One of the best ways to understand a particular term is to classify it. The classification is used in many disciplines, from biology to computer science. The ability to group ideas, elements, and fields allows us to focus on them and see the connections. In the area of network security, we can also classify domains that help us understand certain aspects, rules, causes, and specific consequences of a particular network threat. The domain is better than this system, operating procedures and results are subcategories; with it, we can then begin to create an ontology of network threats. Cybersecurity can be divided into several areas:

• Domain: This allows us to identify vulnerabilities, risk assessment, and their origins.
• Methods of work: Understanding the vectors, tools, and methods used to exploit these vulnerabilities
• Results: These are the consequences of an internet attack.

Users

An individual with cybersecurity certification is the biggest threat to a company’s network security. Consumers are a security hole in all areas of the organization. “Human vulnerability” is considered “internal threat”, as is the threat of external parties – against us; our behaviour is used as cyber fraud.

The Threat Inside

The internal threat worries all organizations. In a recent Gartner report on internal threats, they found that 64.2% of internal workers took steps that gave them other income. This typically occurred due to the use and misuse of sensitive data, including providing suppliers with data that violates the company’s contractual capacity. The cost of internal threats is also a concern in this area – the recent survey found that 34.2% of respondents felt that cyber threats were based on more expensive and harmful than external threats. The study agrees with Gartner’s conclusion that financial momentum is one of the most common causes of insider trading. Internal violations are often committed by abuse of access to privileges and abuse of access rights. For example, it has been observed that 55.2% of the US IT managers shared login information with employees and 57.9% with co-workers.

Social Engineering

One thing cyber-criminals have used to their advantage is to understand how people behave. They use their behaviour towards us to make threats online. And it will work. Impersonation, especially their spears, is the most effective way to destroy company data. It is estimated that about 94.5% of successful business attacks are due to email disclosure. People need to build mutually confidential relationships and a pattern of behaviour that cybercriminals focus on. In particular, cheaper and latest trade-off business emails are methods that require hackers to understand these goals in detail.

However, this effort pays off, as evidenced by the financial gain from identity theft.  Cybercriminals will continue to use social technology, but they will continue to do so. One USP awareness campaign, which was a very effective way to control the threat, found that the clickthrough rate for email was 50%, 6% of those who achieved decent. However, 6% of consumers per thousand businesses can be very harmful in the long run.

Shadow IT

In the past, companies have had complete control over the applications used in the infrastructure. The computers were locked and it was not possible to install foreign or non-standard applications. Today, this is no longer possible, and with the advent of the “IT shadow,” unauthorized applications, including cloud applications are installed or used without the knowledge of the IT department. This added new security pressure to the organization. Gartner predicts that by 2022, a third of successful security attacks will come from counterfeit computer resources.

However, security begins with information – knowing which programs work and which data is created and used. The shadow of IT makes it much more difficult to acquire this knowledge. If you do not know which programs are installed, you cannot control the use of vulnerability. If you do not know where data is created, transmitted, or stored, you will not be able to add a security layer to that data. The IT problem in the shadows is solved by cloud access security intermediaries used to control cloud-based applications on the web. You can then implement security policies such as advanced authentication, individual logins, encryption, and anti-abuse.

Internet of Things (IoT) and the Digital Industry

One of today’s twists and turns is activating network devices. Gartner predicts that by 2022, more than half of new business processes will use some form of Internet of Things. As a connected, highly diverse network expands and develops, it opens up both potential network opportunities and new chances to gather malicious information. One of the problems with the Internet of Things is the adoption of security standards by many manufacturers. For example, potentially significant infrastructure attacks are based on entities that have online industrial management systems and do not have adequate security measures. Denial of service (DoS) attacks against these could destroy the entire infrastructure of the energy sector and cause widespread chaos.

Another concern of the IoT is that it improves productivity and makes transport in the supply chain more efficient. It also prolongs the obscuring of the perimeter so that it no longer exists. This makes traditional methods of preventing cyber-attacks less effective. The mentioned critical infrastructure is particularly vulnerable to attacks in the supply chain of insecure internet equipment. Many online products have been proven to be launched and marketed to consumers – from smart refrigerators to tractors and portable clothing – without safety. The development of IoT is part of the development of a cycle of security threats that are evolving with the development of the information technology environment. In the 1990s, as a wider audience began to use the Internet, we saw host attacks based on threats to customers. As mobile phones have become the norm in our digital lives, the dangers of mobile phones are widespread. And now, with the advent of the Internet, we are witnessing another change in the internet landscape of consumer-approved online articles.