Some important Cyber-Security FAQ’s

This Cybersecurity FAQ consists of Frequently Asked Questions related to GEO-OPS’s Cyber-Security services and their related topics. 

GEO offers White-Hat PenTesting of Web-Applications, Network Servers, and IT software. In addition, we provide Cyber-Security consulting in the form of seminars and training courses, consulting services in the fields of ISMS implementation and ISO-27001 certification and ISO-27002 Compliance.

Cyber-Security technologies and processes are most effective when organizations practice Information Security Management Systems compliance habitually while concurrently checking their cyber defense vulnerabilities defenses via aggressive White-Hat" (ethical hacking) Penetration Testing ("pen-testing").

Cyber-Security (computer network security) refers to the specialization of computer network security that consists of technologies, policies, and procedures that protect networked computer systems from unauthorized risk, threat, use or harm.

The increasing reliance of information data on cyber (computer-based) infrastructure makes information progressively more vulnerable to cyber attacks on webs, computer systems, networks, and data.

A cyber-attack is an offensive action by a malicious actor that is intended to undermine the functions of networked computers and their related resources, breaching confidentiality, reliability, and accessibility of the data. Examples of cyber attacks include Distributed Denial of Service (DDoS) and Man-in-the-Middle (MITM) attacks.

A cyber-threat is a potential for a cyber attack, which may be assigned a probability of occurrence that can be used for cyber risk assessment. This can include attempted breaches of web-applications and network servers etc.

Cyber-risk is a risk assessment that has been assigned to a specific cyber threat, such as a DDoS attack or a data breach. A cyber risk assessment may be either qualitative or quantitative and included in the company ISMS (Information Security Management System) Manual.

Malware is an umbrella term derived from "malicious software", and refers to any software that is intrusive (unauthorized access), disruptive, or destructive to web-applications, computer systems, and networks. Malware may take many forms (executable code, data files) and includes, but is not limited to, computer viruses, worms, trojan horses (trojans), bots (botnets), spyware (system monitors, adware, tracking cookies), rogueware (scareware, ransomware), and other malicious programs.

Firewalls create virtual barriers to protect networks. They do this by inspecting and controlling incoming and outgoing Internet traffic and allow or block traffic based on whether it conforms to predetermined security rules.

A VPN creates a personal network that enables users to send and receive data that’s shielded from shared networks through encryption techniques. Having a VPN is like having a personal, private and secure browser on public Wi-Fi networks or anywhere. Applications running across a VPN benefit from the functionality, security and management of the private network.

Deep packet inspection, or DPI, is the process of looking inside packets and examining or extracting information. Older firewall models only inspected the “header” or packet labels, but next-generation firewalls inspect all of the network data units (packets). Security-applied DPI can optimize network traffic, prevent cyberattacks and give network managers an overview of typical network behavior.

Mobile devices bring a great utility in terms of convenience and allowing individuals to be “online all the time.” However, the use of mobile devices for communicating and for sharing data create inherent security issues and add more points of access to the network. Mobile malware threats are growing daily and a significant security concern with mobile devices is the loss of the device and the access and information it offers.

Privacy issues are very significant as there has been an unprecedented growth of social media, personal cloud services, and employees utilizing personal devices and third-party applications. This parallels with high profile stories on data breaches and even government accessing citizens’ personal information.

Cyber-Security threats are increasing exponentially in sophistication, intensity, diversity, and volume. Cyber experts report significant escalation in external cyber-attacks, especially from criminal organizations and foreign state-sponsored industrial espionage.