Cyber Security Archives - University of York

How to prevent identity theft and fraud

May 24, 2024/in Articles, Computer science, Cyber Security /by Ben Nancholas

Cyber security threats are constantly on the rise, as cyber criminals become increasingly more adept at finding new ways into individuals’ private and personal information. In 2023, more than 353 million people were impacted by data breaches. Reports suggest that among these, fraud accounted for 2.5 million, while identity theft was at 1.1 million.

As the numbers indicate, identity theft and fraud are widespread issues in today’s digital world. With increasing reliance on technology at home and in the workplace, our personal information has become more accessible to hackers and fraudsters.

Whether it’s through phishing scams, data breaches, or social media hacking, vigilance is crucial in protecting your identity. Here’s everything you need to know about preventing identity theft and fraud.

What is identity theft?

Identity theft is when someone steals your personal information to commit fraud. This can include your name, address, date of birth, Social Security Number (if you’re in the US) or National Insurance number (if you’re in the UK), credit card or bank account details, and more.

Once fraudsters have this information, they can open accounts, make purchases, and apply for loans in your name without your consent.

Identity theft prevention methods

Preventing identity theft requires a multifaceted approach. Here are some effective methods to safeguard your identity.

Monitor your credit report

Regularly check your credit rating and report from agencies like Experian, Equifax, and TransUnion to spot any suspicious activity. You may be entitled to a free report annually from each agency, so make sure to take advantage of this service.

Use strong passwords

Use unique, complex passwords for each online account you have. Combine letters, numbers, and symbols to create strong passwords. Consider using a password manager to generate and store passwords securely.

Secure your devices

Keep your computer, smartphone, and other devices protected with updated antivirus software. Be cautious when connecting to public wifi networks, as they may not be secure and hackers may be able to access your information through them.

Stay safe on public Wifi networks

If you do use public wifi networks, avoid accessing sensitive accounts or entering personal information unless you’re using a virtual private network (VPN).

Be wary of phishing scams

Don’t click on links or download attachments from suspicious emails, texts, or social media messages. These could be phishing attempts designed to steal your personal details.

Protect personal documents

Keep important documents like your passport, driving licence, credit card statements, and bank statements in a secure location to avoid ID theft. Shred any documents with personal information and account numbers before discarding them.

Set up account alerts

Many banks, lenders, and credit card companies offer account alerts that notify you of suspicious activity. Enable these alerts to stay informed about any unusual transactions.

Secure your mail

If possible, use a locked mailbox or a Royal Mail Post Office (PO) box to receive mail. Be cautious when sharing personal details through the mail.

Limit personal information online

Be mindful of the information you share on social media and other online platforms. Avoid posting personal details like your full name, address, or date of birth.

Enable two-factor authentication

Use two-factor authentication (2FA) whenever possible. This adds an extra layer of security by requiring a second form of authentication when you try to log into an online account. These second forms could be a code sent to your mobile phone or a memorable word.

Keep software updated

Regularly update your devices and software to patch any vulnerabilities that could be exploited by identity thieves.

Use secure websites

Look for the padlock symbol and “https://” in the URL of the website you are on to check it is secure before entering sensitive information. Never share information like card numbers over websites that aren’t secure.

Stay up-to-date on data breaches

According to the Information Commissioner’s Office (ICO), if a UK company has a data breach which is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, those individuals must be informed. If this happens to a company you have a personal account with, they will usually email you to inform you of this, so be sure to open and read these emails to see how severely your personal data has been compromised. Always change your password for the affected account when a data breach occurs.

Check privacy settings

Regularly review and update the privacy settings on your social media accounts and other online platforms to control who can see your information.

What to do when you’ve been a victim of identity theft or fraud

If you suspect you’ve been a victim of identity fraud, take immediate action to minimise the damage:

Contact your bank or credit card company: Inform them of the fraudulent activity and ask them to freeze or close any affected accounts. They can also help you dispute unauthorised charges.

File a report with law enforcement: Report the identity theft to your local police department and obtain a copy of the police report. This documentation may be necessary when disputing fraudulent charges.

Contact the major credit bureaus: Alert the major credit score bureaus of the identity theft. Request that they place a fraud alert on your credit file and provide you with a copy of your credit report.

UK citizens: Consider a Protective Registration: You can apply for Protective Registration with Cifas, a fraud prevention service. This adds an extra layer of protection to your credit file, and ensures companies carry out additional checks to make sure it’s really you when your details are used to apply for a product or service.

US citizens: Report the identity theft to the FTC: File a report with the Federal Trade Commission (FTC) through their website. The FTC provides resources and guidance for identity theft victims.

Monitor your credit report: Continue to monitor your credit report for any suspicious activity. You may also consider enrolling in a credit monitoring service.
Be vigilant for future scams: Remain vigilant for future scams or identity theft attempts. Be cautious with unsolicited phone calls, emails, or messages requesting personal information.

Identity theft and fraud can have serious consequences, but by taking proactive steps to protect your personal information you can reduce the risk of falling victim to these crimes. Stay informed, stay vigilant, and take action to safeguard your identity.

Learn the skills that keep private information safe

If fraud prevention and outsmarting cyber criminals is something you’re passionate about, prepare yourself for a career in this fast-paced and exciting growth industry by studying an online MSc Computer Science with Cyber Security degree with the University of York.

Taught part-time, you can fit your studies around your current commitments while connecting with global peers and growing your network as part of this well-rounded Masters degree.

Why businesses need identity and access management

January 26, 2024/in Articles, Computer science, Cyber Security /by Ben Nancholas

In today’s digital age, businesses heavily depend on technology to simplify operations, increase efficiency and enhance customer experiences.

However, with advancement in technology comes unprecedented opportunities for malicious actors and cybercriminals to exploit security vulnerabilities for financial gain, steal confidential information and inflict costly brand damage to a business. As cyber threats and data breaches increase in intensity, it’s essential for businesses to prioritise the security of their digital assets.

What is identity and access management?

Identity access management (IAM) is an area of cybersecurity that manages user identities and access permissions on a computer network. Systems used for IAM include single sign-on systems, two-factor authentication, multi-factor authentication and privileged access management.

While IAM policies, processes, and technologies differ between companies, any IAM framework aims to ensure that the right users and devices can access the right resources for the right reasons and at the right time.

What are the benefits of identity and access management?

Enhanced security

One of the primary reasons why businesses need IAM is to protect their valuable data from unauthorised access. With the increasing sophistication of cyber-attacks, traditional security measures such as passwords and firewalls are no longer sufficient by themselves.

IAM provides businesses with a comprehensive framework to manage user identities, enforce strong authentication methods, and control critical systems and data access. By implementing identity and access management solutions, companies can significantly reduce the risk of data breaches and protect their reputation.

Improves regulatory compliance

Sectors such as healthcare, finance, and government have strict regulations regarding the handling and storing of sensitive information. Businesses can avoid significant fines and legal consequences by demonstrating compliance.

IAM is crucial in ensuring compliance with industry regulations and data protection laws, while ensuring businesses meet these compliance requirements by providing robust access controls, audit trails and user provisioning/deprovisioning processes.

Simplified operations

IAM enhances operational efficiency by simplifying user management processes. With a centralised IAM system, businesses can automate user provisioning, password resets, and access requests, reducing the burden on IT departments. Automation saves time and resources and improves user experience by providing seamless access to resources across different platforms and devices.

Adopt emerging technologies

IAM enables businesses to securely adopt emerging technologies like cloud computing and mobile applications. As businesses increasingly rely on cloud-based services and mobile devices, managing user identities and access becomes more complex. An IAM framework provides businesses the tools to securely authenticate users, manage their access privileges, and enforce security policies across various platforms and devices.

Why do we need identity and access Management?

When the EU passed the General Data Protection Regulation (GDPR) in 2018, companies worldwide scrambled to prepare for the new era of cybersecurity compliance. IAM is one of the most critical components of any organisation’s security and a prominent aspect of GDPR. Furthermore, the traditional approach to IAM was no longer adequate to handle a mobile workforce, cloud-based networks and applications and a distributed workforce at scale. Therefore, regardless of whether a business operates in the EU, a modern and robust IAM system is required to safeguard a business’s critical assets.

All businesses have security needs, but here are six key features for an identity and access management system fit for the 21st century.

User Provisioning/deprovisioning. Creating and managing user accounts are the cornerstone of any IAM system. IAM enables businesses to automate the process of creating and managing user accounts, which includes:

creating new accounts
assigning roles and access privileges
deactivating or deleting accounts(deprovisioning).

User provisioning and deprovisioning helps streamline the onboarding and offboarding processes, ensuring users have the appropriate access rights to resources based on their roles and responsibilities.

Authentication and Single Sign-On (SSO). Whenever a user logs in to a new application, it’s an opportunity for hackers. IAM provides authentication mechanisms to verify users’ identity, which include traditional methods such as username and password and more advanced methods like multi-factor authentication (MFA) or biometric authentication. IAM also supports single sign-on, allowing users to access multiple applications and systems with a single set of credentials, improving user experience and reducing the need for multiple passwords.

Access Control. It’s vital that the right employees can access the data they need and have the correct security clearances for the job they perform. With an IAM framework in place, businesses can enforce access controls based on user roles and permissions and ensure that users only have access to the resources they need to perform their job functions, reducing the risk of unauthorised access. Importantly, access control can be granular, allowing businesses to define specific permissions for different resources or groups of users.

Identity Lifecycle Management. A strong approach to identity lifecycle management is essential to keeping an organisation running smoothly and its data and systems secure. IAM helps manage the entire lifecycle of user identities, from creation to retirement, which includes:

user registration
account activation
password resets
account deactivation.

Additionally, IAM provides self-service capabilities that enable users to manage their profiles and passwords, reducing IT department workloads.

Auditing and Reporting. Proactively tracking how data is used can help detect anomalies before they become catastrophes. IAM generates audit logs and reports to track user activities and access events. Audit logs and reporting help businesses monitor and analyse user behaviour, detect suspicious activities, and ensure compliance with regulations. Furthermore, auditing and reporting capabilities provide visibility into who accessed what resources and support businesses in identifying and mitigating security risks.

Integration and Federation. IAM integration and federation are essential for managing access and identity across multiple cloud platforms and applications. IAM can integrate with other systems and applications, allowing businesses to centralise user management and access control. In addition, IAM supports federation protocols such as Security Assertion Markup Language (SAML) or OAuth, enabling users to access resources across different domains or organisations without needing multiple login credentials.

Increase cybersecurity resilience to protect your organisation’s assets

Want to learn how to handle different types of cyber-attacks and get the most out of security systems?

Develop expertise across a wide range of core cybersecurity topics and gain an in-depth understanding of the broader computer science field with the University of York’s online MSc Computer Science with Cybersecurity programme.

Our programme has been developed for career-changers considering moving into the exciting computer science industry – no prior knowledge of computing is required. You’ll explore topics such as database management, network infrastructure, data science, programming, software engineering, artificial intelligence and computer architecture, and specialist cybersecurity and information security subjects.

You’ll also gain key skills and knowledge to safeguard against cyber threats, including cryptography, threat intelligence, risk management, and application and network security.

Why is cybersecurity important?

October 27, 2023/in Articles, Computer science, Cyber Security /by Ben Nancholas

Our modern, interconnected lives rely on technological advances and capabilities – from the way we bank and communicate with friends, to how we buy groceries and manage our homes.

The Internet of Things (IoT) has made this revolution of convenience, speed, access and application possible. With approximately 15.14 billion IoT-connected devices as of 2023, these technologies –such as our smartphones, tablets and laptops – are present in just about every aspect of our lives.

While this brings with it great benefits, such proliferation of tech – and our increasing reliance on it – also creates irresistible attack surfaces for hackers, threat actors and cybercriminals. Between 2022 and 2023, 32% of small businesses, 59% of medium businesses, and 69% of large businesses in the UK reported an attack or breach. With cybercrime on the rise, cybersecurity – and its role in preserving our data, infrastructure and privacy – is critical.

Why is cybersecurity important?

Cyberattacks and cyberthreats can have devastating, far-reaching consequences for businesses, individuals and wider society. Not only can attacks prove expensive, they also threaten information security, destabilise livelihoods and cause widespread disruption.

The importance of cybersecurity lies in its ability to protect against theft, loss and damage. Where it fails, cybercrime can have a number of outcomes:

Economic implications – As well as the theft of corporate information and intellectual property, cyberthreats can disrupt trading and damage systems. There can also be national security threats, where criminals target critical infrastructure such as payment systems, power grids and water supply systems in an attempt to sow chaos, or cause disruption by acts such as vandalising government websites.
Regulatory issues – Cybercrime targets all types of sensitive and private data, including personally identifiable information (PII), intellectual property, financial details and protected health information (PHI). This is not only risky from an identity theft and data theft perspective, but also breaches general data protection regulations (GDPR).
Reputational damage – Customers want to know their personal customer data is in safe hands. Breaches can lead to loss of current and future business, reduced competitive advantage, unfavourable media coverage and loss of trust in a brand.

Without a robust, considered cybersecurity programme, businesses of all sizes – and across all industries – are less able to defend themselves against data breaches.

What are the main threats to cybersecurity?

Hackers continually develop the methods used to breach network security and gain access our systems, devices and sensitive data – meaning cybersecurity professionals have the ongoing task of remaining one step ahead of them.

There are numerous common cybersecurity threats:

Malware. Malicious software – including spyware, ransomware, Trojans, viruses and worms – is used to infect computer systems, steal personal data or disrupt operations.
Phishing. In phishing attacks, individuals are tricked into revealing or sharing sensitive information. The attacks mimic legitimate entities – such as an email from a bank, an ad on social media or a text message from a relative – but are, in fact, social engineering scams designed to expose details such as login credentials or financial information.
Zero-day exploits. Vulnerabilities in software or hardware not known to the manufacturer or developer are targeted, leaving ‘zero days’ of defence until a solution or patch is developed.
Distributed denial-of-service (DDoS) attacks. During a DDoS attack, a provider’s website or network is flooded with traffic in a bid to render it slow or unavailable.
Man-in-the-middle (MitM) attacks. Also known as an ‘eavesdropping’ attack, criminals interrupt communications or data transfers and pretend to be the participants. From here, they can intercept data and information and also infect systems with malware.
Insider threats. Insider threats are not always malicious; often, issues of data security result from accidental employee actions. This can include data leaks, allowing unauthorised access or password sharing.

Other common threats include supply chain attacks, cryptojacking, misconfigured cloud services and cloud security settings and advanced persistent threats (APTs).

Identifying and understanding the type and nature of these threats is the key to mitigating them, which isexactly why talented cybersecurity experts are in such high demand across all global industries.

What can be done to protect against security breaches and attacks?

Effective cybersecurity measures help to defend our data, infrastructure, assets and livelihoods against a host of threats. Fortunately, there are plenty of ways in which organisations can minimise system breaches and protect against future attacks.

Safeguard against unauthorised access and other security risks by:

enabling multi-factor authentication
performing penetration testing to assess and identify vulnerabilities
developing regular updates and patches
using strong passwords
limiting and monitoring access
monitoring all devices connected to networks
installing firewalls and anti-virus software
using a virtual private network (VPN) and never connecting to unsecured or unknown Wi-Fi networks
encrypting data
configuring cloud systems and other key infrastructure correctly
training employees and other users on security practices such as avoiding phishing scams
making regular back-ups of data and ensuring its secure storage
establishing a disaster recovery/incident response plan
conducting employee screening
utilising automation tools for threat detection and monitoring.

As threats evolve, so too should cybersecurity practices, defenses and expertise. Security controls must be in place across every aspect of an organisation’s network and monitored proactively to stay ahead of malicious threats.

Increase cybersecurity resilience to protect your organisation’s assets

Want to learn how to handle different types of cyberattacks and get the most out of security systems?

Develop expertise across a wide range of core cybersecurity topics – as well as in-depth understanding of the wider computer science field – with the University of York’s online MSc Computer Science with Cybersecurity programme.

Our course has been developed for career-changers who are thinking about moving into the exciting computer science industry – no prior knowledge of computing is required. You’ll explore topics such as database management, network infrastructure, data science, programming, software engineering, artificial intelligence and computer architecture, together with specialist subjects in the cybersecurity and information security space. Gain key skills and knowledge to safeguard against cyberthreats including cryptography, threat intelligence, risk management, application security and network security.

Protecting against cybersecurity threats

October 20, 2023/in Articles, Computer science, Cyber Security /by Ben Nancholas

Within today’s hyperconnected digital landscape, cybersecurity threats have evolved to become a complex and ever-present challenge for individuals, businesses and governments. While the rapid advancement of technology has opened up unprecedented opportunities, it has also created a playground for malicious actors and cyber criminals who aim to exploit security vulnerabilities for financial gain, ill-gotten confidential information, or simply to inflict damage.

These cybercrime threats can compromise sensitive information – such as credit card details or passwords for email or social media accounts – cripple computer systems, and even jeopardise national security, so it’s essential to have robust security solutions in place and to stay vigilant against emerging threats.

Common cybersecurity threats

To proactively protect against cyberattacks , it’s helpful to understand the different types of cybersecurity threats – particularly the ones most likely to strike.

Malware

Malware is a blanket term for various types of malicious software, including computer viruses and worms, that infiltrate systems with the intent of causing harm. This may be done via malicious links in emails, hacked websites, infected files or programmes, and so on.

Phishing

Phishing attacks involve cybercriminals masquerading as legitimate entities to trick users into revealing sensitive data. While phishing scams will target a huge number of people, there are also attacks known as spear phishing, which target a specific individual. Phishing is a threat to organisational information security, but it can also lead to more personal consequences such as identity theft.

Ransomware

Ransomware attacks involve accessing, extracting, and encrypting a victim’s data in order to demand a ransom for its release. These attacks can target both individuals and high-profile organisations.

Spyware

As its name suggests, spyware infiltrates systems to gather information without the user’s consent. A type of malware, spyware can record keystrokes, capture screenshots and even access webcams.

Trojans

Trojan horse attacks disguise malicious code as legitimate software. Once installed, Trojans provide unauthorised access to the attacker through a system’s backdoor, and can lead to large-scale data breaches.

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks

Denial of service attacks work to overload a target system or network with a flood of traffic, rendering it unavailable to legitimate users. DDoS attacks amplify this effect by using multiple sources, often malware-compromised machines known as bots or a botnet.

Man-in-the-middle attack (MitM attack)

During a MitM attack, an attacker aims to intercept communications between two other parties without their knowledge. This allows the attacker to eavesdrop within the conversation, alter messages or even inject malicious code into the communications.

Structured query language (SQL) injections

SQL injection attacks manipulate a database query through malicious code. If successful, attackers can gain unauthorised access to a target system’s database and critical infrastructure and potentially even destroy it.

Understanding the difference between a cyber attack and a cyber threat

A cyber threat is a potential danger. It’s a threat that could exploit a vulnerability in a system or network, but may not come to pass.

A cyberattack , meanwhile, is a threat brought to life – a vulnerability exploited in order to compromise a system, steal data, disrupt services or carry out other malicious activities.

The best protections against cyber threats

There are a number of safeguards available to both individuals and organisations that want to bolster their digital defences against cybersecurity risks. Many of these have become increasingly important in the era of remote working, where people are working away from the office and therefore away from their employer-protected IP address and internet or Wi-Fi services.

Patch and update regularly. Keeping hardware – including laptops and mobile devices – as well as operating systems, software apps, and Internet of Things devices (IoT devices) up to date is essential. Software updates in particular often include patches that address known vulnerabilities – known as attack vectors – and prevent attackers from exploiting them.
Require additional user authentication. Implementing stronger-than-average authentication measures adds extra layers of digital security and makes it more difficult for unauthorised parties to gain access to data and wider systems. Examples of additional user authentication include two-factor authentication, multi-factor authentication and biometric verification.
Invest in endpoint security. Endpoint security solutions protect individual devices from a wide array of threats, such as malware. They provide real-time monitoring, threat detection and immediate response capabilities.
Bolster network security. Using security measures such as firewalls plays an important role in safeguarding computer networks. Firewalls act as a barrier between a trusted internal network and untrusted external networks, scrutinising incoming and outgoing traffic while filtering out malicious content and potential threats as needed.
Apply encryption measures. Encrypting sensitive data for transmission and storage ensures that even if data falls into the wrong hands, it remains unreadable.
Complete regular backups. Regularly backing up data and other critical information to secure locations, such as in the cloud, ensures that it is always accessible and can help mitigate the impact of ransomware attacks and data breaches. Regular backups also protect against events such as system crashes or human error.

According to Microsoft, an effective cybersecurity programme “includes people, processes, and technology solutions that together reduce the risk of business disruption, financial loss, and reputational damage from an attack.”

So in addition to technical safeguards, it’s also important that individual people have a firm understanding of cyber threats and cybersecurity education more generally. Within organisations, this includes:

Comprehensive cybersecurity training for employees to ensure they can recognise phishing attempts, social engineering tactics and other deceptive methods used by cybercriminals and hackers.
Staying informed about the latest threats and safety measures.
Having a well-defined incident response plan in place to ensure that the business can respond swiftly and effectively to cyber threats, and minimise potential damage.

Stay ahead of cybersecurity threats

Explore the fundamentals of cybersecurity – including typical threats and a range of technologies that can help to reduce risk, increase protection and remain compliant – with the 100% online MSc Computer Science with Cyber Security from the University of York. This flexible Masters degree is aimed at working professionals and graduates from disciplines outside computer science, and it’s studied entirely online, so you can complete your degree from anywhere around your existing personal and professional commitments.

You will explore a range of cyber concepts and solutions such as cryptography and memory and resource management. Alongside the specialism in cybersecurity, you’ll also explore computational thinking and problem-solving across software, hardware and artificial intelligence.

What does a cybersecurity analyst do?

October 12, 2023/in Articles, Computer science, Cyber Security /by Ben Nancholas

Last year, 39% of UK businesses identified a cyberattack on their networks, operating systems and infrastructure, with the most common threats including phishing, denial of service (DoS), malware and ransomware attacks. Of this group, 31% estimated they were targeted at least once a week.

With cybercrime rates on the rise – and methods of attack growing in sophistication – businesses must take their data security more seriously than ever. As a direct result, the job outlook for cybersecurity professionals with the skills to guard against security risks and threat actors is positive. In fact, according to the U.S. Bureau of Labor Statistics (BLS) it’s estimated that job growth for cyber and information security analysts is projected to increase 35% from 2021 to 2031 – much faster than the average for all occupations.

What is a cybersecurity analyst?

A cybersecurity analyst is a computer science professional who helps design and implement security systems and solutions to protect a company’s computer networks from cyberattacks. These specialists act as a ‘first line of defence’ against hackers and cybercriminals who try to exploit system vulnerabilities, defending hardware, software and networks from malicious activity and closely monitoring IT infrastructure and assets.

What does the role of a cybersecurity analyst involve?

The process and specifics of preparing for, and responding to, cybersecurity breaches may differ depending on the workplace, organisation and sector – however, the general outline of an analyst’s role remains the same.

Security analysts spend their time managing software, monitoring network security, developing security plans, reporting on security, and researching trends and developments in order to keep themselves – and the companies they protect – up to date and ahead of any potential issues.

Further day-to-day tasks and responsibilities often include:

identifying and resolving threats in order to protect information systems
defining access privileges
implementing, maintaining and upgrading security measures, such as firewalls and antivirus security software
performing penetration tests
monitoring security breaches and following incident response procedures
assessing risks and suggesting/developing improvements
conducting ongoing audits and assessments to detect inefficiencies and violations
compiling security performance reports and sharing results with stakeholders.

Are there different types of cybersecurity analysts?

While all cybersecurity professionals aim to protect systems, networks and software from cyberthreats and data breaches – ensuring the private information of businesses and individuals is secure – there is variety within the field. As such, there’s plenty of scope to narrow your cybersecurity focus and role to an area that most interests you or suits your skill set.

Indeed list a number of positions that are similar to cybersecurity analyst roles:

Computer forensic analyst
IT security specialist
Security manager
Security engineer
Security consultant
Director of security
Security administrator
Information security analyst
Security specialist
Chief information officer
Network security engineer
Machine learning engineer.

How can I get a job as a cybersecurity analyst?

While undergraduate and Masters degrees are a common – and quicker – route into the profession, you don’t necessarily need to work in cybersecurity. Securing an entry-level IT role, and then working your way up and into cybersecurity – by way of experience and gaining industry certifications – presents a good alternative. Apprenticeships in cybersecurity are also an option. However, if you do have a degree in an unrelated subject and wish to secure a graduate-level role in the cyber field, a computer science Master programme that covers cybersecurity is ideal.

There are a number of specific technical skills you’ll need to work as a cybersecurity analyst or in cyber-related fields. These include:

application security development
network security
cloud security
risk and compliance auditing
penetration testing
threat intelligence analysis
identity and access management
mobile and remote computing
communication
problem-solving
leadership
creativity.

Over time, your degree subject will be less important to potential employers as you gain relevant skills and experience that demonstrate your cybersecurity capabilities.Other ways of developing the skills and competencies required is to participate in a cybersecurity bootcamp, or undertake an internship to gain practical work experience.

Do I need cybersecurity certifications?

Whether you’re an entry-level analyst, want to upskill in a specific area to enhance your existing practice or land a certain specialised role, a cybersecurity qualification could be the answer.

Whatever aspect of the cybersecurity field you’re interested in, the following cybersecurity certifications could help:

Certified Ethical Hacker Certification, where ethical hacking skills and expertise are used lawfully and legitimately to enhance and assess company cybersecurity
CISSP Certification (Certified Information Systems Security Professional), which validates skills related to the design, building and maintenance of secure business environments using globally approved information security standards
CISA Certification (Certified Information Systems Auditor), is a globally recognised certification validating skills in the audit, control and security of information systems.

CompTIA Security have compiled a detailed list of other highly regarded, widely accepted cybersecurity certifications. There are online options, full-time and part-time learning models, practitioner-led and self-guided options available, depending on your needs and current commitments.

What is the average salary of a cybersecurity analyst?

With demand for specialists soaring in recent years, cybersecurity can be a lucrative career path with great job security.

The cybersecurity analyst salary varies depending on type of industry, specific job requirements, job location, and individual skills and experience. According to Prospects, starting salaries average between £25,000-£35,000, experienced and senior analysts earn upwards of £35,000 and in excess of £60,000, and managerial and leadership roles can command upwards of £70,000 on average.

Gain the specialist skills to design, implement and monitor IT security measures

If you’re thinking about a fast-paced and rewarding cybersecurity career, develop the expertise and skills to succeed with the University of York’s online MSc Computer Science with Cybersecurity programme.

Our flexible, 100%-online course has been designed for individuals without computer science or information technology backgrounds. You’ll gain an in-depth and solid understanding of computing fundamentals, including computer systems and network infrastructure, protocols, programming techniques and languages – including Python – and data analytics. Alongside this, specialist modules in security engineering will cover cryptography, access management, password protection, safeguarding against cyber threats, memory and resource management, incident response planning, and more.

What is cryptography?

October 6, 2023/in Articles, Computer science, Cyber Security /by Ben Nancholas

Modern cryptography is a process used to keep digital communications secure, ensuring that only the intended senders and receivers of data can view the information.

This is achieved by using cryptographic algorithms and keys, and includes a few key steps:

The user’s original information – known as plaintext – is encrypted into something called ciphertext, which will be indecipherable to anyone except the message’s intended recipients.
The encrypted message is then sent to the receiver. Even in the event of interception by an unintended recipient, the cryptographic algorithms will safeguard and protect data.
Once received, a key is used for decryption, enabling the receiver to access the original message.

Why cryptography is important

It’s clear that cryptography provides vital data security, and this has become increasingly important in today’s interconnected world where data flows non-stop across devices and networks, and the confidentiality, integrity, and authenticity of information has become paramount.

“Cryptography is one of the most important tools businesses use to secure the systems that hold their most important data assets,” writes Forbes in a 2021 article about cryptography. “Vulnerabilities resulting from an absence of cryptography or having noncompliant crypto and unmanaged public key infrastructure (PKI) lead to business disruptions, data breaches and brand erosion. The average cost of a breach in the U.S. is $8.6 million, according to IBM and the Ponemon Institute, and mega-breaches can surpass a whopping $1 billion.”

Understanding the difference between cryptography and encryption

Cryptography and encryption are closely related terms, but they refer to distinct concepts. Cryptography has a broader scope, including the entire field of techniques and methods for securing information. Encryption, on the other hand, is a specific method used within cryptography to transform data into an unreadable format for unauthorised users.

Types of cryptography

Symmetric cryptography. In symmetric cryptography, the same secret key – shared by the sender and the recipient – is used to encrypt and decrypt. The single key method is efficient for securing data, but securely exchanging the secret key between parties can present a security challenge.
Asymmetric cryptography. Asymmetric cryptography, or public key cryptography, uses two different keys. The first is a public key, which is accessible to anyone, and the second is a private key, which is kept secret by its owner. Asymmetric cryptography and public key encryption eliminate the need to exchange secret keys, but are more computationally intensive than symmetric cryptography.
Hash functions. Hashing algorithms that don’t require a key. For example, they’re used for verifying passwords.

How is cryptography used in digital security?

Cryptosystems have several key applications, including:

Safeguarding sensitive information. Cryptography is used to encrypt sensitive data, such as credit card details and digital currencies and cryptocurrency, during transmission and storage.
Enabling authentication systems. Cryptographic techniques ensure the authenticity of messages and the identity of the sender. This helps in verifying the legitimacy of the sender and detecting any tampering with the message. Cryptography also prevents non-repudiation, ensuring that the sender of a message cannot deny their involvement in sending it, because digital signatures provide evidence that the message was indeed sent by the claimed sender.
Protecting data integrity. Cryptography ensures that data remains unchanged during transit by generating what’s known as a hash value, which is a fixed-size string derived from the original data. Any alteration to the data will result in a different hash value, alerting the recipient to potential tampering.
Securing communications. Cryptography provides secure communications, particularly on websites. For example, SSL (secure sockets layer) and TLS (transport layer security) ensure that data exchanged between a user and a server remains confidential.

Cryptography: examples

Common examples of cryptography algorithms and systems include:

Advanced Encryption Standard (AES). AES, a symmetric encryption algorithm, is widely used to secure sensitive information. It’s employed in various ways, from securing banking transactions to protecting classified government documents.
RSA (Rivest-Shamir-Adleman). A prominent asymmetric encryption algorithm, RSA is often used for secure key exchanges and digital signatures on the internet.
Diffie-Hellman Key Exchange. The Diffie-Hellman method enables the secure exchange of cryptographic keys over an insecure channel.
Data Encryption Standard (DES). DES is a symmetric key cryptography algorithm that encrypts chunks of data in what’s known as a block cipher.
Digital Signature Algorithm (DSA). DSA algorithms are used to generate and authenticate digital signatures.
Elliptic Curve Cryptography (ECC). ECC can create asymmetric keys more efficiently than RSA algorithms.

The future of cryptography

The future of cryptography is in quantum cryptography, with the hope it provides unhackable data encryption. But while quantum computing can be used in aid of cryptography, it’s can also be used against it:

“Quantum computers use a different computing architecture that can solve certain types of problems much faster than classical computers, including the mathematical problems used in some encryption methods,” explains Forbes. “As such, quantum computers have the potential to render current encryption methods vulnerable to attack, compromising the security of sensitive data. Thus, the threat becomes real when more powerful quantum computers are developed in the future, which could defeat commonly used encryption systems.”

Experts believe that some cyber criminals are already storing encrypted data now in the hopes of decrypting it once they have access to more powerful quantum computers in the years to come:

“It’s becoming increasingly common for data thieves to steal and store data until more powerful computers can decrypt it and present opportunities for espionage, blackmail or sale in the future.”

Build secure cryptosystems with a career in cybersecurity

Develop your expertise in cryptography with the 100% online MSc Computer Science with Cyber Security from the University of York. This flexible Masters degree is aimed at working professionals and graduates from other disciplines who want to build a career in computer science and cyber security.

In addition to cryptography, you will explore a range of other cyber concepts and solutions such as memory and resource management, password protection, and denial of service attacks (DoS). You’ll also learn about programming techniques, computer and network security infrastructure and protocols, security risks and security engineering.

Cloud computing: security risks and security measures

September 29, 2023/in Articles, Computer science, Cyber Security /by Ben Nancholas

Advances in cloud computing have revolutionised the ways in which businesses can operate. From data gathering and storage to interconnected, convenient working to fast scalability, they offer huge advantages that streamline processes, support flexible and sustainable growth, improve customer experiences, and boost competitiveness – among many others.

However, with more and more organisations relying on cloud-based technologies to conduct business – an estimated 94% of enterprises use a cloud service – it’s imperative that leaders invest in securing their systems against cyberattacks and other threats.

With cybercrime rates growing in tandem with widespread cloud adoption – tech giant Microsoft reportedly detects 1.5 million attempts a day to compromise its systems – companies are on the look-out for talented computer science and cybersecurity specialists who can help safeguard their assets.

What are the main security risks of cloud computing?

As well as being expensive, disruptive to business operations and damaging to brand reputation, cloud hacks can result in compromised confidential data, data loss and regulatory compliance failure.

Whether it’s a public cloud, private cloud, multi-cloud or any other type, understanding the risks and security threats associated with cloud applications as a whole is critical. After all, an awareness of common risks ahead of time will help digital teams to better prepare for any eventuality.

Here are some of the most common security risks associated with cloud-based operations:

Unmanaged attack surface. The move to the cloud and an increase in remote work have fragmented attack surfaces, making it easy for attackers to find unmanaged assets with critical exposures. Each new workload that connects with these public networks presents a new, unmanaged attack surface.
Data breach. Data is the primary target of most cyberattacks – for example, internal documents that could sabotage a company’s stock price or cause reputational damage, and personally identifiable information (PII) and personal health information (PHI) which can lead to identity theft. Data breaches involve sensitive information being taken or compromised without the knowledge or permission of the owner.
Misconfiguration. Cloud service providers (CSP) – such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), Oracle Cloud and IBM Cloud are numerous and diverse, with many organisations choosing to use more than one. This can bring with it a degree of risk, as different default configurations and implementations can lead to critical system vulnerabilities – which cybercriminals and hackers will exploit.
Human error. Human error can present a huge risk when building any business application, and ever more so in relation to hosting cloud resources. In fact, Gartner estimates that by 2025, 99% of all cloud security failures will result from some degree of human error. For example, users may use unknown or unmanaged application programming interfaces (insecure APIs), inadvertently creating holes in cloud perimeters and leaving networks and sensitive data resources open to attack.

There are, of course, any number of other security risks and cloud security threats: denial-of-service (DoS) attacks, malware, phishing, data leakage, cloud vendor security risk, unauthorised access, insider threats, limited visibility of network systems and many more.

How can cloud security issues be managed?

While risk cannot be completely eliminated, it can certainly be managed.

As well as choosing a cloud service provider wisely, the following risk management and risk assessment strategies will help reduce the risks associated with using cloud environments:

Cloud penetration testing. Proactive testing is an effective method to assess the cloud’s current security measures by attempting to exploit vulnerabilities. It may also indicate areas for improvement ahead of a real attack, such as reinforcing a firewall or boosting other security software.
Data security audit. How often are routine security audits conducted? Complete transparency regarding cloud security measures – including how effective they are at protecting personal data and files and how they are implemented – is key.
Contingency planning. Is a business continuity plan in place that details a strategy for protecting cloud data and systems in the event of an emergency – and how often is it tested? Are there regular backups of cloud storage? Emergencies will vary but should include events such as natural disasters and catastrophic cyberattacks.
Security training. Can your CSP provide training to help upskill staff and protect against potential security risks? Team members who understand how their employer’s cloud storage and data management system works – and what the best practices are, such as enabling two-factor authentication and limiting access controls – will be better prepared to avoid attacks on their personal data, information and files.

Organisations should not be scared of using cloud software, but they should understand the risk and ensure the right risk management strategies are in place. From this strong position, they can maximise the benefits of transformational cloud technologies and use them to drive the business towards its goals.

Where can I learn more about good cloud security?

IT and cybersecurity professionals can find out more about how to implement robust cloud security from three key international frameworks.

The International Organization for Standardization (ISO) provides checklists that can help with establishing new cloud systems and cloud infrastructure.he National Institute of Standards and Technology (NIST) presents new system frameworks and supports troubleshooting of specific problems. Cloud Security Alliance (CSA) offers operational standards and resources for auditing and vetting systems.

Stay ahead of the latest security measures and developments to protect against cybercrime

Want to learn to develop and implement effective security controls to help organisations protect their assets and remain compliant?

Gain key understanding of computational thinking – and develop specialist understanding of cybersecurity challenges and solutions – with the University of York’s online MSc Computer Science with Cyber Security programme.

If you’re ready to switch to a career in the computer science and cybersecurity sector and develop skills and expertise applicable to almost any industry, our flexible course is the ideal choice for you. You’ll become adept at problem solving and addressing critical, real-world scenarios as you advance your knowledge of software, hardware, artificial intelligence, digital infrastructure, network systems, data science and data security.

What is infrastructure security in cloud computing?

September 21, 2023/in Articles, Computer science, Cyber Security /by Ben Nancholas

Society’s pivot towards cloud computing environments for work and personal use has occurred at pace over recent years. With work migrating to the cloud and businesses adopting a cloud-first approach to wider operations more generally, our reliance on cloud applications grows by the day.

Business leaders and computer science specialists must ensure that adequate cloud computing security is prioritised amid these rapid technological advances and transitions. It’s a concern for many, with 75% of businesses and 68% of cybersecurity experts pinpointing misconfigured cloud infrastructure as the top security threat.

What is cloud infrastructure security?

The aim of cloud infrastructure security is to protect cloud-based assets from cybersecurity threats. There are a number of challenges presented by modern cloud computing – from regulatory demands to inconsistent and patchy security policies – which cloud security frameworks make it simpler and easier to address.

Despite this, traditional tools and methods of network security still create critical gaps and vulnerabilities that hackers can leverage. Some of the key security challenges and risks associated with cloud networks include:

data breaches
visibility
migration of dynamic workloads
misconfigurations
unsecured APIs
access control/unauthorised access
securing the control plane
security compliance and auditing
end user error and lack of security awareness.

The nature of cloud systems is that they are dynamic; cloud resources can be particularly short-lived, with many being created and deleted multiple times each day. As a result, each individual ‘building block’ in a cloud network must be robustly and systematically secured – though it is made more complicated by working practice shifts such as bring-your-own-device (BYOD) and remote working.

Cloud data is primarily stored in public cloud and private clouds, although other cloud strategies – such as multi-cloud and hybrid cloud – are also popular. There are four main cloud computing service models: infrastructure as a service (IaaS), software as a service (SaaS), platform as a service (PaaS), and serverless.

What are the components of cloud infrastructure security?

There are at least seven basic components that make up a typical cloud environment and underpin infrastructure security.earning the best practices of each can help to secure each individual element against security threats:

User accounts. User service accounts provide access to certain areas of critical cloud infrastructure.If compromised, hackers can gain access to sensitive data across the cloud network. These new accounts often feature default settings with little or no authentication processes. Identity and access management (IAC) tools can help to reinforce security by tightly controlling account access and authentication, cloud configuration monitoring can auto-detect unsecured accounts, and account usage as a whole can be monitored to detect real-time unusual activity.
Servers. While cloud settings are rooted in virtualisation, physical hardware (including on-premises physical servers, load balancers, routers and storage devices) is still required behind the scenes, in different geographical locations. Maximising server security relies on controlling inbound and outbound communications – as well as encrypting communications – using SSH keys, and minimising access privileges.
Storage systems. Abstracted storage systems and virtualised resources can use automation for scaling and provisioning requirements. Common security measures related to cloud storage include removing unused data, blocking access where it is not required, classifying data by its sensitivity, using identity and access management (IAM) systems, identifying and tracking connected devices, and using cloud data loss prevention (DLP) tools.
Networks. Cloud services and systems can make use of public networks and virtual private networks (VPNs) – known as a VNet in Azure and a VPC in Amazon. Best practices for networks include using security groups and Network Access Control Lists (ACL) to limit network access, establishing firewalls to detect malware and other suspicious activity, and deploying cloud security posture management (CSPM) tools.
Hypervisors. All cloud systems are based on hypervisors, making it possible to run multiple virtual machines with separate operating systems. For organisations using private cloud systems, securing hypervisors is a critical responsibility. This means hardening, patching, isolating and physically securing any machines that use hypervisors to data centers. Additionally, securing hardware caches, monitoring development and testing environments and controlling access is required.
Databases. Cloud databases – together with the applications and cloud servers they are linked with – are vulnerable to data breaches as they are easily exposed to public networks. Any database security strategy should include limiting network access, enabling database security policies, locking down permissions, ensuring end user device security, and hardening configuration and instances.
Kubernetes. All cloud computing layers need to have protective defences in place. Kubernetes, an open-source system that supports containerised applications, states that there are four key areas where security controls must be in place: code, containers, clusters and cloud.

If not properly configured and reinforced by best practice, each component can present an attack surface for cybercriminals to target.

What’s next for cloud infrastructure security?

If there’s one certainty in the cloud security space, it’s that its constant evolution demands that business leaders and providers stay on top of developing trends and threats.

Experts predict an increasing focus on the use of cloud forensics and incident response, allowing cybersecurity specialists greater visibility over, and faster response to, multi-cloud, serverless and container-based threats. Any tools and strategies that support process automation and simplification are also welcomed, and considered fundamental in addressing skills gaps in the digital security space and reducing cloud complexity. Throughout this evolution and beyond, security teams must prioritise proactive vigilance in order to effectively protect systems and assets, and manage use and scalability sustainably and securely.

Learn how to develop and implement impactful, effective cybersecurity solutions

Are you thinking about switching careers and joining the in-demand cybersecurity and data protection sector?

If so, you can gain essential computational thinking skills – together with an in-depth, practical understanding of safeguarding against cyberattacks – with the University of York’s online MSc Computer Science with Cyber Security programme.

Designed specifically for individuals from non-computing backgrounds, our flexible, 100%-online course covers a comprehensive range of topics to develop your skills and expertise including programming, network and IT infrastructure, system architecture and data science. In addition, you’ll gain in-depth understanding of the cybersecurity space – studying topics such as cryptography, cloud security, memory and resource management, access management auditing, data security and password protection – and applying cyber solutions to real-world problems.

What is IoT security?

September 7, 2023/in Articles, Computer science, Cyber Security /by Ben Nancholas

The Internet of Things (IoT) refers to ‘the concept of connecting any device that has an on/off switch to the Internet and other connected devices’. This huge wireless network of internet-connected devices and people enables data collection and sharing on a vast, global scale, encompassing both how electronic devices are used and how users interact with environments. The IoT includes smart devices – the common, physical objects connected within the IoT ecosystem via Wi-Fi or Bluetooth – such as smart watches, smartphones, smart vehicles and smart home appliances.

However, while IoT provides convenience and accessibility on a colossal scale, it also brings with it a great number of risks. Without sufficient protection, IoT devices that are allowed to connect to the internet can be susceptible to various critical vulnerabilities and exploitations – a fact businesses and service providers must be aware of if they are to protect against security risks.

What is IoT security and why is it important?

The ever-expanding number of pathways between IoT systems and devices creates a greater capacity for ‘threat actors’, such as cybercriminals and hackers, to intercept and interfere with digital technologies. Cyberattacks are a matter of national and international security, as businesses and individuals who fall victim to cybercrime risk having their identities, money, data or other properties stolen.

Issues of cybersecurity and cybercrime continue to pose critical threats to organisations and individuals across the world, as recent statistics illustrate.

The average cost of a single ransomware attack is $1.85 million – and cybercrime will cost companies worldwide an estimated $10.5 trillion by 2025.
The rate of detection or prosecution of cybercriminals is as low as 0.05%.
43% of cyber attacks are aimed at small businesses, but only 14% are sufficiently prepared to defend themselves.

Such attacks have the potential to disrupt usual business operations, cause damage to important assets and infrastructure, lead to extortion, and demand a huge amount of budget and resources to remedy – resources many businesses simply do not have.

IoT security, therefore, refers to the broad range of strategies, protocols, techniques and actions used to mitigate the increasing risk of threats all modern businesses face. It aims to secure IoT devices and connected networks and operating systems from threats and breaches by protecting, identifying and monitoring risks across all attack surfaces, as well as assisting to resolve security weaknesses.

What are the main security issues facing IoT systems?

According to the National Crime Agency, the most common attack types include: hacking, phishing, malicious software and distributed denial of service (DDoS) attacks. Security threats are as numerous as they are creative, and their exact nature can vary across industries and the types of device, use cases and systems under threat. For example, the healthcare sector relies on IoT devices that feature some of the highest share of security issues, such as medical imaging systems, patient monitoring systems, and medical device gateways. Other key contenders across other industries include energy management devices, IP phones, consumer electronics, printers and security cameras.

The most common IoT security threats can be divided into three main categories.

Exploits, accounting for 41% of threats: examples include network scans, remote code executions, command injections, buffer overflows, SQL injections and zero-days.
Malware, accounting for 33% of threats: examples include worms, ransomware, backdoor trojans and botnets (such as Mirai).
User practice, accounting for 26% of threats: examples include password vulnerabilities, phishing and cryptojacking.

In practice, these threats are often due to:

weak, guessable or hardcoded passwords
insecure network services
insecure ecosystem interfaces
lack of secure update mechanisms
use of insecure or outdated components
insufficient privacy protection
insecure data transfer and storage
lack of device management
insecure default passwords and settings
lack of physical hardening.

Fortunately, there are a whole host of real-time security measures organisations can adopt and implement to protect their network-connected systems, assets and workforces.

What are the most important IoT security solutions?

IoT security is often described as ‘the backbone of the internet’. Threats, challenges and IoT attacks are real and require the immediate attention of all businesses. IoT system vulnerabilities and threats keep mutating – so our security solutions must do the same.

If effective and lasting solutions to security threats are to be developed and implemented, organisations must take into account the entire IoT security lifecycle: understand IoT assets, assess IoT risks, apply risk reduction policies, prevent known threats, and detect and respond to unknown threats.

With this knowledge and insight in place, cybersecurity professionals can begin rolling out IoT security best practices including:

tracking and managing all devices
conducting patching and remediation efforts
updating passwords and credentials
using up-to-date encryption protocols
conducting penetration testing and evaluation
understanding the endpoints
ensuring segmentation of networks
enabling multi-factor authentication.

These are just some of the many methods that can reinforce IoT device security. Using specialist software and tools, such as Microsoft Defender for IoT, is another option organisations can also invest in for more comprehensive coverage.

Gain the skills to protect against cyberattacks and enforce network security

Develop key computational thinking skills – and learn how to safeguard systems against cyber security challenges, threats and techniques – with the University of York’s online MSc Computer Science with Cyber Security programme.

Designed for individuals who don’t have a computing or IT background, our 100% online, flexible course equips you with the knowledge, skills and understanding to move into a career in the computer science sector. You’ll develop a keen theoretical and practical understanding of programming techniques, computer and network infrastructure, security risks and security engineering, and explore cyber concepts such as cryptography, cloud security, memory and resource management, password protection and DoS. Every aspect of your learning will have critical, real-world application, and you’ll be supported by experts in the field throughout your online studies.

Choose from modules including security engineering, advanced programming, cyber security threats, artificial intelligence and machine learning, algorithms and data structures, and much more.

What is network security?

August 24, 2023/in Articles, Computer science, Cyber Security /by Ben Nancholas

Network security is the term used for the collection of policies, practices, and technologies that are used to protect computer networks – and the data they transmit – from unauthorised access, misuse or disruption.

Network security works to secure both the physical and virtual components of a network – including routers, servers, gateways, wireless networks, and other devices connected to the network infrastructure – from threats and breaches.

In an interconnected world where information flows seamlessly between devices and networks, network security has become a fundamental tool for protecting against cyber threats.

Why is network security important?

Network security is one of the most effective tools available in the fight against hackers and other cybercriminals. And, with technology central to most of our daily activity, network security is now a critical consideration in all digital development. Network security works to:

Protect sensitive data. Network security safeguards sensitive information such as financial data, personal records or intellectual property from unauthorised access and disclosure, ensuring privacy and confidentiality.
Mitigate financial loss. Effective network security measures help prevent financial losses – including penalties and fines – resulting from data breaches. These measures can also prevent the financial losses that arise from disruptions to business activities, operations, or services.
Preserve organisational reputation and trust. A breach in network security can severely damage an organisation’s reputation, eroding trust among customers and stakeholders.
Ensure regulatory compliance. Many industries have specific regulations regarding data protection and security. Implementing network security measures helps organisations comply with these regulations and avoid legal consequences.
Maintain business continuity. Network security measures such as backups and disaster recovery plans can ensure the continuity of operations and minimise downtime in the face of security incidents.

Common threats to network security

Network security systems may face a range of threats and cyber attacks that aim to exploit vulnerabilities, gain access to networks and data or disrupt network operations.

Understanding these threats is the first step towards implementing effective network security measures.

Common threats include:

Phishing. Phishing attacks trick users into revealing sensitive information such as login credentials or financial details by posing as legitimate entities via email or deceptive websites.
Denial of Service (DoS) and Distributed Denial of Service (DDoS). DoS and DDoS attacks overwhelm network resources, rendering services inaccessible and causing widespread disruption. These are targeted attacks that flood a system with traffic in an effort to crash it and make it inaccessible to legitimate users.
Malware. Malicious software including viruses, worms, and ransomware, can infiltrate systems and compromise network security, leading to data breaches and system damage.
Unauthorised access. Hackers can exploit weak access controls or vulnerabilities to gain unauthorised entry into networks, potentially compromising sensitive data or launching further attacks.

Common network security measures

There are many types of network security measures, and network security systems will typically employ a variety of them to fortify defenses and mitigate potential risks.

Firewalls. Firewalls act as gatekeepers within a network. They monitor and filter incoming and outgoing network traffic based on predefined security rules, prevent unauthorised access to the network and protect it against potential threats.
Intrusion detection systems (IDS). Intrusion detection systems alert organisations when suspicious activity is detected within a network.
Intrusion prevention systems (IPS). Intrusion prevention systems work to block malicious activity.
Virtual private networks (VPNs). VPNs establish secure, encrypted connections over public networks, ensuring confidentiality and privacy for remote access and communication.
Antivirus and anti-malware software. These tools detect, prevent, and remove malicious software such as viruses, Trojans, spyware, ransomware and other threats to network security.
Data loss prevention (DLP) tools. DLP solutions monitor and control sensitive information. In doing so, they can prevent unauthorised disclosure, ensure regulatory or legal compliance, and minimise data breach incidents.

Network access controls. Network access is an important area of network security. It encourages strong authentication mechanisms such as passwords, multi-factor authentication or biometrics to verify an authorised user’s identity and grant appropriate access privileges within the network.
Security policies. Comprehensive security policies outline important areas of internal network security such as guidelines for acceptable use, data handling, email security, password management and security awareness training for employees.
Network segmentation. Network segmentation divides networks into isolated segments. Doing so limits the potential impact of a security breach because it prevents unauthorised movement within the wider network.
Endpoint security. Endpoint security ensures that network endpoints such as computers, laptops and mobile devices have up-to-date antivirus software, regular patches and secure configurations.
Application security. Application security works to safeguard individual organisational apps for providers.
Encryption. Encryption protects sensitive data from unauthorised interception and maintains its confidentiality during transit and storage.
Behavioural analytics. Behavioural analytics are a proactive network security measure. They assess network traffic and user behaviour to detect anomalies and potential security threats, ensuring that issues are identified and addressed as soon as possible.

The future of network security

As cyber threats continue to evolve, so too must the technologies, processes and network security solutions that network administrators use to address them. This includes:

Regularly updating security controls.
Staying informed about emerging vulnerabilities and best practices.
Harnessing new technologies, such as artificial intelligence-powered security information and event management (SIEM), as they become available.

Network security must continue to advance in line with new and emerging cyber security threats. This means keeping up with and using the latest technologies such as those in artificial intelligence, machine learning, deep learning and automation, so those responsible for information systems are well prepared to manage threats of the future.

Keep networks secure with a career in computer science

Break into the cyber security sector with the 100% online MSc Computer Science with Cyber Security from the University of York. This flexible Masters degree is aimed at working professionals and graduates from other disciplines who want to build a career in computer science and develop expertise in cyber security.

Explore programming techniques, computer and network infrastructure and protocols, security risks, and security engineering alongside a range of cyber concepts and solutions. You will also develop an understanding of typical cyber threats and a range of technologies that can help to reduce risk, increase protection, and remain compliant.

What is mobile security?

August 17, 2023/in Articles, Computer science, Cyber Security /by Ruth Brooks

Mobile security is the term used for the various measures that protect mobile devices – such as smartphones and tablets, as well as their data and their associated networks – from unauthorised access or other forms of cyberattack.

Mobile device security measures safeguard any sensitive data stored on or transmitted by mobile devices, and have become crucial now that smartphones have become such an integral part of people’s daily lives.

Why is mobile security important?

Smartphones are everywhere, and have become essential for navigating the modern world. Whether it’s completing an online banking transaction or scanning a QR code to order at a restaurant, people are on their phones all the time – and that’s not even factoring in all of the personal and professional communication that happens on mobile devices, from emails and text messages, to social media apps.

It’s clear today’s phones have evolved beyond mere communication devices and are now repositories of personal, financial and professional information. The implications of mobile data breaches can be severe, including identity theft, data loss, loss of device functionality and financial loss. But by prioritising mobile security, individuals and organisations can mitigate these risks and maintain control over their digital lives.

Common threats to mobile security

There are a number of common risks to mobile security, and these can apply to any mobile device regardless of make or model:

Malware. Malicious software, commonly referred to as malware, poses a significant threat to mobile security. It can infiltrate devices through compromised apps, infected websites, or malicious links, allowing cybercriminals to gain access to sensitive data or even grant criminals control over the device.
Phishing attacks. Phishing is a technique used by cybercriminals to deceive people into revealing sensitive information such as passwords or credit card details. They often do this by disguising themselves as legitimate organisations in emails, SMS text messages, or on fake websites.
Public Wi-Fi networks. While convenient, public networks can be insecure and prone to digital eavesdropping. Hackers can intercept data transmitted over these networks, potentially gaining access to usernames, passwords and other confidential information.

There are also threats and scams that are more likely to target particular devices, such as Android or Apple devices.

Common threats to mobile security on Android devices

Android is the most-used operating system across mobile devices worldwide. It’s also a very open system – virtually anyone can create an app for Android, and it’s relatively straightforward to add an app to the Google Play Store. Because of this, Android devices are more susceptible to malicious mobile apps, which can contain hidden malware or gather sensitive data with a user’s knowledge or permission.

Android’s popularity also makes it a lucrative target for cybercriminals who want to exploit vulnerabilities in the operating system to bypass security measures and gain access to private data or control over a device.

Common threats to mobile security on Apple devices

Apple devices are locked down, which means that they’re less open to customisation when compared to products offered by Android, but it also means they’re better protected against cyber threats. Although Apple’s App Store has stringent security measures in place however, malicious apps occasionally manage to slip through. These apps may contain malware or engage in unauthorised data collection.

Another risk is known as jailbreaking. Jailbreaking an iPhone or iPad is often intentionally done by the owner of an Apple product in order to gain access to the device’s operating system and customise its interface or install software that’s unsupported or unavailable through Apple:

“Apple’s ‘walled garden’ approach to its software has always been in contrast to the variety of options provided by the Android OS for customization,” say cybersecurity experts Kaspersky. “A key motivation of many jailbreakers is to make iOS more like Android.”

Doing so, however, can make Apple’s security features more vulnerable and expose the device to security threats.

Common mobile security measures

While there are many threats to mobile security, there are also many safeguards that can protect mobile devices. These include:

Security software. There are a variety of antivirus programmes and platforms that can be installed to protect devices and personal data. These programmes typically target a host of common threats such as ransomware and spyware. Most devices also typically have their own built-in security systems that are developed by their providers, such as Microsoft orApple.
Authentication and encryption. Strong authentication mechanisms such as PINs, passwords, biometrics, or two-factor authentication add an extra layer of security to mobile devices. Encryption, meanwhile, ensures that data stored on devices or transmitted between devices over networks remains secure and unreadable to unauthorised parties while in transit.
Mobile device management (MDM) systems. Organisations can implement MDM solutions to manage and secure corporate-owned mobile devices. MDM enables IT or cybersecurity professionals to enforce security policies, remotely wipe data and control access to sensitive resources. These systems are typically seen as safer than what’s known as bring your own device (BYOD), which allows people to use their own devices for work. BYOD makes things like endpoint security, email security, and application security more difficult for organisations and can potentially expose them to increased risk.
Virtual private networks (VPNs). Using VPNs on mobile devices can be effective protection against unauthorised access to the device and its data. This is because VPNs effectively encrypt the connection between the device and the internet.

The future of mobile security

As technology continues to evolve, so do the threats to mobile security. This is why it’s important that individuals and organisations aim to stay one step ahead of cybercriminals, and that mobile security solutions continue to evolve and develop as well.

Ongoing areas of advancement include:

Biometric security. Biometric methods of authentication such as facial recognition and fingerprint scanning are already becoming commonplace. They typically offer more secure access to mobile devices because they don’t rely on passwords or PINs that can be shared or stolen.
Improved app security. App developers and stores continue to strengthen security measures to prevent the distribution of malicious apps and protect their users’ personal information.
Cloud security integration. Mobile devices are increasingly relying on cloud services, a trend that necessitates the robust integration of mobile and cloud security measures to collectively safeguard any data stored and accessed from the cloud.
Artificial intelligence and machine learning. These technologies are expected to play a crucial role in detecting and mitigating mobile security threats by analysing patterns, identifying anomalies and proactively defending against attacks.

Build secure mobile networks with a career in cybersecurity

Develop skills in computational thinking alongside an academic understanding of cyber security threats and techniques with the 100% online MSc Computer Science with Cyber Security from the University of York. This flexible Masters degree is aimed at working professionals and graduates from other disciplines who want to build a career in computer science and cyber security.

You will develop an understanding of typical cyber threats and a range of technologies that can help to reduce risk, increase protection and remain compliant. You’ll also explore computer and mobile networks, with discussions around networks and the internet, network architecture, communication protocols and their design principles, wireless and mobile networks, network security issues, networking standards, and related social, privacy, and copyright issues.