Hello, I am the new security director at DMP. Over the next few months, I’ll be writing a series of blogs taking an in-depth look at cybersecurity — what it is and why it is so very important. I’ll discuss companies that have been breached, and I’ll provide details on how you can help keep your information safe.
Before jumping in, I’d like to give you an idea of my background. This spring, I completed my master’s degree in Cybersecurity at Missouri State University. Previously, I worked at DMP as the SQL DBA and Entré engineer manager. I also worked at Bancsource with a skilled team setting up a Managed Services Solution in the banking industry. In all, I have more than 20 years of experience in IT and have held such roles as developer, SQL DBA, product and project manager as well as running an Information Technology Department. I also have experience in educating and instructing on HIPAA compliance in health care.
Now that you’re familiar with me, let’s dig in…
I’d like to start with the buzz word “Cybersecurity.” It’s used quite frequently in relations to big conglomerate companies that have been breached or hacked. The Oxford Dictionary defines cybersecurity as “the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this.” For this first blog, let’s start with other related definitions. For most of you in the technology industry, this will be a review — bear with me if this is true for you.
A technology that allows us to access our files and/or services through the internet from anywhere in the world.
Virtual Private Network (VPN)
A VPN allows you to create a secure connection to another network over the internet.
An internet version of a home address for your computer, which is identified when it communicates over a network.
A malicious application or script that can be used to take advantage of a computer’s vulnerability.
The moment a hacker successfully exploits a vulnerability in a computer device and gains access to files and network.
A defensive technology designed to keep the bad guys out.
An umbrella term that describes all forms of malicious software designed to wreak havoc on a computer. Common forms include viruses, trojans, worms and ransomware.
A type of malware aimed to corrupt, erase or modify information on a computer before spreading to others.
A piece of malware that can replicate itself in order to spread the infection to other connected computers. It can spread without user interaction.
A piece of malware that often allows a hacker to gain remote access to a computer through a “back door.”
A type of software application or script that performs tasks on command, allowing an attacker to take complete control remotely of an affected computer. A collection of these infected computers is known as a “botnet” and is controlled by a hacker.
Phishing or Spear Phishing
A technique used by hackers to obtain sensitive information. For example, using a crafted email message to trick people into divulging personal or confidential data such as passwords and bank account information.
A hacking attack that tricks victims into clicking on an unintended link or button, usually disguised as a harmless element.
Short for “penetration testing.” A means of evaluating security using hacker tools and techniques with the aim of discovering vulnerabilities and evaluating security flaws.
Are there other terms that you think need to be defined and added to this list? If you have questions or suggestions, by all means, drop me a line at TPuckett@DMP.com.
Next, I'll be posting a blog on current threats and vulnerabilities. In the coming months, here are a few other topics I’ll be discussing:
- Security best practices
- Smart technology using encryption
- And other topics that are brought up along the way
With each blog, I’ll try to keep it short but informative. I look forward to meeting you all through the forum…until next time!