Cyber security: Do you know how to protect your company against hacker attacks?

Increasingly smarter technologies are inevitably followed by new methods and techniques of attacks. Cybercrime has been on the rise; criminals have been more and more sophisticated and traditional firewall itself is no longer an obstacle for even an average hacker. Our teams of specialists from Risk Advisory advise on how to counter these and other digital threats, their courses introduce principles and mechanisms of cyber security to those who are interested.

First, we should realise for what type of company we want to create the cyber defence system.  Appropriate security cannot be regarded as a textbook model, which all companies, without distinction, should aim to achieve. It is clear that a library will need a completely different security system than a nuclear power plant. By correctly determining what precisely we want to protect, in what manner and what scope, we may significantly simplify the implementation and operations of the system.

Cyber security is based on three principal pillars that we should know for effective implementation of a protection system. These are processes (and their rules), technologies and people. In addition, the knowledge of the risks themselves is necessary; it will help us build information security in an effective manner. Using this information, we may subsequently adjust the processes and procedures, suitably mitigate the impact of the human factor, select adequate technologies and start to build an effective digital protection system.

Five trends of the future of information security

  1. Multi-factor authentication. A combination of various authentication factors, e.g. using a name, password and a token at the same time.
  2. User behaviour analysis. Determining standardised user behaviour (authentication, authorisation, reading of emails, work with files, and access time to the system, geolocation, etc.) and subsequent monitoring of deviations.
  3. Data loss prevention. The key to prevention are advanced encryption technologies and tokenisation.
  4. Deep learning. A combination of technologies such as artificial intelligence and machine learning, subsequent analysis of user behaviour and identification whether it is unusual or even dangerous behaviour.
  5. Cloud. Cyber security as a cloud, virtualised service.

Prevention is one of the most effective methods of mitigating the impact of the risk in the attack itself. There are numerous tools that may help you such as operating or security monitoring, active protection of the environment with the use of firewalls, antivirus programmes and others or behavioural analysis. Using the data on the environment, we may effectively predict, reveal and counter numerous attempts to break into the security perimeter and learn how to fight new, innovative methods of cybercrime.

Deloitte Academy

A good knowledge of theory is a precondition for good quality practice. At Deloitte Academy attendants of our courses have an opportunity to learn about cyber security right from its basics. However, security managers, analysts, consultants and other cyber protection experts will also find it interesting. Do you like the idea of learning something new? Do you want to learn from specialists with many years of experience? Then the Deloitte Academy courses are just for you.

WhatsApp: Who may read your messages?

A big issue in security matters is the electronic communication, which is currently a common part of work and private life. For that purpose, we use applications and we automatically expect an appropriate level of security and privacy protection. Is the communication via traditional applications such as WhatsApp or Viber really secure?

The above applications (and numerous others) use the Signal protocol for encrypting. It encrypts the message on the source device, sends it encrypted to the operator’s server, it then forwards it to the device of the recipient, the device decrypts it and reads it. This system is called “end-to-end” encryption and as such it can be considered as secure. The information is, in this case, well protected on the way between the sender and the recipient. A message is mostly under threat right before being encrypted and right after being decrypted. For a would-be attacker it is much easier to attack the device of the end user than to start the difficult decrypting of the sent message.

Cryptographic glossary

A special category of cyber security is encrypting. If not protected, the information is most at risk at the moment when transferred (for example when we send an email). The information lifecycle involves the creation of information, encrypting, sending, decrypting and reading. Individual steps are however not as easy as it may appear at first sight. Read through our small cryptographic glossary and learn the terms easily and quickly.

  • Cryptography is a science dealing with data confidentiality and secure communication between various parties.
  • Cryptanalysis is a science focusing on analysis of encrypted data with the objective of breaking their encryption.
  • Steganography is a discipline engaging in the concealing of the existence of e.g.
    a message that is not easily detectable by a third party.
  • Clear text or data are the original input that we create and that we want to encrypt to secure it against reading or viewing by a third party.
  • Key is the information, which determined the output of the encrypting algorithm without which a third party is not able to read the message.
  • Cipher is an algorithm or mechanism, which adjusts, using the key, the original open text or data into encrypted form.
  • Cipher text or data are incomprehensible to people when they read them. They can be decrypted and subsequently read only by someone who has the correct key and cipher.
Deloitte Academy Cryptography Cyber risk Personal Data Protection Cybersecurity
Technology  Law 

Personal Data Processing News

This time we focus on the most important findings from the published information regarding inspections and decisions of the Office for Personal Data Protection in the first half of 2019. We are also reporting on further development concerning codes of conduct and certifications, on the procedure in the event of a security breach and procedure for informing customers about personal data processing, on an important decision related to cookies, and on an effort to unify the procedure for issuing penalties in Germany, and possibly the whole EU. 

22. 11. 2019

The Czech Producer of 3D Printers Prusa Research Wins Additional Points: It is Growing Faster than 497 Firms in the EMEA Region

The 2018 winner of the Central European ranking Deloitte Technology Fast 50, Czech 3D printer manufacturer Prusa Research, succeeded also in the Fast 500 category including five hundred fastest growing tech companies from Europe, the Middle East and Africa (EMEA). Growth rate of 17,122% catapulted the company to the podium and secured its third place in the ranking. Other Czech companies were also successful:, Pilulka Distribuce, Proficio Marketing, ZOOT, Creative Dock and IDEA StatiCa. Congratulations! 

24. 9. 2019