Makerere University

Enter a keyword or two into the search box above and click search..

Elements of Cyber Security

You are here

By Gilbert Nsanzimana


Elements of Cyber Security

These define the key areas that an organization would have to focus on in order to stay secure from cyber-attacks. We will outline the key elements below;

  • Application security.

Websites and web-based applications are usually exploited through their source code vulnerabilities. Security features are paramount to be added in the development process of the applications. The application threats can include SQL injection, Denial of service attacks, data encryption, data breaches, and many more.

  • Network security.

This defines the process of protecting the network from unwanted users, attacks, and intrusions. This element includes both the software and hardware of the network

  • Information or Data Security.

All that is within the web and mobile applications is just data that can be very sensitive. Protecting this is very key for secure information, not even a nation can stand.

  • Operational Security.

Also Abbreviated as OPSEC. It defines the analytical and risk management processes to identify a company’s “Crown Jewels”—most sensitive and valuable information and puts in place mechanisms to ensure the security of this information.

  • Disaster recovery/business continuity planning.

A Disaster Recovery Plan (DRP) defines how work can be resumed quickly and effectively after a disaster in the event of a breach, natural disaster, or other cause of data losses.

  • End-User Education.

End-users may be employees, customers accessing the company’s application. IBM Security Intelligence Index reported that 95% of cybersecurity attacks are caused by human errors. However, the end-users have no fault of their own so companies must focus on this element and have them aware of the security policies.

Reasons why hackers exist

In the earlier days of the internet, it used to be just ego. In other words just proving that you can actually put down what someone has spent days working on. In the current time, however, it has become extremely part of the business. While you may spend a lot of energy and resources working on a system, there are groups of people that are also not settled before they invade your system. We will talk about the common 3 main reasons that motivate hackers:

1. Leak or steal information

A lot of times, hackers steal your information to impersonate you and probably make transactions on your behalf, post on your media platforms in your name. Hackers showed up more interest after the rise in e-banking and mobile banking. When a company’s data has been exposed, Cybercriminals can use it to strategize for a cyber-attack.

2. Disrupt services and prove a point

Hackers today still enjoy the act of rendering your system useless. It’s an achievement to them to put down your website and leave a message behind for you.

3. Make money

From organizations to even individual accounts, hackers launch attacks commonly ransomware which can close your access to vital information. The next message you receive is to pay a ransom (Amount of money) in order to receive your access back. Sophos published a report in 2020 which indicated that the average cost of a ransomware attack was $732,520 if the ransom was paid and a double of that—$1,448,458 if the ransom was paid. This may sound like an “Attractive business”.

The entire article presents the fact that everyone must be engaged in one way or the other in Cyber Security. Individuals and Organizations need to be aware that if their data is safe now, it may not be the case in the next 5 minutes. We all need to keep Cyber-Smart in our daily operations.