The increasing number and sophistication of attack methods further exacerbate the problem of Internet security. To protect against them, enterprises and individual users have to look for new ways to solve this problem.

In 2020, the average cost of data leakage was $3.86 million worldwide. These costs include the costs of detecting and responding to violations, the cost of downtime and lost profits, as well as long-term reputational damage to the company and its brand [IBM, 2021].

The complexity of the security system caused by heterogeneous technologies and lack of own experience can increase these costs. But organizations with a comprehensive cybersecurity strategy based on best practices and an automated system using advanced analytics, artificial intelligence and machine learning can more effectively combat cyber threats.

What should I do to protect myself from cyber attacks?

A strong cybersecurity strategy has layers of protection against cybercrimes, including cyberattacks that attempt to access, modify or destroy data, extort money from users or an organization, or seek to disrupt the normal activities of an organization. Countermeasures should include:

Critical infrastructure security – methods of protecting computer systems, networks, and other assets that society relies on to ensure national security, economic health, or public safety.

Network Security – security measures to protect a computer network from intruders, including both wired and wireless connections.

Application Security – processes that help protect applications running locally and on a cloud server. Security should be built into applications at the design stage, taking into account how data is processed, user authentication occurs, etc.

Cloud security – in particular, confidential computing that encrypts cloud data at rest (in storage), in motion (when moving to, from, and within the cloud), and when used (during processing) to ensure customer privacy, business requirements, and compliance with regulatory requirements and standards.

Information security – security measures, such as general rules that protect the most sensitive data from unauthorized access, disclosure or theft.

End–user Training – Raising security awareness in an organization to enhance endpoint security. For example, users can be trained to delete suspicious email attachments and avoid using unknown USB devices.

Disaster recovery and business continuity planning — tools and procedures for responding to unplanned events, such as natural disasters, power outages, or cybersecurity incidents, with minimal disruption to core operations [IBM, 2021].