Virtual CISO

Data security refers to the protection of data, such as a database, from destructive forces and the unwanted actions of unauthorised users. Encryption is the conversion of electronic data into another form, called ciphertext, which cannot be easily understood by anyone except authorised parties. Encryption algorithms play a critical role in the security assurance of IT systems and communications as they can provide not only confidentiality but also the following key elements of security:

  • Authentication: the origin of a message can be verified.
  • Integrity: proof that the contents of a message have not been changed since it was sent.
  • Non-repudiation: the sender of a message cannot deny sending the message.

Encryption is also used to protect data in transit, for example, data being transferred via networks (e.g. the Internet, e-commerce), mobile phones, wireless microphones, wireless intercom systems, Bluetooth devices and ATMs. Data should also be encrypted when transmitted across networks in order to protect against eavesdropping of network traffic by unauthorised users. Encryption algorithms are divided into two categories: symmetric and asymmetric.

Symmetric Encryption

Symmetric encryption uses the same key to encrypt and decrypt data. The most widely used symmetric algorithms are AES and TDES. The first one was created to protect government classified information and the second one is used in the financial banking and payment industries. Symmetric encryption is much faster than asymmetric encryption, but the sender must exchange the key used to encrypt the data with the recipient prior to the decryption (i.e. communicating parties must have the same key before they can achieve secure communication). To securely distribute and manage large numbers of keys, most cryptographic processes use a symmetric algorithm to efficiently encrypt data but use an asymmetric algorithm to exchange the secret key.

Asymmetric Encryption

Asymmetric cryptography, also known as public-key cryptography, uses two different but mathematically linked keys, one public and one private. The public key can be published for anyone to use and encrypt messages, whereas the private key must be kept secret (i.e. only the receiving party to have access to the decryption key that enables messages to be read). RSA is the most widely used asymmetric algorithm, partly because both the public and the private keys can encrypt a message. The opposite key from the one used to encrypt a message is used to decrypt it. This attribute provides a method of assuring not only confidentiality but also the integrity, authenticity and non-reputability of electronic communications and data at rest through the use of digital signatures.

Deception Technology is the integration of deception tactics into security tools and automation, meant to attract intruders away from real assets and trap or detain them in areas modelled after real storage or network areas. By misdirecting the attacker early in the infiltration process, the technology can minimise the damage caused and gain an opportunity to learn from the attacker’s methods and behaviour while they are distracted.

The simplest form of Deception Technology is the classic honeypot: a planted store of data whose contents are designed to be appealing to attackers, such as decoy password lists, false databases, fake access to other regions and more. When an intruder enters a network, they are led by a trail of breadcrumbs straight to the honeypot, which is triggered to alert security and distract the intruder by feeding them engineered information.

Easy integration with hundreds of Your favorite applications

Integrate With Confidence