Ensuring cyber security is a complex task that relies on domain knowledge and requires cognitive abilities to determine possible threats from large amounts of network data. This study investigates how knowledge in network operations and information security influence the detection of intrusions in a simple network. We developed a simplified Intrusion Detection System (IDS), which allows us to examine how individuals with or without knowledge in cyber security detect malicious events and declare an attack based on a sequence of network events. Our results indicate that more knowledge in cyber security facilitated the correct detection of malicious events and decreased the false classification of benign events as malicious. However, knowledge had less contribution when judging whether a sequence of events representing a cyber-attack. While knowledge of cyber security helps in the detection of malicious events, situated knowledge regarding a specific network at hand is needed to make accurate detection decisions. Responses from participants that have knowledge in cyber security indicated that they were able to distinguish between different types of cyber-attacks, whereas novice participants were not sensitive to the attack types. We explain how these findings relate to cognitive processes and we discuss their implications for improving cyber security.
A successful cyber attack can cause major damage to your business. It can affect your bottom line, as well as your business’ standing and consumer trust. The impact of a security breach can be broadly divided into three categories: financial, reputational and legal.
Economic cost of cyber attack
Cyber attacks often result in substantial financial loss arising from:
- theft of corporate information
- theft of financial information (eg bank details or payment card details)
- theft of money
- disruption to trading (eg inability to carry out transactions online)
- loss of business or contract
Businesses that suffered a cyber breach will also generally incur costs associated with repairing affected systems, networks and devices.
Trust is an essential element of customer relationship. Cyber attacks can damage your business’ reputation and erode the trust your customers have for you. This, in turn, could potentially lead to:
- loss of customers
- loss of sales
- reduction in profits
The effect of reputational damage can even impact on your suppliers, or affect relationships you may have with partners, investors and other third parties vested in your business.
Legal consequences of cyber breach
Data protection and privacy laws require you manage the security of all personal data you hold – whether on your staff or your customers. If this data is accidentally or deliberately compromised, and you have failed to deploy appropriate security measures, you may face fines and regulatory sanctions.