At SpectroCoin, we see security as one of the main parts that constitute our business. From our daily routines to the relationship with our customers, we are constantly working to improve our methods and make our ecosystem even safer. For this reason, we started a series of blog posts to raise awareness and share with you part of what we have learned so far in terms of cybersecurity.
In order to continue our learning process about such a relevant topic, today we bring you an interview with Karolina Žembė, Information, and Cyber Security Specialist at SpectroCoin. She will share some of her knowledge in the field and present the point of view of a professional responsible for strengthening an organization’s cybersecurity.
What is cybersecurity and why is it important?
Over the past couple of decades, technology has become a very important part of our lives. From personal phones, tablets, and laptops to business computers – we all became dependent on the technology that we use. These devices contain our personal and business information, so they must be secured.
“Cyber-security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.”
Our entire lives being online and the number of cyber threats growing everyday make cybersecurity so important. It is really astounding that cybersecurity is not more discussed. The lack of cybersecurity awareness makes most people an easy target for any cybercriminal. That is why everyone should be familiar with the key points of data security.
What is the role of a cybersecurity specialist?
The cybersecurity world is constantly changing, so it is really important that a person working, or who wishes to work, with information or cybersecurity is eager to learn new things, is interested to know about the hottest security trends in the world, and is passionate about cybersecurity in general.
There are so many different cybersecurity roles: Security Analyst, Penetration Tester, Risk Analyst, Security Engineer, Auditor, Threat Intelligence Analyst, etc. All of these roles are essential to ensure good cybersecurity practices in a company.
While one team is monitoring the network, the other is educating employees. Each and every role is very interesting and important for the company.
What is your typical week on SpectroCoin like?
Every week feels like I am fighting crime and bullies in order to keep SpectroCoin and our customers safe. You have to know how cyber attackers act and understand their motives, targets and possible vulnerable areas in order to develop an effective defense and response strategy.
An Information and Cyber Security Specialist is the person responsible for identifying and fixing security issues within the company. In order to do that, you need to know the latest security trends in the world and keep a close relationship with other security specialists around the globe.
Collaborative threat intelligence allows us to deal with complex threats better.
Our priority is to make our company and our website safer, both for our employees and customers. As an Information and Cyber Security Specialist, I am performing security assessments in order to identify possible security gaps in the company, and also maintaining the bug bounty program to keep our website safe for our customers. I also provide IT Security training for employees in order to make everyone aware of possible cyber threats.
Why it is important to participate in bug bounty programs?
Usually, white and grey hat hackers with different levels of knowledge and experience are involved in bug bounty programs. By participating in a bug hunt, hundreds of eyes look at the website inside and out, so it accelerates the identification and fix of potential threats.
Community-powered searches analyze different parts and products in the system, as these hackers try to break into the system with various (un)systematic routines and tools. This way, we are able to fix issues and also to notice new patterns of how the system copes with the load, what can be improved and made even more secure.
What are the biggest cybersecurity threats to businesses?
Once in a while, we all hear about massive data breaches, ransomware and DDoS attacks on governmental or well-known companies. While highly skilled hackers still pose a significant risk to our business, hacking tools have become widely available for everyone to use.
That means that there is also a growing threat from less-skilled individuals. The commercialization of cybercrime has made it easy for anyone to obtain the resources they need to launch damaging attacks, such as ransomware and cryptojacking.
Since part of your job includes monitoring tendencies in cybercrime, what would be, in your opinion, the main cybercrime threats of 2019?
I believe that cybercrime will keep on growing in 2019. Data breaches will continue to increase in number and severity. Securing data continues to be the most important task for companies and individuals, as these trends will not go away easily and the need for response initiatives will be essential.
Targeted and more sophisticated malware attacks will also continue to grow during 2019. Ransomware will still be constant, following the trend from the past few years. An increase in attacks on critical infrastructure, as well as on individuals, is expected. Which is why it is important to keep yourself well-informed and your data as secure as possible.
What are the best techniques to be safe?
Nowadays, everyone should be aware of the very basics of how to protect their devices and data. The following are just a few simple tips we can all use to be safer on the internet:
- Keep software up-to-date
- Do not install unlicensed software
- Use a password management software
- Connect to secure Wi-Fi only and use trusted websites only
- Backup your data
- Avoid sharing confidential information online
- Install advanced malware and spyware detection tools
We hope you enjoyed learning more about cybersecurity and the work of an Information and Cyber Security Specialist. If you have more questions for Karolina or about cybersecurity in general, drop us a message in any of our social media channels.