Understand the concept of cybersecurity to (better) protect your business

Of all the sensitive issues linked to the development of digital technology in business, there is one that worries more than any other: cybersecurity.

The recent Covid19 crisis has heightened these already existing fears. The ensuing confinement and development of teleworking have only served to highlight certain shortcomings in terms of corporate cyber security.

It is already a complex task to maintain security conditions within the confines of the corporate IT environment. As soon as you move into a more open context, for example by allowing employees to work remotely, the usual rules and tools quickly become obsolete.

One example of this is the 'ZoomBombing' phenomenon that seems to have hit many videoconferences this spring. Fortunately, this was a media phenomenon, but relatively harmless in terms of its consequences.

Now that teleworking, involving the use of new tools, has suddenly taken off, we're going to have to adapt our rules and behaviour. Rules and tools, because cybersecurity is all about technology. But also behaviour, because the human factor is paramount.

See all software Computer Security

Cybersecurity: definition and figures

What is cyber security?

Cybersecurity is a set of security measures, tools, laws and preventive measures designed to protect computer systems, computers, mobile devices and applications against malicious attacks from cyberspace.

According to ANSSI (Agence Nationale de la Sécurité des Systèmes d'Information), these attacks aim to "compromise the availability, integrity or confidentiality of data".

The cybersecurity authorities are therefore urging both large organisations and SMEs to apply a number of best practices in order to limit the risks associated with cybercrime.

The challenges of cybersecurity

This "desired state" is rarely achieved, since information systems and networks are constantly evolving. What is considered secure today may not be so next week.

Hence the need to constantly adapt tools and behaviour.

The government's cyber-malware platform has published the following figures for 2019:

• More than 90,000 victims were assisted on the platform in 2019, compared with 28,855 in 2018, an increase of more than 210%. Of these victims, 90% were private individuals, who are often more vulnerable.
• Among professionals (businesses, local authorities and associations), assistance was sought mainly for phishing (23%) and account hacking (16%).

According to the Confédération des Petites et Moyennes Entreprises (CPME), in 2019, 44% of businesses with fewer than 50 employees had suffered an IT attack. Only 17% of these businesses are insured against the risk of a cyber attack.

Cybersecurity in France: a threat taken very seriously

The figures and definitions given above are proof that cyber security is now a recognised threat. Organisations, government departments and associations have been set up to combat it.

The ANSSI, mentioned above, supports companies according to their profile through consultancy, industrial policy and regulatory actions to make security products and trusted services available. It also works on sovereignty issues.

Cybermalveillance.gouv.fr's mission is to help businesses, individuals and local authorities that are victims of cybermalveillance, to inform them about digital threats and give them the means to defend themselves.

The CERT ( Centre gouvernemental de veille, d'alerte et de réponse aux attaques informatiques ), which is part of the French national agency for information systems security, is accessible 24 hours a day, 7 days a week. It keeps a record of newly detected threats.

Its main missions are to

• detecting system vulnerabilities through technology monitoring; resolving incidents, if necessary with the worldwide CERT network;
• helping to put in place resources to protect against future incidents;
• creating a network of trust.

Corporate cyber security: radically different types of threat

If we are not always fully aware of cybersecurity threats, it is because they can take very different forms.

As the statistics show, attacks are not necessarily technically complex. They often consist of a simple 'scam' based on intimidation or fraud. In these cases, information technology is simply the vector of communication, the point of entry.

The fraudster often has a simple e-mail address, which he uses to contact his target. They will try to extort data from the target:

• either by threat
• or by manipulation.

This is the principle of phishing, spoofing or presidential fraud.

In the imagination, fuelled by the cinema in particular, it is the other aspect of cyber-maliciousness that is most prevalent. This consists of attacks and intrusions that require a high level of technical expertise and put the fraudster in direct contact with the company's data and network.

These practices, which require advanced coding skills, are much less common.

Ransom demands and blocking: the 2 mainstays of hackers

Attacking computer systems with ransomware

The most frequent "technological" cyber attacks, and those with the greatest impact on businesses, are ransomware attacks. Ransomware involves introducing malicious code into a machine or network to block access or encrypt data.

Unlocking, obtaining the key to regain access to information, is then monetised at a high price. In 2019 :

• the average cost charged by hackers has risen from $6,700 to $12,700,
• for the largest organisations, the average cost of a ransom is estimated at $286,000.

Denial of service: pushing the computer system to saturation point

Another fairly common type of malicious attack that requires technical expertise is the Distributed Denial of Service ( DDOS) attack.

The attacker will make a server inaccessible by sending multiple requests until it is saturated. The attacker can also exploit a security vulnerability to cause a service to be shut down or to operate in a severely degraded state.

This type of attack can lead to :

• loss of productivity
• possible loss of revenue for merchant sites
• a negative media image for the organisation, which finds itself paralysed.

Here again, the motivation may be to demand a ransom to put an end to the attacks.

Cyber protection: protecting yourself, but how?

As we can see, cyber security is far from being just a technical issue. It is therefore illusory to rely solely on one or more software tools when it comes to security. That would make your organisation impervious to any threat.

All the serious experts agree: you need to act simultaneously, and constantly, on several fronts. The aim is therefore to put in place simple security solutions that are within the company's reach.

Employee training

The vulnerabilities are first and foremost human. All IT Departments know that even today, a simple forgotten post-it note containing a password can thwart months of IT work.

So the basis of enhanced cybersecurity remains information and training for employees. All the more so in the current context mentioned in the introduction, where teleworking is on the increase, encouraging the BYOD (Bring Your Own Device) phenomenon. Smartphones in particular are new vectors of intrusion, making organisations more vulnerable.

Fortunately, the new biometric security technologies are highly effective, even if they can sometimes be circumvented (facial recognition has its flaws).

Between the human and the technological, good practice can work wonders. For example, good organisation of back-ups is a simple solution to complex attacks. Ransomware has little impact if the data is backed up and up to date.

Cybersecurity tools

As well as working on the human side, it is essential to use powerful, up-to-date software tools. The best known is, of course, anti-virus software, which must be installed on all terminals used by employees, including smartphones.

Backup tools and password managers are also applications that should be used on a large scale.

Firewalls are essential, and here we enter a category of tools that require the intervention of experts, especially if they are used on an organisation-wide scale.

See all software Computer Security

The Data Protection Officer: a key cybersecurity job

In conclusion, the most effective approach to cybersecurity is to use all the practices, specialist organisations and tools in an extensive and complex system.

In this respect, the use of a Data Protection Officer (DPO) is a possibility for a large company in order to protect sensitive data as effectively as possible and limit the risks of intrusion.