Understanding Cybersecurity
Published on : Saturday 05-03-2022
Companies need cybersecurity to protect their data and intellectual property, says Soundharyaa Nandakumar.
We are living in a world where the impact of technologies on humans is way higher than we get to know them, in the sense even a smallest work cannot be done without the help of some technology. Technologies are evolving every day in both ways – hardware and software. Starting from the All-in-One tool for handyman, built-in battery mobile phone, to virtually simulating the work with your fingers, the evolution of technologies does not stop here. It feels so we are in a relay race with technologies running side to side, and the only difference is there is no win in this race, as it is forever with barricades in-between called technology vulnerabilities which can be the entry gate to fraudsters. In order to keep fraudsters at bay, industries are implementing cybersecurity measures. Cybersecurity is generally defined as a process of protecting systems, networks, and programs from digital attacks.
“Cybersecurity is not an end unto itself; it is instead an obligation that our governments and societies must take on willingly, to ensure that innovation continues to flourish, drive markets, and improve lives.” – Barack Obama in his speech during the launch of the United States International Strategy for Cybersecurity/cyberspace.
Fraudsters are those demons who are capable of deploying numerous attacks against individuals or a business firm by accessing, deleting, extorting payments or interfering in the work process with the help of these technology related vulnerabilities. Normally these technological vulnerabilities when exploited lead to the undermining of health and objectives of any individual or an organisation. This breach can also lead to devastating consequences like losing the organisation’s reputation, loss of personal information and anything for compromises security. This in turn makes us realise the importance of protection of network, systems, etc., from these digital threats and the reason why cybersecurity is becoming one of the irreplaceable factors in the technological phase.
As a matter of fact, whether as an individual, an organisation or a MNC, we rely on computer systems every day, in the name of cloud service, Internet of Things, smartphone backup, etc., and as a result of which, we have various security vulnerabilities that didn’t even exist a few decades ago. As our day to day work gets easier, with the help of technology, it also increases the security based vulnerabilities. But in order to understand cybersecurity, we need to understand about information security and what is their relationship – in layman terms, cybersecurity focuses only on threats, acts as defence to malicious software; whereas information security focuses on protection of data, security, oversees unauthorised access and is much more in a wide view. In even more simpler terms, cybersecurity is a subset of information security.
Source: McKinsey Report
According to a McKinsey report of analysis and prediction, the estimated cybersecurity market will increase from $4.9 billion to $9.7 billion by 2030 corresponding to annual growth of more than 7 per cent. The report also divided the cybersecurity market to three elements, viz., hardware based, software related, and process and solution related cybersecurity.
We talk about cybersecurity, cyber threats, and much more, do we have any idea what kind of cyber threats affect the individual? In today’s world, somewhere or the other, at least 10% of mankind or more are exposed to cyber threats and deeply affected by it. That’s why I believe cybersecurity is very important and even more important is to know what kind of cyber threats are waiting for us. In this sense, the accompanying Table lists some of the cyber-attacks which are common and more likely to occur.
The threats are not restricted to those listed and there are many more like Denial of Service (DOS) attack, SQL Injections, Zero Day Exploit, Password Attack, etc., and with every different attack there is nefarious or demon purpose. For example, I believe photo morphing is also one form of cyber-attack. Haven’t we heard of the cases in India, about the morphed photos of many young girls putting them auction through an app – is this not a form of cyber-attack?
As far as the industry concerned, medical services, retailers and public utilities have experienced the most breaches. These sectors are more appealing to cybercriminals because they collect a vast number of financial and medical related data from people for various purposes: Companies need cybersecurity to protect their data and intellectual property.
Do these cyber threats stop with this? Definitely not. These threats do not stop here as in other industries like automotive also, digital threats started emerging in the past decade are currently on the rise. In today’s world cars are increasingly connected and shared, are getting electrified and would soon become autonomous. The industry is reaching a stage where the vehicle will not run without the internet. Here are some examples of cyber-attacks in the automotive industry:
1. In 2002, hackers were hired by aftermarket consumers to reprogram powertrain (engine) calibration for more aggressive performance.
2. In 2005, Bluetooth connection were hacked to listen to conservations or downloading contacts.
3. In 2015, it was reported that two researchers were able to hijack a vehicle and they were able to turn the steering wheel, disable the brakes, shut off the engine.
And it goes on. It is clear that ‘hacking’ started way back – from 2002 to 2022 – and there were numerous cyber hacks reported and there could many more that were not reported. We are in an age where vehicle can be opened through app and many companies use this application as a business. The Rolls Royce can be operated or driven with app with the help of virtual steering wheel, which clearly shows how important is connectivity between vehicles and also how vulnerable to attacks. For this reason, companies like Continental are focusing on creating end-to-end encryption for protecting products and solutions. They are developing end-to-end solutions with the aim of ensuring the highest potential security from Day One in product development to avoid security based hacks in the first place, and many more companies are just investing in cybersecurity to make current and future vehicles even safer. Not just the automotive industry, many other industries are also working on implementing ISO 27032, which basically acts as a guide for cybersecurity through specific recommendation in their company structure.
My take on this topic is based on my personal experience, having been a victim of cyber-attack (phishing). I can clearly see the importance of cyber protection and to keep the network protected. What I see as even more important is to know the technologies that hacks are running ahead of us. This technology hack knowledge is not for the purpose of using it against anyone, but for the purpose of being on the toes, and not to be ignorant against these demon hackers. In order to keep them at bay, the first thing is we need to protect our firewalls, as an individual, as an organisation or anything for that matter, to protect our belongings, update the security, etc. The other thing is to be knowledgeable about these threats, because some things hit us hard. When I was cyber attacked, making me lose my hard earned money, all I could think of is how ignorant I was in front these demons. On the other hand, it also made me start reading a lot of technology based articles to become knowledgeable. There are many ways of becoming knowledgeable, and I have found what works for me. Each one of us have to figure out what is the best way for them.
Soundharyaa Nandakumar has done her Masters in Mechatronics and Cyber-Physical System in Germany and presently working as a Test Engineer, testing Vehicle Electronic Control Units in Connected Drive department. Her previous work experience as an automobile technician has given her a good understanding of how beautiful the car/vehicle is with intricate designs and unbelievable technologies inside. This craze and passion for cars made the decision for her to pursue a career in Automotive Technology.
In her own words, “I always compare cars to women, because we never know what is inside them, how mysterious they are with n number of technologies evolving around every day making them futuristic statements – just like women – undergoing many things in a day to be strong enough to conquer the world.”
