Cybersecurity and business software control: do not fear the unknown, face reality!

corresponding

MARCO R. PASSERINI
RES IT srl, Milan, Italy

Abstract

Cybersecurity. Can you feel safe? In a world where nobody can really think to be safe from the risk of attacks on their IT systems, where companies are still too slow in realising the risk for their business and their own safety, there is a number of institutional players that offers excellent solutions to limit cyber-attacks to the heart of information systems. However, too often these solutions focus on inhibiting physical attacks, while securing perimeter vs SW applications does not get the attention – and the budget – it should,  given that 84% of cyber-attacks are directed to the SW application layer.
Moreover, most security professionals find themselves struggling to mend damage all the time, while it would obviously be better to prevent it. This article suggests taking a more holistic approach to achieveing effective cybersecurity.


CYBERATTACKS ALSO THROUGH THE SW LAYER

“Cybersecurity is the protection of computer systems from the theft and damage to their hardware, software or information […], includes controlling physical access to the hardware,  as well as protecting against harm that may come via network access, data and code injection […]”. (1)


“Cybersecurity is the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this”. (2)


I think the two statements above are good enough to describe what cybersecurity is, also to those not yet familiar with the word. 


In a world where no one can really feel safe from cyberattacks and where companies still lack awareness of the risk these attacks pose for their business and their own safety – companies are especially not aware of how weak their cybersecurity protocols are - there are many institutional players who offer excellent solutions to limit cyberattacks to the heart of information systems. Unfortunate ...