Cyber Security Tutorial

Cyber Security Overview Cyber Security Introduction Cyber Crime Cyber Space Cyber Criminals Cyber Law Cyber Attackers Types of Hackers Functions of Cyber Security Method to Improve Data Security Cyber security frameworks Importance of Cyber Security Types of Cyber Security Cyber Security Fundamentals Applications of cyber security Cyber security in education sector Cyber security in health care industry Cyber security tools Cyber security policies Types of security policies Characteristics of cyber security policies Digital signature Cyber Security Standards NIST- National Institute of Standard and technology Information Technology Act ISO - International Standard for Organization ISO certification PCI DSS Standard FINRA Difference between Information Security and Cyber Security Cyber Security Vulnerability Elements of vulnerability management Social Engineering Vulnerability Assessment Vulnerability management Types of cyber security vulnerabilities Identification of security vulnerability Types of social engineering attacks Penetration Testing Penetration Testing Tools Types of penetration testing Process of Penetration Testing What is Phishing Elements of cyber security Difference between Spoofing and Phishing Difference between Network Security and Cyber Security Difference between Ethical Hacking & Cyber Security Role of artificial engineering in cyber security Cyber Forensics Definition Cyber Security job qualifications Cyber Security Prerequisites Cyber Security Identity and Access Management What is Cyber Forensics Different Types of Cybercrime Different types of cybercrime Tunneling Techniques in Cyber Security

Introduction to Cyber Security
2022-03-12 15:21:28

Introduction to Cyber Security

When the internet was born, it was limited with limited users, but with time internet became unlimited with the unlimited user. In this digital era internet is a medium of working of the military, corporate, government, financial, and medical organizations. These organizations collect, process, and store valuable data on different devices and computers.

Definition

“Cyber security is the security applied to protect mobiles, laptops, computer system and other gadgets that use internet.”

“Cyber security is the protection from cyber threats, cyber-crime, and cyber-attacks."

Cyber security provides multiple layers of security to the people, an organization, processes, and technology. These are the key holders of cyber security where key security functions of security –detection, investigation, and remediation are accelerated.

Role of people in cyber security – Cyber security protects people by applying a strong password, backing up data, and being wary of attachments in an email.

Process – Every organization follows a process to protect itself from cyber cyber-attacks and cyber-crimes. It has a framework that guides the users on dealing with cyber-attacks (identify attacks, detect and respond to threats, protect systems, and recover from successful attacks).

Technology – The need for technology gives rise to cyber security and provides security tools for organizations and individuals by which they can protect themselves from cyber-attacks.

What technology should be protected? – Smart devices, routers, cloud storage, networks, and computers.

Which technology act as a protector? – Malware protection, email security solutions, DNS filtering, next-generation firewalls, and antivirus software.

Cyber security is divided into various categories or other types of security.

Regarding cyber security, an organization needs to coordinate with the elements and challenges that occur throughout the entire information sys m. Different types of securities handle these problems.

  • Mobile security – Handed mobiles are the major source of personal and private information of an individual; therefore, protecting them is the major challenge completed by mobile security.
  • Application security – The users use uncountable applications in day-to-day working; therefore, these applications require constant updates and testing procedures. Application security ensures that these applications are free to form attacks.
  • Network security protects an organization's network and other networks from unwanted attacks, users, and intrusions.
  • Information security protects the individual or organization's information at different layers.
  • Operational security – Various operations and carried out inside or outside the network within an organization; therefore, these are protected by operational security.
  • Cloud security – Cloud is purely a digital/virtual database environment where files are stored; therefore, it is challenging to protect this 100% online environment with a large amount of data.
  • Internet of Things (IoT) security - The Internet is an online environment without ending points having unauthorized access and fake information. Therefore security is required to protect data on the internet.
  • Data security- Data security is responsible for protecting the data of the company and consumer at a separate layer of security.
  • Identity management- Every individual/worker has a unique identity in the company/organization, which must be protected. Identity management ensures the safe and unique protected individual identity in an organization.
  • Infrastructure and database security – Network consists of a database, and a piece of physical equipment needs to be protected by infrastructure and database security.
  • Endpoint security – Endpoint security is related to remote access to a company network which is also a point for d ta. Therefore endpoint security protects it from unauthorized users.

Business continuity planning /Disaster recovery – Natural disasters cannot breach the continuity of the business; it must go on; therefore, there's a backup plan to safe and secure the data.

  • Cyber security protects every type of data from damage and stolen.
  • Advance cyber defense programs protect data from cyber-attacks.
  • Cyber security protect these types of data:-
    • Sensitive data
    • Personal data
    • Governmental data
    • Industrial information
    • Personally identifiable information (PII)
    • Intellectual property
    • Protected health information(PHI)
  • It protects technologies and technical equipment.
  • It acts as a guard to policies of organization and business, the military, governments, and other socially critical organizations.
  • Increase the trust factor between company and client.
  • Cyber security protects individual life’s from serious damage.

Need of cyber security in different fields

Different types of cyber attacks

With the boom in technology, there is a boom in cyber-attacks. Programmers and hackers made malicious software for their benefit. Different cyber-attacks are planned to break different cyber security models.

Increase in cybercrime

Various cyber threats and cyber attackers increase the cyber-crime. Criminals attack mobiles, laptops, computer systems, networks, and security panels. Cybercrime also increases with the spectacular increment in digital technology (working with the internet).

Tech users are vulnerable.

Sometimes Technology users do vulnerable actions unknowingly (without knowledge e). They provide all the confidential information to the attackers by clicking random popups and malicious messages.

Cloud storage needs protection.

Cloud storage provides an unlimited online storage platform for data. Still, this online database needs appropriate protection as a large amount of data is digitally saved on a virtual platform, which is hard to back up as it is a backup source for storing the data.

Save money

Several cyber-crimes are purposed for stealing money with the use of technology and without hard prof. Protecting the user/ employer (bank account details, land details, and family details) is the major concern of cyber security because it can save the money of the user, employer, and organization. If cyber security is tight, it can reduce the maintenance and loss of the people.

As cyber security is important for an organization or business, therefore, it provides various benefits to the business, and these are:-

  • Inspire customer confidence
  • Provide protection
  • Stop going down of the website
  • Increase productivity
  • Protect the user

Some common cyber threats are:-

  • Malware is a cyber threat that includes botnets, spyware, computer virus, worms, Trojan horses, and other program files harmful to computers (software e). It is spread by the unwanted download that seems legitimate and attachment in ema ls. Adware software (advertising) spreads malware, whereas viruses spread automatically in the computer system by attaching themselves with the f le. Spyware spy and record the user's actions and collect confidential information.
  • Trojans – These are the disguised malware that causes damage or collects data after being uploaded into the system.
  • SQL injections are malicious for the database as it inserts malicious code via SOL (structured query language) statement.
  • Phishing – Phishing threat is related to email attacks where fake emails are sent to fetch confidential information such as passwords and credit card details.
  • Denial of services – In this type of attack, user service requests are denied due to too much traffic on the servers, where valid requests are not answered, and the entire system becomes unusable. The whole working of the organization stops due to server denial of services.
  • Man-in-the-middle attack - This type of attack results when criminals intercept conversation and data transmission between multiple people. In this, hackers insert themselves between online transactions with the help of unsecured Wi-Fi networks, especially public Wi-Fi, targeted to steal the desired data.

Some of the challenges of cyber security

Continuous growth in technology

With the growth of technology, cybercriminals are rapidly increasing with an ever-growing exploit list of potential opportunities. Cybercriminals are actively creating new methods and technologies to breach cyber security. It becomes challenging for an organization to cope with the ever-evolving nature of cyber security because it is a costly process. Security requires regular updates and methods to prevent cyber-attack.

Quantity of the data

It becomes difficult for the company/ organization to secure a large amount of data because individual data and organization confidential information is at risk of being stolen due to negligence. If this happens, the company loses its market value and reputation; therefore, handling and protecting much organizational data is a big challenge.

Training and education need

Employers and users must be educated and trained about cyber security to apply and recommend proper use of cyber security. Several unknown links and emails strike in the smartphone, so the user must be educated about the type of cyber riks. Employers must be trained to understand what actions are risky.

Shortage of cyber security professionals

Compared to the increment of cyber-crimes, their protectors (cyber security professionals) are less in numb rs. It is a challenge that more than two million cyber security jobs worldwide are empty as the programmers and ethical hackers don't get as much as they deserve.