back
1290_GAMO_POI8-foto na web-v1-04

From the cyber security dictionary

Jana Kohárová on LinkedIn

There are a number of specific technical terms in this field, some of which we explain in turn. The changes brought about by the transposition of the NIS 2 Directive into the Cybersecurity Act 69/2018 are covered in detail in a separate article, so today we are selecting three words related to this topic from the glossary.

A SECURITY INCIDENT is any event that, due to a breach of network and information system security or a violation of a security policy or binding methodology, has a negative impact on cybersecurity or results in:

  • loss of data confidentiality, destruction of data or breach of system integrity;
  • limiting or denying the availability of a basic service or digital service;
  • high likelihood of compromise of the activities of the underlying service or digital service;
  • or compromising information security.

SECURITY MEASURES are the tasks, processes, roles and technologies in the organisational, personnel and technical domains that aim to ensure cybersecurity throughout the lifecycle of networks and information systems. The role of security measures is to prevent cybersecurity incidents and minimize their impact on the continuity of service operations. They shall also be adopted and implemented on the basis of approved security documentation, which must be up-to-date and correspond to the real situation.

We are familiar with general and sectoral security measures:

  • General: implemented according to the classification of information and categorisation of networks and information systems and in accordance with cybersecurity standards for all networks and information systems;
  • Sectoral (specific): implemented on the basis of the specifics of the categorisation of the networks and information systems of the central authority within its scope of competence, in accordance with the cybersecurity standards in the field of cybersecurity.

Areas for which security measures are taken are, for example, information security organisation; asset, threat and risk management; personnel and physical security; cryptographic measures; monitoring and testing; security audits, process continuity management and others.

Security measures shall include detection of cybersecurity incidents, records and procedures for handling incidents, designation of a contact person for receiving and recording reports, connection to the communication system for reporting and handling cybersecurity incidents and the central early warning system.

A CYBER SECURITY STRATEGY is a plan or set of measures that an organisation takes to protect its digital assets, systems, networks and data from a variety of threats and attacks in cyberspace. These threats may include hacking attacks, malware, phishing, ransomware, software vulnerabilities, insider threats, or other security risks. A cybersecurity strategy focuses on identifying, preventing, detecting, responding to, and recovering from cyberattacks.

Key elements of a cybersecurity strategy:

  1. Prevention and Protection – Securing systems, networks and devices against known threats. This may include the deployment of firewalls, anti-virus programs, encryption of communications, secure authentication mechanisms and regular software updates.
  2. Threat Detection – Implementation of monitoring tools and systems (such as IDS/IPS, SIEM systems) that help detect unusual or suspicious activity in systems.
  3. Incident Response – Planning and executing operations to respond quickly and effectively to cyber attacks or other security incidents, including investigative procedures, post-attack recovery, and minimizing the impact on the organization.
  4. Incident Recovery – Implementing processes to ensure systems and data are restored after an attack, either through backups or other recovery methods to ensure outages and damage are minimized.
  5. Risk Management and Threat Analysis – Identifying and assessing potential cybersecurity risks and developing plans to mitigate those risks. This may include vulnerability analysis, assessing the likelihood and impact of various threats, and considering the potential consequences within the organization.
  6. Use of security policies and rules – Establish clear rules and guidelines for employees on how to handle sensitive data, use devices, access company systems, and perform other day-to-day operations in a secure manner.
  7. Employee education and training – Provide regular training on cyber threats, security best practices and the ability to spot potential attacks (e.g. phishing emails, suspicious messages and links).

A cybersecurity strategy must be continuously evaluated, updated and adapted to new threats, technological advances and the specific needs of the organisation.

Published: 17. December 2024

Jana Kohárová

Obchod

GAMO a.s.

Envelope Linkedin
Follow me on LinkedIn

This article is part of magazine no.

Download PDF

Published: 17. December 2024

advertising
Anketa

Iveta Hlaváčová

Why do SME companies underestimate cyber resilience? What would convince them to change?

We contacted representatives of three companies that are responsible in the field of cyber security and asked them for their...
Anketa

Iveta Hlaváčová

One portal for everything about cybersecurity: what shouldn’t be missing?

GAMO is currently developing a virtual cyber marketplace, CYBER PLACE, which aims to connect services, education and awareness raising in...
Through the eyes of experts

Peter Bednár

GAMO a.s.

SIEM – does it still make sense? How to proceed?

To say that SIEM is 'dead' is a statement that is highly debated in the cybersecurity community. It is true...
Show more
advertising

© 2021 GAMO a.s.

redakcia@platformofinvention.sk

web design by Morse.