Early this year at the Compliance and Healthcare Innovation Conference, hosted by EPI Conferences, one of the topics presented was cyber security. This presentation itself was quite interesting but the thing that I didn’t get until now was that most presenters referred to cyber security in their presentations.
Cyber security refers to the initiatives and efforts directed towards the protection of computer systems and networks against attacks, damage or unauthorized access. Normally these efforts include initiatives such as conducting security audits, installing software patches, auditing transactions between systems and networks and even encrypting systems, to mention a few.
Cyber attacks are not easily recognized and the same may fall under a number of categories including but not limited to:
- Social engineering. Basically, these are subroutines designed to reach out to humans to get them to trust them and tricking them into provident access or releasing information that may be used to gain access. If you think about it, it is easier to break a person than to try to hack a computer, hence the success of this technique.
- Phishing attacks. Phishing refers to activities where a third party illegally represents a reputable organization in the hopes of tricking a user in revealing critical information such as account numbers, login and passwords.
- Unpatched software. Most IT companies are updating, upgrading or changing their security protocols on an ongoing basis. Many users see this as a means for IT companies to make more money. Regretfully, the reality of life is that failure to install these patches exposes everyone to undue security risks.
- Social media. Social media can be used to collect information about a specific user. This information can then be used by cyber criminals to trick the user into revealing additional information, providing access to networks or simply to gain access to other individuals.
The key to remember is that cybercrimes are real and that education of users still remains as the best cyber security measure.