Cyber security, a grave concern
Cyber security has become a global concern nowadays. New technology has been formulated from time to time and at the same time, new type of security threat has also been created alarmingly. The more the online activities of individuals, organizations and nations are being conducted the security of those activities is an emerging challenge for society. The medium has created new potentials for criminal or hostile actions, in cyberspace carrying out these hostile actions, and threats to societal interests as a result of these hostile actions.
Cyber security is one of the most important aspects to consider when working over the internet, LAN or other method, no matter how small or big the business is. While there is no network that is immune to attacks, a stable and efficient cyber security system is essential to protecting client data. A good network security system helps business reduce the risk of falling victim of data theft and sabotage. It helps to protect the work stations from harmful spyware. It also ensures that shared data is kept secure.
Cyber security is the protection of internet-connected systems, including hardware, software and data, from cyber attacks. In a computing context, security comprises cyber security and physical security -- both are used by enterprises to protect against unauthorized access to data centres and other computerized systems.
Cyber security is not just an IT problem, sometimes we think but a business problem. Awareness training is not just necessary for IT expert but for all employees who has access to a computer and Internet. The focus and specialty of awareness training need to be tailored to each employees function and their role within an organisation. Cyber security needs to be part of an organisations culture to be effective, if it is just a checkbox approach, which employees don't understand what it is about and why it will surely be ineffective.
When we talk about cyber security, we almost always focus on the newest technology available to combat cyber security risks and threats. Companies focus so much on protecting hardware and software against cyber threats that they forget about securing processes and most importantly, providing adequate training for people involved in cyber security.
Weak passwords and bad practices in email or social media make it much easier for others to hack into our account and gain access to our friends' and family's data. Whether it's a bank account number, a photo best kept private, or complete identity theft, no one wants to be responsible for cyber crime on their loved.
Awareness training will provide our organisation the best value for money solution in the fight against cyber threats.
The benefits of cyber security awareness training are immense. Not all cyber security awareness training is equal; one should ensure that the training he selects for his organisation is suited to specific needs, his business environment and his level of cyber security maturity.
Sometimes, customer data and credit card information is being stolen, money is lifted from pay check accounts, trade secrets and other intellectual property are copied and leaked, and in some cases, the criminals hack into internal systems and held them for ransom.
It is estimated that cyber crime costs over $400 billion per year of the global economy. As a result, companies and organizations all over the world, including the US Government, are making cyber security a top priority for years after year and are setting up standards for cyber security protocol. During Barak Obama Administration, President asked the National Institute of Standards and Technology (NIST) to draw up a set of best practices for cyber security. Created with the input of thousands of security experts, the plan is designed to help organizations manage the risks of a cyber security breach.
Needless to say, the ever-increasing innovation of technology is bringing a greater demand for professionals with sophisticated skills and awareness to protect the cyber space. According to Bertrand Liard, a Paris-based international law firm said, "Responding to cyber attacks requires both a global vision and a fine knowledge."
Cyber security at Bank, Financial Institutions, Government Organization, Multinational Corporate Company etc is vital for many reasons in day to day operations but avoiding tendency to cyber security may cause a huge loss.
It may be mentioned here that a group of cyber criminals stole $101 million from Bangladesh Bank's account with New York's Federal Reserve Bank in February 2016 and the whole fund was laundered at Philippine and Sri Lanka. The incident came to light after several days later and caused a widespread criticism across the global media.
A new kind of such fraud in ATM booth was also detected by law enforcement agencies after arresting six Ukrainian citizens in Dhaka during June of this year 2019. Later it has been unveiled that money was withdrawn from an automated teller machine (ATM) of a renowned private bank booth, but neither any transaction recorded in the bank server nor any money was deducted from any client's account. The cards, they have been used, were found with works differently. As the card was inserted into the ATM machine, connection between the booth and the bank's server got disconnected. Then they withdrew money like their way.
Such fraud was never seen in our banking sector before what they have done. They did not use skimming devices to clone cards what has been used in few years ago for several banks. They took the money out of the ATM's vault without any server records and it is a new concern for the ATM booth security of the banks.
It has been observed that most of the fraud activities took place in our country via electronic delivery channels, such as mobile banking, ATM and plastic card transactions. The lack of awareness about cyber security makes most people an easy target for anyone trying to hack into their personal data.
A 2018 study by Bangladesh Institute of Bank Management (BIBM) says 62 per cent of the country's scheduled banks are vulnerable to cyber attack while 28 per cent of the banks have no arrangement for dealing with such attack.
Cyber security awareness should be an important part of any organisation's cyber security management strategy. Not only does it address the human weakness factor in our strategy, it also provides immediate protection at an affordable price. Cyber security awareness training needs to be designed for our organisations, not in isolation to be effective, it should be focused on potential risk.
One of the most important groups to teach about cyber security is our youth and awareness to cyber security is vital for the safety of our digital technology. While they are used to using credit cards to shop online, they can make it very easy for cyber criminals to access data through creating insecure personal accounts.
The writer is banker and freelance
contributor, Gandaria, Dhaka