Frequently Asked Questions
The increasing reliance of our information-age economies and governments on cyber (computer-based) infrastructure makes them progressively more vulnerable to cyber attacks on our computer systems, networks, and data. In their most disruptive form, cyber attacks target the enterprise, government, military, or other infrastructural assets of a nation or its citizens.
Both the volume and sophistication of cyber threats (cyber warfare, cyber terrorism, cyber espionage and malicious hacking) are monotonically increasing, and pose potent threats to our enterprise, government, military, or other infrastructural assets. Knowing that to be forewarned is to be forearmed, we are well advised to effect strong Cybersecurity defenses that will thwart rapidly evolving cyber threats.
Ransomware is always one of our biggest concerns. Recently, we’ve also been concerned with monitoring and preventing lateral phishing takeover attacks.
Through these types of cyberattacks, hackers gain access to an employee’s email account. Then, they set up rules to extract valuable data and information. Once hackers find a piece of information they can exploit, they use it to create a genuine-looking email to everyone in the employee’s address book.
With advanced technologies and machine learning, hackers can make phishing emails look frighteningly legitimate. As other employees open and interact with the email, hackers gain access to more data and information until the entire organisation is affected.
Mobile devices do bring great utility in terms of convenience and allowing individuals to be “online all the time.” Governments have widely deployed mobile devices for accessing resources and greater workforce productivity. However, the use of mobile devices for communicating and for sharing data create inherent security issues and add more points of access to the network. Mobile malware threats are certainly growing and a significant security concern with mobile devices is the loss of the device. Additional risks related to mobile devices are personal devices being used in the workplace and authentication of the user.
Yes. Cloud services promise to provide flexibility, scalability, measured service and certain cost efficiencies, but also present additional security risks associated with authentication, access and storage of government data. The total economic cost and different security elements of cloud services must be fully understood when evaluating cloud computing in general and the various deployment models (public, private, hybrid, community). Consumer-based cloud services used by government workers present additional risks because they may not offer rigorous security controls.