Cybersecurity

£100k Daily Fines in a Security Breach in the UK

The UK’s proposing in the Cyber Security and Resilience (CSR) Bill to slap companies with a £100k ($129k) daily fine or 10 percent of turnover for each day the breach persists after the given timeframe issued by the government.

Another part of the bill is mandatory incident reporting to …

Procedures to Secure a Network

The first step to securing a network is to look at the business objectives and update the inventory of IT assets so the organisation knows (a) what the budget is, (b) the acceptable and intolerable risks in relation to the business objectives, industry regulations and potential damages, and (c) …

Actions to Minimise Network Security Threats

Backups

An organisation can back up data by following the 3-2-1 rule: have three copies of data at any time, i.e. the original working data and at least two copies; stored in two different media, e.g. hard drive or in the cloud; and keep one copy offsite in case of a site-specific disaster such as …

Minimise Network Security Threats With Hardware and Software

Hardware

A firewall can be used to examine incoming and outgoing data from the local area network (LAN) to the wide area network (WAN) to see if the data packets meet the criteria according to its list of permissions such as approved IP address and ports.

Physical authenticators such as mobile …

Motives Behind Network Attacks

Financial

The main driver of a network attack is to extort money and make the time spent in research worthwhile. People with a high-profile and in the public eye make obvious targets for spear phishing campaigns. Bank balances and HR records are useful information to know how much a company or …

Types and Sources of Network Attacks

Types

Passive attacks

A passive attack is one that quietly collects information on a system without encrypting or altering data. It is a precursor to an active attack in the reconnaissance phase and is hard to detect until an active attack occurs.

Phishing is a method to lure a victim into …

Risks Involved in a Data Breach

Data breaches

A data breach is when data confidentiality is compromised due to an unauthorised access to the computer system or database in a cyberattack, or theft of a physical storage medium like a USB flash drive. Data may be sensitive or non-sensitive including business secrets, personal …

Ethical Hacking Tools and Techniques

Physical perspective

Drones can be used to obtain information from the sky. It can be used to remotely shoulder surf and record sensitive login credentials being typed. Further, it can be used to capture the movement of people such as smokers and security guards or study a building to see where the …

Processes to Vet Ethical Hackers for Employment

When hiring ethical hackers, it is important to check a candidate’s background. This can be done by interviewing the candidate to see if they are who they say they are. After the interview, if the work involves government data, Disbarring and Vetting Service, Security Clearance and Baseline …

Role of Ethical Hacking

Ethical hacking is an authorised attempt to breach a computer system, application, or data without malicious intent as this is agreed and scoped with the client. The purpose is to find and document vulnerabilities which are presented in a report to the client so that mitigation strategies and …

Ways to Maintain and Monitor Network Performance

Software utilities

Ping

Pinging can show the round trip time in milliseconds for a message to be sent from the sender to the receiver and then back to the sender in the command prompt in Windows OS. If using Windows, It makes 4 attempts by default and displays any retries, the number of data losses …

Ways to Support and Maintain Network Security

Access control (rights and permissions)

Access control is a set of protocols that acts as gatekeepers to block unauthorised users and devices from accessing a private network, or give restricted access to external users. The policies prevent unwanted intruders from entering the network or data from …