Protection of information, access codes and computer systems from intruders has become a mandatory activity for any enterprise or institution. Public finance can hardly be called an exception. Computer security experts believe that this area of ​​activity relates more to a management group of tasks than a purely technical one.

 

The article is based on materials from computer security courses at leading universities in the world. Among them are: “Cybersecurity and its ten areas of application” by the University of Georgia, “Introduction to Computer Security”, the School of Engineering of New York University, “Cybersecurity of Business”, University of Colorado and others.

 

In this article, we will consistently talk about which areas - domains - are covered by cybersecurity, as well as the basic principles of this area.

 

Cybersecurity: why is this important?

More and more aspects of our lives depend on the Internet, smartphones and computers. We use mobile phones for communication and entertainment, and emails for regular personal and business communications.

 

More and more cars are equipped with computers that inform drivers of malfunctions or other things that need attention. Computer systems are beginning to be used to control home appliances and coordinate its work (the so-called Smart Home system). Bank customers get access to their accounts using mobile devices. Medical data is also digitized, and therefore, third parties can access them remotely. Education is also gradually moving to digital platforms.

 

Each institution, organization or enterprise conducts accounting and internal databases in electronic form. This means that all activities directly depend on computer security. Thus, we see that both professional activities and personal life depend on information technology. Therefore, the role of computer security is constantly growing.

 

Protection against unauthorized interference

A description of the application aspects of computer security is best started with a direction such as access control and management. One of the most important elements of any institution’s IT system is protection against unauthorized access. This protection includes not only technical, but also physical and administrative measures.

 

Therefore, access control and management can be divided into two main functions. The first is the delineation of access to certain information and related services. The second is the control of physical access to premises, offices and so on.

 

Do not confuse authorization and authentication. Authentication is a confirmation of the identity of users. Authorization, or access to information, is the ability to read, create, modify or delete data on a computer. Permission is issued by the application or system owner.

 

Now let's move on to the application. A basic understanding of computer security involves the following:

 

  • Users provide identification information such as name (meaning technical username);
  • Authentication For example, user identities are verified using passwords;
  • Limitation of operations that the user can perform;
  • Identification and authentication provide that you can track all user actions.

 

There are various access control models. They are aimed at protecting software, operating systems and hardware.

 

Business Continuity Planning

The next area of ​​computer security is preparing enterprises and institutions for unwanted incidents. The idea is for the organization to continue to fulfill its functions, no matter what. In this case, an incident is understood as a large-scale event, such as a natural disaster, as well as a small incident - for example, an employee with access codes fell ill and could not come to work. The incident recovery algorithm describes the mechanisms that will allow you to return to work after the systems were hit as a result of adverse events.

 

This activity is called “business continuity planning” (BCP) and involves the creation of systems for the prevention and restoration of business activity to combat potential threats to a company, organization, institution. Identification of possible incidents is carried out using a multi-stage analysis, including analysis of the consequences, analysis of threats and exposure scenarios.

 

The simplest level of BCP implies plans for workers describing what they should do in a given situation and how to communicate with each other in order to continue working. Details may vary depending on the profile and size of the organization. Many organizations, in one form or another, require a business impact analysis (BIA) that allows them to understand what kind of losses an activity will suffer in the event of certain events. Based on the BIA, you can test what happens in the event of certain incidents.