, motivation and intentions, including in relation to specific operating environments.

It is therefore an enabling factor for implementing effective prevention and defense measures that offer considerable advantages for any companies, whether they are public or private, that pursue and protect their business goals through new information technologies.

It is therefore obvious how designing company security solutions, their governance, management and compliance can bring considerable benefits from the structured acquisition and study of information on possible cyber threats.

In fact, to respond effectively to targeted attacks, just being able to recognize the threat is not enough: you also need to integrate information on the vulnerabilities of your information systems and on the impacts that a potential attack could have. In this way, companies can establish their own risk profile and assign a value to each risk, which can then be reduced by introducing preventive security, defense, detection and early warning measures.


Computer data security: the importance of sharing information

Cyber Threat Intelligence can therefore help improve companies’ security posture as it helps collect information on indicators of compromise and on the tactics, techniques, and procedures (TTP) used by attackers, as well as on the suggested actions to detect, contain or prevent attacks, and on the results of incident analysis.

While the next step involves sharing information (info-sharing), another important activity for computer data security that can help other organizations to improve their own security posture in turn.


Never forget the importance of the human factor

However, even advanced technology alone might not be enough to guarantee security for the company’s computer data and its physical and virtual perimeter. No security plan is actually effective if it does not also take into consideration the weak link in the entire chain: the human factor which, with its vulnerabilities, increasingly represents the main target for criminal hackers’ malicious activities who can access company infrastructures and systems by using weak, default, stolen or, in any case, compromised credentials.

It is therefore no coincidence that whenever computer data is breached, the cause can always be attributed to the human factor which is targeted through phishing and social engineering campaigns.

So the last pieces to the corporate cyber security puzzle are therefore proper management of digital identities, which is required to always keep access to company systems and data under control, as well as continuous security awareness by company users, also including, alongside employees, various external suppliers and clients who access the infrastructures in some way.