Cyber security is the protection of organizations' computing equipment, networks and data from malicious attacks. Studies carried out in the field of cyber security;
Protection of Information Systems from attacks
Ensuring information/data confidentiality, integrity and accessibility
Detection of Attack-Infiltration incidents and creation of precaution mechanisms
It is a set of activities such as returning information/data to their original state after a cyber incident.
What is a Cyber Attack?
Cyber attack refers to intentional actions taken by individuals and/or information systems in order to eliminate the confidentiality, integrity or accessibility of information and industrial control systems or the information/data processed by these systems. The most well-known cyber-attacks that pose critical risks to cyber security;
Malware Attack
Phishing Attack
DDOS Attack
Man in the Middle Attack
SQL Injection Attack
Zero Day Attack
Cryptojacking Attack
Authority Escalation Attack
Why is Cyber Security Important?
Cyber security is very important to ensure the confidentiality, integrity and accessibility of information/data. These data owned by institutions or businesses; It may be sensitive such as government and industry information, health information and personal information. Attackers who want to steal or damage data by performing a cyber-attack aim to access the data of institutions or businesses by using various and expanding methods (social engineering, malware, ransomware, etc.). Cyber Security technologies protect our systems, infrastructure, applications and data against unauthorized access from such cyber-attacks. Some points to consider in order to avoid cyber-attacks and protect our data:
Keeping software, operating systems and browsers up to date
Using antivirus and EDR software
LDAP passwords do not contain personal information (birthday, phone number, etc.) and are complex and strong.
Since e-mail links and attachments from unknown senders may be infected with malware, care should be taken not to open attachments or click on links.
Checking that the links coming from notifications (banking, shopping, etc.) are the correct site when opening them.
Avoid connecting to unsecured public wireless networks
Types of Cyber Security:
Critical Infrastructure Security (Energy - Transportation)
Network Security
IoT Security
Data security
Application Security
User Computer Security
What are the precautions to be taken against cyber-attacks?
It is critical for institutions and businesses to evaluate possible risks against cyber-attacks and take cyber security measures in order to continue their activities without any problems and for their reputation. Therefore, the precautions to be taken against cyber-attacks are listed below.
Providing training to corporate employees on cyber risks and precautions
Installing Antivirus – EDR (Endpoint Detection and Response) protective programs on Computer and Server Systems
Keeping the operating systems of Computer and Server Systems up to date and making updates regularly
Positioning the NAC (Network Access Controller) solution to ensure that network access is under control and there are no unauthorized connections.
Maintaining a firewall and closing all ports except the relevant service port
Having WAF (Web Application Firewall) hardware for application security
Taking regular backups of corporate data and determining the accuracy of the backups by restoring from the backup
Ensuring that user passwords are given in a complex (upper-lower case, number, symbol) structure and changing passwords regularly
Having PAM (Privileged Access Management) application to control, monitor and record password access to server systems
Positioning the Mail Gateway solution for SPAM and malicious mail protection
Positioning the IPS (Intrusion Prevention System) solution against known and identified threats
Positioning the Secure Web Gateway solution to prevent corporate employees from accessing harmful sites
Positioning the Honeypot solution to confuse the target in case of infiltration, gain time and observe aggressive movements.
Positioning the DLP (Data Loss Prevention) solution to prevent corporate data and documents from being digitally removed outside the organization
Positioning the SIEM solution to track and record all digital movements within the corporate network.
How Does the Cyber Security Audit System Work?
Conducting cyber security risk assessment
• Access Controls: Control of individuals who access sensitive data and systems
• Data Protection: Encryption and protection of sensitive data
• Network Security: Monitoring the network infrastructure and ensuring cyber security
• Incident response: Cybersecurity procedures implemented to respond to cybersecurity-related incidents.
Establishing cyber security policies and procedures
• Access Controls: Who has access to sensitive data and systems? How are access rights controlled?
• Data Protection: How is sensitive data encrypted and protected, both in transit and at rest?
• Incident response: What are the steps to be taken in cybersecurity-related incidents and who is responsible for each step?
• Staff Training: How are employees trained on best cybersecurity practices and what is expected of them?
Performing cyber security checks
• Firewall: Examining and controlling incoming and outgoing traffic
• Antivirus-EDR: Detection and blocking of malware
• Network Access Management: Controlling access to the corporate network
Conducting Cyber Security Tests
The aim is to detect security vulnerabilities and close them by regularly performing cyber security tests on the systems of institutions or businesses. Penetration tests are important for detecting these cyber security vulnerabilities.