Let us go into the first pillar of the CIA Triad: Confidentiality.
Every one of us has watched movies where a brilliant hacker breaks into a system and steals top-secret information. Although events like these do occur in real life, human error is typically the cause of most security breaches. It could have been an oversight on the part of an administrator, a mistake on the part of a customer, or even an attempt by attackers to take advantage of a vulnerability.
However, here’s the thing: once the confidentiality of our data has been breached, the cause becomes secondary. The most important thing is to figure out how the security flaw was exploited so that we can close it and prevent it from happening again. The bottom line is that our security was breached, and it does not matter if it was due to an employee’s mistake or a sophisticated hack.
Attacks on our encryption methods, also known as cryptanalysis, pose a potential risk to the confidentiality of the information. Although it is possible, doing so will be extremely difficult. Today’s Encryption methods are highly secure, making them very difficult to decipher. In most cases, the vulnerabilities result from flaws in the encryption algorithm or mistakes made during its implementation.
There are various ways our data’s confidentiality can be compromised:
- Side Channel Attack: Refers to vulnerabilities in the encryption algorithm or its implementation. It’s a method where attackers gain information from the physical implementation rather than weaknesses in the algorithm.
- Social Engineering: Often, the easiest way to breach security isn’t to crack a password but rather to ask someone for it. Instead of spending decades trying to decrypt information, a hacker might impersonate a colleague and ask Bob for the server password. It’s a tactic that relies more on manipulating individuals than technical skills.
- Keyloggers: These malicious programmes record every keystroke on a compromised computer. If an administrator unknowingly installs a keylogger by visiting a malicious website or clicking on a deceptive email link, their passwords and other sensitive information can be captured and sent to attackers.
The essence is that while we have advanced technical defences, human behaviour remains a significant vulnerability. As we progress in this course, we’ll explore these threats in detail and discuss strategies to counteract them.
It’s essential to revisit the three pillars of security: people, processes, and technology.
- People: Training is crucial. If users are well-informed, they’re less likely to visit suspicious websites or click on potentially harmful links. Raising awareness is the first line of defence. We want them to change their behaviour based on knowledge. However, a challenge we often face is engagement. I’ve been to numerous cybersecurity training sessions where participants seem disinterested. They often view it as a checkbox activity, something they must do quarterly and then forget.
- Processes: Implementing processes like multifactor authentication can add an extra layer of security. Even if a hacker gets a user’s password, they’d still need a second form of verification, like a token from a mobile app, to access the system.
- Technology: While advanced security measures are essential, they’re only as effective as those using them. For instance, even with multifactor authentication, vulnerabilities can still be exploited if users aren’t diligent about securing their secondary verification methods.
Throughout this course, I’ll emphasise the importance of a holistic approach to security. It’s not just about having the right tools or processes; it’s about ensuring everyone understands their role in maintaining security.