As high-profile data breaches, such as Equifax, continue to dominate headlines, the topic of cybersecurity–or lack thereof–has commanded greater attention. The word ‘cybersecurity’ has become the media’s latest buzzword…and for good reason. New research reveals that websites experience 63 attacks per day, per website on average–this is an upsurge from the reported 22 attacks per day in 2016.
It has become clear that regardless of a company’s size or industry, data breaches are inevitable. That said, it’s important to fully understand what cybersecurity is, as well as the different types of cybersecurity, so you can protect your business, personal information, and stay informed with what’s happening in the industry.
Due to its complexity, the term ‘cybersecurity’ has a relatively broad definition. Dictionary.com defines it as: precautions taken to guard against crime that involves the internet, especially unauthorized access to computer systems and data connected to the internet.
However, there is much more to it than that. You can think of cybersecurity as an umbrella term that encompasses multiple types of security, like: website security, endpoint security and network security.
When it comes to cybersecurity, one size does not fit all. As technology continues to evolve, so does the security around it. Let’s cover some of the most common types of cybersecurity you’re likely to hear about and need to understand.
As the name implies, website security protects a website from cyber threats on the internet. Comprehensive website security includes protecting a website’s database, applications, source code, and files. Just like cybersecurity, website security can also be used as an umbrella term to describe the various software, tools, and approaches one can take to protect their website. Website security is unique because, while it can be used in tandem with other cybersecurity solutions, it is the only type of cybersecurity solution that can actually protect a website from malicious threats, such as malware and vulnerabilities.
As our intro paragraph confirms, website attacks are on the rise. Yet, most websites do not have adequate protection in place to prevent a breach. A primary reason for this being many website owners think they are protected by their web hosting provider. In fact, a recent survey conducted by SiteLock confirmed 40% of website owners believe their hosting provider is responsible for the security of their website. As a result of this misconception, a majority of websites remain vulnerable to cybercriminals. When websites suffer a security breach or compromise, the consequences include downtime, loss of revenue, and damage to the website or business’ reputation.
To help protect against website attacks, we’ve listed some of the most important types of website security solutions below.
Website scanning and malware removal – A website scanner is used to check for malware and vulnerabilities on a website. Malware scanners are typically designed to automatically scan for known malware types including backdoor files, shell scripts, and spam. While vulnerability scans are designed to identify vulnerabilities. Regardless of the type of scanner, if malware or vulnerabilities are found, the website owner is alerted immediately. Some sophisticated website scanners are even capable of automatically removing the malware from the website.
Web application firewall (WAF) – Due to its ability to differentiate legitimate traffic from malicious traffic, a WAF is one of the best ways to protect your web applications – like live chat features and shopping carts — from harmful threats. Web application firewalls can be cloud-based, network-based, or host-based, and are often placed in front of one or more web applications. A WAF is specifically designed to block malicious traffic and bad bots from visiting a website. It can also help protect websites from DDoS attacks, which is an attempt to make a website unavailable by overwhelming it with automated requests and traffic from hundreds or thousands of sources. Some WAF features include blocking access to known vulnerabilities in applications and preventing known malicious traffic from accessing website files.
Application Security Testing (AST) – There are two primary types of application security testing, also known as vulnerability scans. The first being static application security testing (SAST), or “white-box” testing in the security world. SAST is used to test an application’s source code to determine if vulnerabilities exist. It does this by analyzing the code from the ‘inside-out,’ which means it starts testing the site from its code and then works its way to the website’s surface. The second common type of AST is dynamic application security test (DAST), also known as “black-box” testing, which is also used to test a website’s applications for vulnerabilities. Unlike SAST, the source code is not required during DAST. Instead, DAST analyzes an application from the ‘outside-in,’ which means it starts testing the site from the user’s perspective first, then works its way to the website’s applications to determine if vulnerabilities exist.
Endpoint security protects the servers, workstations, and mobile devices on a network from remote and local attack. The connection of these devices creates an entry point for threats. Endpoint security aims to block access attempts aimed at these entry points.
It’s important to keep in mind that endpoint security is not to be confused with website security, as endpoint security does not protect a website from cyber threats. While it is recommended that the two solutions be used together for a more comprehensive security portfolio, when it comes to solely secure a website, endpoint security isn’t enough as it only protects physical systems, such as laptops. In a recent study comparing website security solutions to endpoint solutions, it was found that over 90% of web-based malware is missed by traditional endpoint security solutions, confirming that relying on endpoint solutions alone won’t protect a website.
For those looking to secure their endpoints, below are some of the most common types of solutions.
Anti-virus and anti-malware software – Anti-virus and anti-malware software helps prevent malware and other viruses, like trojans and worms, from infecting a network or local machine. Anti-malware software is designed to scan the network for malware upon entry and will continue to track the files thereafter.
File Integrity Monitoring (FIM) – File integrity monitoring tools are used to determine if sensitive files within a company’s system have been changed recently. If files have been changes, this could indicate that a compromise has occurred or that a bad actor has been in the network. FIM tools monitor a website’s files against the file’s current state and a known, good baseline. This is generally an automated process, but it can be performed randomly or in real-time.
Network security leverages both hardware and software technologies to monitor and protect an internal network and its data. Network security is typically managed by a network administrator or system administrator who keeps an eye on unauthorized access, modification, and exploitation to the network.
Note that network security protects the underlying networking infrastructure, creating a secure platform for computers – not websites. If your business uses any type of internal network, it is encouraged that you incorporate all three solutions, network, website, and endpoint, into your existing cybersecurity portfolio. This ensures that all of your data in travel, from the local workstation, to your website, to the network, is protected.
For common types of network security solutions, see below.
Data Loss Prevention (DLP) – Data loss prevention is the strategy used to ensure sensitive data is not lost, misused, accessed by unauthorized users, or sent outside the corporate network. Companies put DLP in place to help prevent end users from sharing confidential or critical information that may put the company at risk.
Virtual Private Network (VPN) – A VPN is used to create a safe and encrypted connection over private and public networks, like the internet. Companies often enforce employees who work remotely to use a VPN.
Depending on your businesses and company size, it may or may not be necessary to incorporate all three types of security into your cybersecurity strategy. However, for website owners, prioritizing website security is critical to ensure website health, customer confidence, and safe user experience.
As cyber threats continue to evolve and make headlines, it is critical for businesses to assess their existing assets to ensure they are not left unprotected and vulnerable to attack. With comprehensive cybersecurity solutions in place, businesses can protect their critical assets, reputation, employee and customer data.
To learn more about the most prevalent threats websites face today and the steps you can take to secure your website, download the SiteLock Website Security Insider Q2 2017. You can also give the SiteLock website security experts a call at 855.378.6200 to help answer any questions you may have about getting started.