What's security in the digital environment?
The internet is mostly private and secure, but it can also be an insecure channel for exchanging information. With a high risk of intrusion by hackers and cybercriminals, cyber security ought to be a top priority for individuals and businesses.
In addition to internet security, cyber security includes the processes and practices you have in place to ensure your data and communications remain confidential, integer and available. Applying measures recommended by .auCheck is one example; and having a process in place to regularly check that you’re still up-to-standard is another.
Cybersecurity is a process informed by answers to questions like: - Have we identified the right risks for our company and customers? - Are we managing those risks effectively (keeping in mind that compliance and more spending on security does not equal security)? - Do we have plans and capabilities in place to respond swiftly to an incident? Do we regularly test those plans?
INSERT: PaloAlto: navigating the Digital Age + seek permission
For individuals and small businesses, issues around internet security and application security are likely the most prominent.
Internet security is an aspect of the broader concept of cybersecurity. Internet security is concentrated on specific threats and vulnerabilities of online access and use of the internet.
Internet security consists of a technical means to protect activities and transactions conducted online over the internet. These means are meant to safeguard visitors to websites or email contacts from threats such as hacking into computer systems, email addresses, or websites; malicious software that can infect and inherently damage systems; and identity theft by hackers who steal personal data such as bank account information and credit card numbers.
Application security is concentrated on using software and hardware that is generally regarded safe and secure. A first step in the use of adequate antivirus programs and firewalls. The next step is to check whether your devices and other hardware is built by a reputable manufacturer; whether your software applications are (regularly) updated and do not unnecessarily extract usage data; and whether your communication tools use end-to-end encryption.
In every case, you should first start assessing the cyber risks for your company and making a conscious decision about how much risk you can absorb. With that completed, you can decide which levels of internet security and application security you like to introduce, but remember there is a basic minimum of security that you’re expected to follow.