The course is part of this learning path
Security risks
It’s time to look at security risks in more detail. The three main ones are: big data, the Internet of Things, and social media.
Big data
The first of these three threats is big data. The term refers to the extremely large volumes of structured and unstructured data that flood our businesses every day.
The five Vs of big data
You’ll want to use the five Vs to look at big data: Volume, Velocity, Variety, Veracity and Value.
- Volume: The volume of data is enormous and so you need to focus on finding the special tools and approaches to interpret this data. In this way, you can use the data to make better decisions and more effective strategic security plans.
- Velocity: Can be more important than Volume because companies need information as soon as is possible, ideally as close to real-time as is feasible. With fast information flow, threats can be dealt with sooner and more easily.
- Variety: A company can gain information from many sources, both structured and unstructured, and using a greater variety of sources can improve relevance and objectivity. This gives us a more accurate overall picture of threat intelligence, which makes it easier to defend against threats.
- Veracity: The truth and accuracy of the data source, type, and its processing are vital in achieving useful data. If you cannot trust the data, you cannot make the reliably informed decisions.
- Value: With the volume of data available it is essential to continually reflect on the value of the data you're processing to ensure that it's actually useful, helping you defend against real threats in the best way.
If you successfully harness big data, you can improve your security in numerous ways. Effective use of big data can enable better risk management, reduce reaction time, and assist change management with smart decision making. When you combine cyber security threat intelligence with high-powered analytics, you can accomplish a variety of cyber security tasks, such as:
- Identifying root causes of security failures, issues, and defects in as close to real time as possible
- Recalculating entire risk mitigation strategies in minutes
- Detecting fraudulent behaviour before it affects your organisation
So, you can see how influential big data is to cyber security.
The Internet of Things (IoT)
The Internet of Things (IoT) is a term that describes the connecting of a vast range of physical devices, vehicles, buildings, and other items to the Internet.
These ‘smart’ devices contain software and components that allow them to collect and exchange data over networks and the Internet.
Growing all the time
The number of these devices is already huge and is growing all the time, this means that the number of potential threats/vulnerabilities (the attack surface) is increasing exponentially.
To improve the situation, the Internet of Things Security Foundation (IoTSF) was founded with a mission to promote knowledge and best practice for IoT manufacturers. With this initiative, it is hoped that future IoT devices will be less vulnerable to attacks or manipulation. To learn more about the vast IoT world, click on this link to visit Shodan's website.
Social media
While social media is an effective promotional device, it has also become a major challenge for the security function.
Thanks to what is posted on social media, attackers can gather very specific details about decision makers and executives in an organisation and use this to make sophisticated social engineering attacks. It can be trivial for hackers to quickly infiltrate an organisation and ruin its reputation because companies often have little direct control over their social media presence. Having a social media policy is essential to make sure you control the information flow from employees and subcontractors onto social media platforms. Monitoring this should be a high priority, as is having a plan to manage any fallout from misuse of these channels.
For useful blog and discussion sources, visit this list curated by Digital Guardian.
Summary
Having now looked at big data, IoT and social media, you are now aware of the sources of the greatest security risks.
You can understand why a comprehensive threat management system needs to monitor these channels continually. You have also learned how big data can be a great weapon against attacks and that a focus on improving IoT and social media security is an essential aspect of modern cyber protection.
What's next?
Next, you’ll see a video where our expert Mark will be taking you through open-source intelligence (OSINT).
In this course, you’ll be looking at numerous aspects of the risk matrix including the risk and threats involved in big data, the Internet of Things (IoT), the dark web and social media. You'll also be exploring threat intelligence, unified threat management (UTM), and security risk. You'll also see how you can use open-source intelligence (OSINT) and Dark Web Threat Intelligence to help you establish, improve and refine your risk treatment. All of this ensures that your organisation is protected from and alert to the constantly evolving series of information security threats.
However, before you go on to threat management, let's first review risk and see how it relates to cyber security.
A world-leading tech and digital skills organization, we help many of the world’s leading companies to build their tech and digital capabilities via our range of world-class training courses, reskilling bootcamps, work-based learning programs, and apprenticeships. We also create bespoke solutions, blending elements to meet specific client needs.