Cybersecurity is a complex topic and we want to make it easier for you to understand. In light of that, we’re going to look at who the cybercriminals that threaten your business are, why they engage in cybercrime, and how you can stop them.
Who poses a threat to cybersecurity?
Cybersecurity is complicated, and the entities who work to threaten cybersecurity (called cyber threat actors) have a vested interest in remaining anonymous. (That’s anonymous with a small a, not to be confused with the loosely-affiliated hacktivist group known as Anonymous.)
Cyber threat actors take many different forms, and the Government of Canada has provided an extraordinarily useful classification scheme for all of them. They are:
acts of violence
Insider threats, who may be motivated by profit or discontent
Obviously, your business may only have to contend with a few of these threat actors. You’re unlikely to encounter hack attempts by nation-states unless you have tremendous social or political influence. Hacktivists are also unlikely to target you, unless they find your business morally reprehensible (and with hacktivists, it’s always hard to tell).
This means you’re most likely going to be contending with cybercriminals, thrill-seekers, and insider threats. Insider threats are perhaps the most insidious - they have the most access to your network, and are likely to know its weaknesses. Cybercriminals will attack anyone - your vulnerability to them depends heavily on your network security. Thrill-seekers, meanwhile, will likely only attack your business if some big, newsworthy event happens at your business - then, hacking you may seem more “fun”.
Securing your network against cyber threats
Threat actors will use any means at their disposal when they find a target. For most threat actors your business may be concerned with, the first step is finding the target in the first place - in this case, your business.
Preventing external attacks
There are a number of steps you can take to prevent your business from becoming the target of cyber attacks. These steps include:
Preventing internal attacks
Insider threats are, in many ways, more insidious than threats from external actors. Here, we’re talking about intentional (malicious) insider threats, as opposed to those presented by ignorance. There are many steps you can take, including:
Reporting cyber threats
You can report cyber threats and cyber incidents to the Government of Canada. In circumstances where you believe criminal activity is imminent, you can also report the activity to police - via 911 if it’s an emergency, or by calling your local police line for non-emergencies.
Reporting cyber incidents, even after they occur, helps the government take stock of how many threats businesses face each year. It can also help them better understand what kinds of threats businesses are facing - which in turn allows them to deploy resources to help businesses better protect themselves.
We’ve only scratched the surface of how cyber threats work - we could run several blogs on how malicious actors work and think, how you can guard yourself against the actors, and the ways in which the government gathers and disseminates data on these threats.
If that information is of interest, let us know - we’re always looking for feedback to improve the resources we offer to you. And if you’re looking for IT services in Manitoba to help you better manage cyber threats - get in touch with us.