• Question: what is the hardest thing to get through in cyber security?

    Asked by anon-258248 to Andy on 2 Jul 2020.
    • Photo: Andy Smith

      Andy Smith answered on 2 Jul 2020:

      There’s a few really tricky parts…

      Firstly, technology is always changing, so it takes a lot of effort to stay up-to-date with all the latest developments. Luckily I find this enjoyable, so it doesn’t feel like ‘work’ to me!

      Secondly, a big part of security relies on people being aware of the dangers. It can be difficult to explain some of these technical concepts to non-technical people, and then get them to change their behaviours (for example, trying to convince my parents not to use the same password for everything!)

      Thirdly, the purpose of cyber security is not only to guard against people making silly mistakes, but also people who are actively trying to attack us. If their first attack is unsuccessful, they will try again. And again. Those attackers just need to find one security hole to get into a system. We defenders need to be able to find all of the holes (and fix them!) first.

      Although cyber may be tricky, it’s also a lot of fun!

Comments

  • stevethomas commented on :

    I read this question a little differently, as in “what is the hardest thing *for an attacker* to get through”, i.e. what makes the best defence? I’m not sure if that’s what you meant, @JacksonP, but if not it might be interesting anyway! I’d say one of best defences is to keep a very low profile; if an attacker doesn’t even know you’re there, and their scanning tools can’t find you, you’re pretty safe. That’s hard to achieve, of course, as every on-line presence has a real-world purpose that means someone has to know you’re there. A relatively new approach in Internet terms is “deception”, which in this case means putting up things which look like tempting targets but are actually a form of electronic tripwire. It’s meant to attract attackers to something which looks like what they might be after but isn’t actually used by the organisation under attack – so you can monitor it, and if it is accessed you are pretty sure an attack is taking place. It doesn’t prevent an attack but it does divert it, and alert you at the same time so you can respond.

    More simply, not responding to phishing e-mails and fixing all the known vulnerabilities in the systems you run will stop about 80-90% of known attacks. So, think before you click, and always keep your software up to date! 🙂