More and more often we hear about cybersecurity and how it is crucial to implement it:
should always be kept under control in view of possible problems, both at company and personal level.
But what is cybersecurity? The most classic reference point is that of the hacker in the movies: by pressing a sequence of keys, he manages to penetrate even the most secure systems. But of course it is not as simple as that. So-called computer security is in fact a battle between hackers – who want to break into the most inviolable systems in order to obtain data, fame or ransom – and systems engineers – who are constantly trying to secure their company. A truly inviolable company is in fact a utopia: even infrastructures that one imagines as secure enough to withstand any kind of attack are still penetrated. Do the hacker groups Anonymous or Lapsus$ ring a bell?
The term hacker is almost always confused with the idea of someone who wants to damage our system. On the contrary, there are Ethical Hackers, who constantly collaborate to secure organisations and government bodies, providing their know-how on methodologies to detect possible vulnerabilities. Figures such as these must remain constantly up-to-date, both on new vulnerabilities and on the attack methodologies of the various systems, in order to carry out periodic tests on the infrastructure and actively monitor its security status. New attacks may reveal new vulnerabilities and one must protect oneself.
On the one hand, companies need more and more ethical hackers and systems analysts, but on the other hand, there is a need for in-house figures such as the CISO (Chief Information Security Officer) with the task of building the company’s IT security policy and actively training staff in this regard. Indeed, employees should always be alert in the workplace but also in their personal spaces, understanding what risks might arise and how to avoid them.
Cyber security, however, does not only apply to the contexts mentioned so far, but is an element in every aspect of business. It can be found in the development of codes, in forensic analysis (fundamental for computer investigations or for analysing viruses in detail), but also in analysis to improve the all-round security of a company. New protection tools are thus created, perfecting encryption algorithms or using artificial intelligence to predict and prevent potential attacks.
Knowing how to recognise potential problems that could arise is of paramount importance: every employee should learn more about safety issues in order to become, with the knowledge acquired, capable of avoiding the possible risks to which one is constantly exposed. .