Areas of Consideration (Facts)
The term (Cybersecurity), though not defined in the Strategy, is generally understood to encompass any measures taken to protect online information and secure the infrastructure on which it resides.
According to the 2010 document, Canada Cyber Security Strategy (Strategy), cyberspace is the electronic world created by interconnected networks of information technology and information on those networks. It is a global common where more than 1.7 billion people are linked together to exchange ideas, services, and friendship. Identity security helps solve the bigger picture. Identity security (also known as identity governance and identity management) protects against the cyber threats associated with providing technology access to a diverse workforce.
It does this by enabling the management and administration of access for every digital identity within an organization. With the rapid growth of technology in the cloud enterprise, it’s imperative to protect your business against the potential cyber risks that target digital identities. Such as the idea that every single identity in your network only has the least amount of access they need to do their job.
Why? By restricting permissions based on job function and user role, you’ll reduce the risk of users having access to information they should not have access too, and inadvertently or maliciously doing something with that information. Identity security emphasizes both enabled and reliability that providing access but properly controlling that access.
Privacy protection and cybersecurity should be thought of as interconnected as more and more personal information is processed or stored online. Privacy protection increasingly relies on effective cybersecurity implementation by organizations to secure personal data both when it is in transit and at rest. In some cases, cybersecurity measures underpin critical infrastructure that protects data, thereby safeguarding personal information. This Identity Security and Privacy Cyber Space are the number one problem in our daily life.
Problem
The identity crisis is prevalent across all industries is no other industry has been as squarely in the hot seat as financial services. Public scrutiny of its policies and experiences with protecting customers and their sensitive information has to know that no limits. It is understandable, given that the financial arena is one in which people are at risk for seeing sensitive data compromised. Consumers live in constant fear about unauthorized persons gaining access to their bank account data, credit card numbers, and other financial information.
Data breaches are on the rise, making information security and privacy top priorities for business and IT leaders. Today’s threats are more potent than ever, with employees cited as the primary risk. This trend, coupled with the expansion of data privacy laws in the entire world, has led to the growing realization that Enterprise Information Management solutions are must-have tools for data protection and regulatory compliance.
Cyber Security is becoming a severe issue for individuals, enterprises, and governments alike. In a world where everything is on the internet, examples are cute kitten videos and our travel diaries to our credit card information. Ensuring that our data remains safe is one of the biggest challenges of Cyber Security. Cyber Security challenges come in many forms, such as ransomware, phishing attacks, malware attacks, and more.
However, some of the challenges faced in cybersecurity are also the challenges for privacy and data protection. Cybersecurity is by no means a static issue with a permanent solution. Threats to information in cyberspace evolve quickly and, more recently, have expanded into new channels such as social media and mobile technologies.
As organizations strive to keep pace with the changing landscape created by innovative technologies, social practices, and ever-changing threats, data produced, collected, and collated on a massive scale can be left vulnerable to those cyber threats. One of the challenges is Ransomware Attacks involve hacking into a user’s data and preventing them from accessing it.
Ransomware attacks are critical for individual users, but more so for businesses who can’t access the data for running their daily operations. However, with most ransomware attacks, the attackers don’t release the data even after the payment is made and instead try to extort more money.
Cloud attacks most of us today use cloud services for personal and professional needs, also hacking cloud platforms to steal user data is one of the challenges in Cyber Security for businesses. We are all aware of the infamous iCloud hack, which exposed private photos. Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. Unlike ransomware attacks, the hacker, upon gaining access to confidential user data, doesn’t block it. Instead, they use it for their advantages, such as online shopping and illegal money transfer.
Alternative Courses of Action
Freezing your credit card with all three major credit bureaus Equifax, Experian, and TransUnion restricts access to your records so new credit files cannot be opened. It’s free to freeze your credit and unfreeze when you want to open an account, and it provides the best protection against an identity thief using your data to open a new account.
Your Social Security number is the master key to your personal data. Guard it as best you can. When you are asked for your number, ask why it is needed and how it will be protected. Don’t carry your card with you. Securely store or shred paperwork containing your Social Security number. Scammers can make phone calls appear to come from government entities or businesses, and emails that appear to be legitimate may be attempts to steal your information.
Initiate a callback or return email yourself, working from a known entity such as the official website, rather than responding to a call or email. And be wary of attachments many contain malware. Use a password manager to create and store complex, unique passwords for your accounts. Don’t reuse passwords.
Adding an authenticator app can reduce your risk. Don’t rely on security questions to keep your accounts safe; your mother’s maiden name and your pet’s name aren’t hard to find.
Think carefully about what you post on social media so you don't give away key data or clues about how you answer security questions. Many financial institutions will text or email when transactions are made on your accounts. Sign up so that you know when and where your credit cards are used, when there are withdrawals or deposits to financial accounts and more.
Stolen mail is one of the easiest paths to a stolen identity. Has your mail held if you’re out of town? Consider a U.S. Postal Service-approved lockable mailbox. You can also sign up for Informed Delivery through the USPS, which gives you a preview of your mail so you can tell if anything is missing.
Any credit card, bank or investment statements that someone could fish out of your garbage shouldn’t be there in the first place. Shred junk mail, too, especially preapproved offers of credit. If you’re paying online or in a store, use a digital wallet, an app containing secure, digital versions of credit and debit cards. You can use it to shop online or at a compatible checkout terminal.
Transactions are tokenized and encrypted, which makes them safer. In addition, contactless transactions have fewer health risks. Mobile devices can be a real risk. According to Javelin’s report, only 48% of us routinely lock our mobile devices. Use passwords on your electronic devices. Use a banking app rather than a mobile browser for banking. Read financial statements.
Make sure you recognize every transaction. Know due dates and call to investigate if you do not receive an expected bill. Review “explanation of benefits” statements to make sure you recognize the services provided to guard against health care fraud.
Evaluation of each ACAs
Email messages have also moved on a bit until it relates to protection and privacy. There have been proposals to secure email security with encryption, email authenticity and credibility with digital signatures, email availability with increased server resilience, and email recipients with continuous scanning for spam, viruses, and phishing attempts.
A conclusion that it's possible to draw from the current emphasis of research and practice. Therefore, is that the entities posing a threat is all external and must, at all costs, should be prohibited from getting in. The simple answer: yes, there is. And it gets worse; the content of the message is irrelevant and even blank emails can leak sensitive identity or organizational information.
The problem lies in email headers. These are an essential component of every message and contain metadata about the sender, the receiver, and the route traversed between the two parties. The worry with these headers is that the email applications in use today are including an increasing amount of metadata about individuals with little regard for the privacy implications and associated risks.
Headers, for example, may show the type of device used, the email client, its version number, and, in some cases, the individual's internal username. To investigate whether the leakage of sensitive information in email headers is as real a problem as we imagine it to be, we recently conducted a study where 225 emails from various willing individuals and organizations worldwide were collected and analyzed.
Participants were asked to send us blank emails using a range of devices and software, including desktop email clients, web browsers, and mobile device apps. Our findings were, to say the least, very insightful.
Conclusion
Technology is one of the main reasons why our world is such a beautiful place to live in today. It is responsible for putting a man on the moon, building global Internet infrastructure, and putting a smartphone in the hands of billions of people. However, as we saw, the use of technology can be double-edged.
Sword in addition to the benefits, there are a few significant threats to our online identities' security and privacy. Whether we like it or not, we (and our devices on our behalf) are leaking oodles of sensitive identity information, and others are listening.
Thus far, we only know of the burglars (and job recruiters) that monitor social network feeds. However, I cannot help but wonder who else may be snooping and what they plan to do with the data they have gathered. Targeted hacking and widespread identity theft are possibilities. Person identity data, tastes, and behaviors are of enormous value to advertising companies for targeting and direct advertising, with the online advertising market estimated to be worth 220.38 thousand worth by 2019. All of the above circumstances are unwelcome, depending on.
