Discovery, analysis and cybersecurity intelligence
Cyber attacks are malicious and deliberate attempts by a person or organization that violate the information system of another person or organization. Cybersecurity practices applicable to organizations, on the other hand, include tools, policies, security concepts, security assurances, guidelines, risk management approaches, activities, trainings, best practices and technologies used to protect the assets of organizations and users. It aims to ensure that the security features of the assets of the institution, organization and users are created and maintained in a way that can counter the security risks in the cyber environment. The main goals of cybersecurity are accessibility, integrity and confidentiality. Cybersecurity is not entirely the responsibility of a single person or unit. Everyone has a responsibility for cybersecurity as part of cyberspace, including the internet-connected devices we use. Increasing awareness as an institution paves the way for us to become more resilient and safer against cyberattacks.
The most important thing companies have in the digital world is data. Companies or institutions process, sell or rent this data. In short, their existence in the real world, as in the cyber world, depends on this data. For this reason, some standards have been established on data security around the world. Cybersecurity experts also ensure that companies meet these standards.
Firms and institutions are institutions responsible for ensuring information security. Otherwise, it is inevitable that they and their customer data will fall into the hands of 3rd parties by being exposed to the attacks of cyberbullies. Such a situation causes institutions and organizations to suffer both morally and materially.
A cybersecurity governance and risk management program should be established according to the size of the organization. Cybersecurity risk needs to be viewed by owners and managers as a significant business risk. This should align with compliance, operational, financial and reputational risks, with appropriate measurement criteria and results being monitored and managed.
There are frameworks for voluntary use which can be utilized to evaluate risk assessment as well as best practices. The National Institute of Standards and Technology (NIST) CyberSecurity Framework includes five simultaneous and continuous functions:
Define: Develop an organizational understanding to manage cyber security risk to systems, people, assets, data and capabilities.
Protection: Develop and implement appropriate measures to ensure critical services are delivered.
Detect: Develop and implement appropriate actions to identify when a cybersecurity incident has occurred.
Response: Develop and implement appropriate actions to take action regarding a detected cybersecurity incident.
Recovery: Develop and implement appropriate actions to maintain resilience plans and restore any capabilities or services that were disrupted by a cybersecurity incident.
· Stealing bank information,
· Replacement cost of damaged devices,
· Disruption of production activities, making production lines dysfunctional,
· Material and legal consequences arising from theft or loss of customer information,
· Theft or loss of financial data such as debt and credit,
· Amounts to be paid to open encrypted files,
· Loss of files belonging to jobs that require great effort and long-term savings,
· Labor to be spent to restore the system,
· Loss of reputation in case of identity theft,
· Legal problems as a result of the transactions made by hackers on the devices they have seized,
· Damages caused by hackers gaining unauthorized access to the company network
· Keep legal records in accordance with Law No. 5651 (law on crimes committed through internet broadcasts) and Law No. 6698 (Personal Data Protection Law).
· It should be easily understandable and manageable.
· Must have protection against malware.
· It should provide reports and views in the desired detail.
· There should be a system to prevent attacks coming from the Internet.
· It must be up to date and under development.
· System security must be provided for all computers through a central firewall.
· The cybersecurity system should be a whole in terms of both hardware and software.