Cybersecurity

Computer security: have you been hacked?

7 February 2018

Computer security: have you been hacked?

Just imagine that you discover someone has got hold of your holiday photos from your own personal computer. Or, that you discover that company information is gone. You haven’t a clue what consequences will come of it and you are aware of panic spreading through your being: ‘How could this happen?

In 2016, over 105,000 property thefts were reported in Norway. This is down in total crimes within the traditional theft crimes (SSB, 2016). On another side, it is reported that other types of crimes, such as IT crimes, have increased, for example ‘ransomware’ – software which blocks access to the victim’s data. This puts data security on the agenda. (Telenor, 2015 / Symantec, 2014)

Isn’t digital/data theft as serious a crime as a physical burglary? It is advertised when a residential alarm is rated as the best, but what is the best to secure digital property. And what do you do in case you do discover a data theft.

What is data theft?

A digital/data theft would be if someone tries or has tried to break into a data system or network. This kind of theft can happen on a computer, but can also be carried out on digital devices like a smartphone or an activity tracker. With several digital devices, it can quickly be difficult to have an accurate overview of which information is stored where.

Digitisation has never been so much in demand as now. It renders a new dimension of modernising possible and greater efficiency of activities. Digitisation gives the possibility to gather, manage and take care of information.

Nonetheless, digitisation has a dark side because information is vulnerable. Digitisation has made businesses’ and peoples’ vulnerabilities extend beyond borders. ‘Anyone’ can attack an electronic target ‘anywhere’ in the world. A hacker can sit thousands of kilometers away and steal sensitive information from Norwegian users or businesses. This is a different challenge than one encounters in a physical theft. This dark side doesn’t mean that we won’t digitise, but that built-in information security must, at all times, go hand in hand with digitisation.

Built-in information security concerns building support for security requirements through all phases in the development of a business system, but also that one considers information security in the business processes. It is worth protecting information that is produced whether it is an email from the boss or a tender for a future client. At the same time as it is important to protect information, it is also important to ensure that it is accessible for the right person at the right time. The lies an enormous potential in how data can exploited, independent of whether it is personal or business related. Information has become the new currency. The question now is, what can one do in order to improve data security?

How to improve your data security

Information is today’s currency and should be protected at all times, but how can one protect it? First and foremost it is about focusing on information security. This can be achieved through well-defined security goals. An example of security goals can be that the organisation will have to include control of traffic flow as part of its solution. In order to attain these goals, one must be able to discover and deal with data security breaches. Businesses must then set different mechanisms in place. This can be by using monitoring solutions, such as Intrusion Detection System (IDS), where the flow of information is monitored. Further, the data can be gathered in a central log- and log analyser tool. This results in facilitating response possibilities so that digital thefts can be discovered and handled.

By having these data security mechanisms in place, it will be easier to discover, register and establish digital theft. This can contribute to successfully exposing criminals and tracking what the stolen information is used for. Currently there is an under reporting of data theft. This comes in large part because businesses are not aware of them or do not wish to report them.

Because we now move around an increasingly more digital world, with increasingly more platforms and devices, it also demands that we must have knowledge about and be conscious of the information which we produce and store. We must all know how we ought to handle information – manually and in IT systems. All devices we own have valuable information and it should make you aware that security concerns us all. Security is like sex education – the less you know, the more vulnerable you are.  Knowledge about security and safeguarding is, therefore, the alpha and omega of protecting yourself.

Derya works in Sopra Steria as a Infrastructure Engineer within Cyber Security. Maiken worked in Sopra Steria as Management Consultant.
Leave a comment

Your email address will not be published. Required fields are marked *