A PRACTICAL ASSIGNMENT OF

‘IT INFRASTRUCTURE MANAGEMENT’ ON

“CYBER SECURITY AND ITS CHALLENGES”

Subject Code- 19IMG22C5

Submitted in Partial fulfillment for the award of

MBA 2nd Semester
Session – (2020 – 2022)

Submitted to: Submitted by:

Ms. Anju Sharma Shreya Tripathi
MBA Faculty MBA 2nd Semester
IBMR, Gurgaon IBMR, Gurgaon
 TABLE OF CONTENTS

S. No. Particular Page No.

1. What is Cyber Security 3-4
2. Types of Cyber security 4–5
3. Importance of Cyber security 5
4. Types of Cyber security threats 6-8
5. Latest Cyber threats 8 – 10
6. Benefits of Cyber Security 10
7. Cyber Securities Goal 10 – 15
8. Principles of Cyber Securities 16 – 20
9. Data Security Consideration 20 – 27
10. Tools of Cyber Securities 27
11. Challenges of Cyber Securities 28 - 30
 What is Cyber Security?

The technique of protecting internet-connected systems such as computers, servers,

mobile devices, electronic systems, networks, and data from malicious attacks is
known as cybersecurity. We can divide cybersecurity into two parts one is cyber,
and the other is security. Cyber refers to the technology that includes systems,
networks, programs, and data. And security is concerned with the protection of
systems, networks, applications, and information. In some cases, it is also
called electronic information security or information technology security.

Some other definitions of cybersecurity are:

"Cyber Security is the body of technologies, processes, and practices designed to
protect networks, devices, programs, and data from attack, theft, damage,
modification or unauthorized access."
"Cyber Security is the set of principles and practices designed to protect our
computing resources and online information against threats."
 Types of Cyber Security

Every organization's assets are the combinations of a variety of different systems.

These systems have a strong cybersecurity posture that requires coordinated efforts
across all of its systems. Therefore, we can categorize cybersecurity in the
following sub-domains:
o Network Security: It involves implementing the hardware and software to
secure a computer network from unauthorized access, intruders, attacks,
disruption, and misuse. This security helps an organization to protect its
assets against external and internal threats.
o Application Security: It involves protecting the software and devices from
unwanted threats. This protection can be done by constantly updating the
apps to ensure they are secure from attacks. Successful security begins in the
design stage, writing source code, validation, threat modeling, etc., before a
program or device is deployed.
o Information or Data Security: It involves implementing a strong data
storage mechanism to maintain the integrity and privacy of data, both in
storage and in transit.
o Identity management: It deals with the procedure for determining the level
of access that each individual has within an organization.
o Operational Security: It involves processing and making decisions on
handling and securing data assets.
o Mobile Security: It involves securing the organizational and personal data
stored on mobile devices such as cell phones, computers, tablets, and other
similar devices against various malicious threats. These threats are
unauthorized access, device loss or theft, malware, etc.
o Cloud Security: It involves in protecting the information stored in the
digital environment or cloud architectures for the organization. It uses
various cloud service providers such as AWS, Azure, Google, etc., to ensure
security against multiple threats.
 o Disaster Recovery and Business Continuity Planning: It deals with the
processes, monitoring, alerts, and plans to how an organization responds
when any malicious activity is causing the loss of operations or data. Its
policies dictate resuming the lost operations after any disaster happens to the
same operating capacity as before the event.
o User Education: It deals with the processes, monitoring, alerts, and plans to
how an organization responds when any malicious activity is causing the
loss of operations or data. Its policies dictate resuming the lost operations
after any disaster happens to the same operating capacity as before the event.

Why is Cyber Security important?

Today we live in a digital era where all aspects of our lives depend on the network,
computer and other electronic devices, and software applications. All critical
infrastructure such as the banking system, healthcare, financial institutions,
governments, and manufacturing industries use devices connected to the
Internet as a core part of their operations. Some of their information, such as
intellectual property, financial data, and personal data, can be sensitive for
unauthorized access or exposure that could have negative consequences. This
information gives intruders and threat actors to infiltrate them for financial gain,
extortion, political or social motives, or just vandalism.
Cyber-attack is now an international concern that hacks the system, and other
security attacks could endanger the global economy. Therefore, it is essential to
have an excellent cybersecurity strategy to protect sensitive information from high-
profile security breaches. Furthermore, as the volume of cyber-attacks grows,
companies and organizations, especially those that deal with information related to
national security, health, or financial records, need to use strong cybersecurity
measures and processes to protect their sensitive business and personal
information.

Types of Cyber Security Threats

Malware- Malware means malicious software, which is the most common cyber
attacking tool. It is used by the cybercriminal or hacker to disrupt or damage a
legitimate user's system. The following are the important types of malware created
by the hacker:
 Virus: It is a malicious piece of code that spreads from one device to
another. It can clean files and spreads throughout a computer system,
infecting files, stoles information, or damage device.
 Spyware: It is a software that secretly records information about user
activities on their system. For example, spyware could capture credit card
details that can be used by the cybercriminals for unauthorized shopping,
money withdrawing, etc.
 Trojans: It is a type of malware or code that appears as legitimate software
or file to fool us into downloading and running. Its primary purpose is to
corrupt or steal data from our device or do other harmful activities on our
network.
 Ransomware: It's a piece of software that encrypts a user's files and data on
a device, rendering them unusable or erasing. Then, a monetary ransom is
demanded by malicious actors for decryption.
  Worms: It is a piece of software that spreads copies of itself from device to
device without human interaction. It does not require them to attach
themselves to any program to steal or damage the data.
 Adware: It is an advertising software used to spread malware and displays
advertisements on our device. It is an unwanted program that is installed
without the user's permission. The main objective of this program is to
generate revenue for its developer by showing the ads on their browser.
 Botnets: It is a collection of internet-connected malware-infected devices
that allow cybercriminals to control them. It enables cybercriminals to get
credentials leaks, unauthorized access, and data theft without the user's
permission.

Phishing
Phishing is a type of cybercrime in which a sender seems to come from a
genuine organization like PayPal, eBay, financial institutions, or friends and co-
workers. They contact a target or targets via email, phone, or text message with a
link to persuade them to click on that links. This link will redirect them to
fraudulent websites to provide sensitive data such as personal information, banking
and credit card information, social security numbers, usernames, and passwords.
Clicking on the link will also install malware on the target devices that allow
hackers to control devices remotely.

Man-in-the-middle (MITM) attack

A man-in-the-middle attack is a type of cyber threat (a form of eavesdropping
attack) in which a cybercriminal intercepts a conversation or data transfer
between two individuals. Once the cybercriminal places themselves in the middle
of a two-party communication, they seem like genuine participants and can get
sensitive information and return different responses. The main objective of this
type of attack is to gain access to our business or customer data. For example, a
cybercriminal could intercept data passing between the target device and the
network on an unprotected Wi-Fi network.

Distributed denial of service (DDoS)

It is a type of cyber threat or malicious attempt where cybercriminals disrupt
targeted servers, services, or network's regular traffic by fulfilling legitimate
requests to the target or its surrounding infrastructure with Internet traffic. Here the
requests come from several IP addresses that can make the system unusable,
overload their servers, slowing down significantly or temporarily taking them
offline, or preventing an organization from carrying out its vital functions.

Brute Force
A brute force attack is a cryptographic hack that uses a trial-and-error
method to guess all possible combinations until the correct information is
discovered. Cybercriminals usually use this attack to obtain personal information
about targeted passwords, login info, encryption keys, and Personal Identification
Numbers (PINS).

SQL Injection (SQLI)

SQL injection is a common attack that occurs when cybercriminals use malicious
SQL scripts for backend database manipulation to access sensitive information.
Once the attack is successful, the malicious actor can view, change, or delete
sensitive company data, user lists, or private customer details stored in the SQL
database.

Domain Name System (DNS) attack

A DNS attack is a type of cyberattack in which cyber criminals take advantage of
flaws in the Domain Name System to redirect site users to malicious websites
(DNS hijacking) and steal data from affected computers. It is a severe
cybersecurity risk because the DNS system is an essential element of the internet
infrastructure.

Latest Cyber Threats

The following are the latest cyber threats reported by the U.K., U.S., and
Australian governments:
Romance Scams
The U.S. government found this cyber threat in February 2020. Cybercriminals
used this threat through dating sites, chat rooms, and apps. They attack people who
are seeking a new partner and duping them into giving away personal data.

Dridex Malware
It is a type of financial Trojan malware identifies by the U.S. in December
2019 that affects the public, government, infrastructure, and business worldwide. It
infects computers through phishing emails or existing malware to steal sensitive
information such as passwords, banking details, and personal data for fraudulent
transactions. The National Cyber Security Centre of the United Kingdom
encourages people to make sure their devices are patched, anti-virus is turned on
and up to date, and files are backed up to protect sensitive data against this attack.

Emotet Malware
Emotet is a type of cyber-attack that steals sensitive data and also installs other
malware on our device. The Australian Cyber Security Centre warned national
organizations about this global cyber threat in 2019.
The following are the system that can be affected by security breaches and
attacks:
1. Communication: Cyber attackers can use phone calls, emails, text
messages, and messaging apps for cyberattacks.
2. Finance: This system deals with the risk of financial information like bank
and credit card detail. This information is naturally a primary target for
cyber attackers.
3. Governments: The cybercriminal generally targets the government
institutions to get confidential public data or private citizen information.
4. Transportation: In this system, cybercriminals generally target connected
cars, traffic control systems, and smart road infrastructure.
5. Healthcare: A cybercriminal targets the healthcare system to get the
information stored at a local clinic to critical care systems at a national
hospital.
 6. Education: A cybercriminals target educational institutions to get their
confidential research data and information of students and employees.

Benefits of cybersecurity

The following are the benefits of implementing and maintaining cybersecurity:

o Cyberattacks and data breach protection for businesses.
o Data and network security are both protected.
o Unauthorized user access is avoided.
o After a breach, there is a faster recovery time.
o End-user and endpoint device protection.
o Regulatory adherence.
o Continuity of operations.
o Developers, partners, consumers, stakeholders, and workers have more faith
in the company's reputation and trust.

Cyber Security Goals

The objective of Cybersecurity is to protect information from being stolen,

compromised or attacked. Cybersecurity can be measured by at least one of three
goals-
1. Protect the confidentiality of data.
2. Preserve the integrity of data.
3. Promote the availability of data for authorized users.
These goals form the confidentiality, integrity, availability (CIA) triad, the basis of
all security programs. The CIA triad is a security model that is designed to guide
policies for information security within the premises of an organization or
company. This model is also referred to as the AIC (Availability, Integrity, and
Confidentiality) triad to avoid the confusion with the Central Intelligence Agency.
The elements of the triad are considered the three most crucial components of
security.
The CIA criteria are one that most of the organizations and companies use when
they have installed a new application, creates a database or when guaranteeing
access to some data. For data to be completely secure, all of these security goals
must come into effect. These are security policies that all work together, and
therefore it can be wrong to overlook one policy.

1. Confidentiality
Confidentiality is roughly equivalent to privacy and avoids the unauthorized
disclosure of information. It involves the protection of data, providing access for
those who are allowed to see it while disallowing others from learning anything
about its content. It prevents essential information from reaching the wrong people
while making sure that the right people can get it. Data encryption is a good
example to ensure confidentiality.

Tools for Confidentiality

Encryption
Encryption is a method of transforming information to make it unreadable for
unauthorized users by using an algorithm. The transformation of data uses a secret
key (an encryption key) so that the transformed data can only be read by using
another secret key (decryption key). It protects sensitive data such as credit card
numbers by encoding and transforming data into unreadable cipher text. This
encrypted data can only be read by decrypting it. Asymmetric-key and symmetric-
key are the two primary types of encryption.
Access control
Access control defines rules and policies for limiting access to a system or to
physical or virtual resources. It is a process by which users are granted access and
certain privileges to systems, resources or information. In access control systems,
users need to present credentials before they can be granted access such as a
person's name or a computer's serial number. In physical systems, these credentials
may come in many forms, but credentials that can't be transferred provide the most
security.

Authentication
An authentication is a process that ensures and confirms a user's identity or role
that someone has. It can be done in a number of different ways, but it is usually
based on a combination of-
o something the person has (like a smart card or a radio key for storing secret
keys),
o something the person knows (like a password),
o something the person is (like a human with a fingerprint).
Authentication is the necessity of every organizations because it enables
organizations to keep their networks secure by permitting only authenticated users
to access its protected resources. These resources may include computer systems,
networks, databases, websites and other network-based applications or services.

Authorization
Authorization is a security mechanism which gives permission to do or have
something. It is used to determine a person or system is allowed access to
resources, based on an access control policy, including computer programs, files,
services, data and application features. It is normally preceded by authentication
for user identity verification. System administrators are typically assigned
permission levels covering all system and user resources. During authorization, a
system verifies an authenticated user's access rules and either grants or refuses
resource access.

Physical Security
Physical security describes measures designed to deny the unauthorized access of
IT assets like facilities, equipment, personnel, resources and other properties from
damage. It protects these assets from physical threats including theft, vandalism,
fire and natural disasters.

2. Integrity
Integrity refers to the methods for ensuring that data is real, accurate and
safeguarded from unauthorized user modification. It is the property that
information has not be altered in an unauthorized way, and that source of the
information is genuine.

Tools for Integrity

Backups
Backup is the periodic archiving of data. It is a process of making copies of data or
data files to use in the event when the original data or data files are lost or
destroyed. It is also used to make copies for historical purposes, such as for
longitudinal studies, statistics or for historical records or to meet the requirements
of a data retention policy. Many applications especially in a Windows
environment, produce backup files using the .BAK file extension.
Checksums
A checksum is a numerical value used to verify the integrity of a file or a data
transfer. In other words, it is the computation of a function that maps the contents
of a file to a numerical value. They are typically used to compare two sets of data
to make sure that they are the same. A checksum function depends on the entire
contents of a file. It is designed in a way that even a small change to the input file
(such as flipping a single bit) likely to results in different output value.

Data Correcting Codes

It is a method for storing data in such a way that small changes can be easily
detected and automatically corrected.

3. Availability
Availability is the property in which information is accessible and modifiable in a
timely fashion by those authorized to do so. It is the guarantee of reliable and
constant access to our sensitive data by authorized people.

Tools for Availability

o Physical Protections
o Computational Redundancies

Physical Protections
Physical safeguard means to keep information available even in the event of
physical challenges. It ensures sensitive information and critical information
technology are housed in secure areas.

Computational redundancies
It is applied as fault tolerant against accidental faults. It protects computers and
storage devices that serve as fallbacks in the case of failures.

Cyber Security Principles

The UK internet industry and Government recognized the need to develop a series
of Guiding Principles for improving the online security of the ISPs' customers and
limit the rise in cyber-attacks. Cybersecurity for these purposes encompasses the
protection of essential information, processes, and systems, connected or stored
online, with a broad view across the people, technical, and physical domains.
These Principles recognize that the ISPs (and other service providers), internet
users, and UK Government all have a role in minimizing and mitigating the cyber
threats inherent in using the internet.
These Guiding Principles have been developed to respond to this challenge by
providing a consistent approach to help, inform, educate, and protect ISPs'
(Internet Service Provider's) customers from online crimes. These Guiding
Principles are aspirational, developed and delivered as a partnership between
Government and ISPs. They recognize that ISPs have different sets of customers,
offer different levels of support and services to protect those customers from cyber
threats.
Some of the essential cybersecurity principles are described below-
1. Economy of mechanism
This principle states that Security mechanisms should be as simple and small as
possible. The Economy of mechanism principle simplifies the design and
implementation of security mechanisms. If the design and implementation are
simple and small, fewer possibilities exist for errors. The checking and testing
process are less complicated so that fewer components need to be tested.
Interfaces between security modules are the suspect area which should be as
simple as possible. Because Interface modules often make implicit assumptions
about input or output parameters or the current system state. If the any of these
assumptions are wrong, the module's actions may produce unexpected results.
Simple security framework facilitates its understanding by developers and users
and enables the efficient development and verification of enforcement methods for
it.

2. Fail-safe defaults
The Fail-safe defaults principle states that the default configuration of a system
should have a conservative protection scheme. This principle also restricts how
privileges are initialized when a subject or object is created. Whenever access,
privileges/rights, or some security-related attribute is not explicitly granted, it
should not be grant access to that object.
Example: If we will add a new user to an operating system, the default group of
the user should have fewer access rights to files and services.

3. Least Privilege
This principle states that a user should only have those privileges that need to
complete his task. Its primary function is to control the assignment of rights
granted to the user, not the identity of the user. This means that if the boss
demands root access to a UNIX system that you administer, he/she should not be
given that right unless he/she has a task that requires such level of access. If
possible, the elevated rights of a user identity should be removed as soon as those
rights are no longer needed.

4. Open Design
This principle states that the security of a mechanism should not depend on the
secrecy of its design or implementation. It suggests that complexity does not add
security. This principle is the opposite of the approach known as "security through
obscurity." This principle not only applies to information such as passwords or
cryptographic systems but also to other computer security related operations.
Example: DVD player & Content Scrambling System (CSS) protection. The CSS
is a cryptographic algorithm that protects the DVD movie disks from unauthorized
copying.

5. Complete mediation
The principle of complete mediation restricts the caching of information, which
often leads to simpler implementations of mechanisms. The idea of this principle is
that access to every object must be checked for compliance with a protection
scheme to ensure that they are allowed. As a consequence, there should be wary of
performance improvement techniques which save the details of previous
authorization checks, since the permissions can change over time.
Whenever someone tries to access an object, the system should authenticate the
access rights associated with that subject. The subject's access rights are verified
once at the initial access, and for subsequent accesses, the system assumes that the
same access rights should be accepted for that subject and object. The operating
system should mediate all and every access to an object.
Example: An online banking website should require users to sign-in again after a
certain period like we can say, twenty minutes has elapsed.

6. Separation of Privilege
This principle states that a system should grant access permission based on more
than one condition being satisfied. This principle may also be restrictive because it
limits access to system entities. Thus, before privilege is granted more than two
verification should be performed.
Example: To (change) to root, two conditions must be met-
o The user must know the root password.
o The user must be in the right group (wheel).

7. Least Common Mechanism

This principle states that in systems with multiple users, the mechanisms allowing
resources shared by more than one user should be minimized as much as possible.
This principle may also be restrictive because it limits the sharing of resources.
Example: If there is a need to be accessed a file or application by more than one
user, then these users should use separate channels to access these resources, which
helps to prevent from unforeseen consequences that could cause security problems.

8. Psychological acceptability
This principle states that a security mechanism should not make the resource more
complicated to access if the security mechanisms were not present. The
psychological acceptability principle recognizes the human element in computer
security. If security-related software or computer systems are too complicated to
configure, maintain, or operate, the user will not employ the necessary security
mechanisms. For example, if a password is matched during a password change
process, the password changing program should state why it was denied rather than
giving a cryptic error message. At the same time, applications should not impart
unnecessary information that may lead to a compromise in security.
Example: When we enter a wrong password, the system should only tell us that
the user id or password was incorrect. It should not tell us that only the password
was wrong as this gives the attacker information.

9. Work Factor
This principle states that the cost of circumventing a security mechanism should be
compared with the resources of a potential attacker when designing a security
scheme. In some cases, the cost of circumventing ("known as work factor") can be
easily calculated. In other words, the work factor is a common cryptographic
measure which is used to determine the strength of a given cipher. It does not map
directly to cybersecurity, but the overall concept does apply.
Example: Suppose the number of experiments needed to try all possible four-
character passwords is 244 = 331776. If the potential attacker must try each
experimental password at a terminal, one might consider a four-character password
to be satisfactory. On the other hand, if the potential attacker could use an
astronomical computer capable of trying a million passwords per second, a four-
letter password would be a minor barrier for a potential intruder.

10. Compromise Recording

The Compromise Recording principle states that sometimes it is more desirable to
record the details of intrusion that to adopt a more sophisticated measure to prevent
it.
Example: The servers in an office network may keep logs for all accesses to files,
all emails sent and received, and all browsing sessions on the web. Another
example is that Internet-connected surveillance cameras are a typical example of a
compromise recording system that can be placed to protect a building.

Data Security Consideration

Data security is the protection of programs and data in computers and

communication systems against unauthorized access, modification, destruction,
disclosure or transfer whether accidental or intentional by building physical
arrangements and software checks. It refers to the right of individuals or
organizations to deny or restrict the collection and use of information about
unauthorized access. Data security requires system managers to reduce
unauthorized access to the systems by building physical arrangements and software
checks.
Data security uses various methods to make sure that the data is correct, original,
kept confidentially and is safe. It includes-
o Ensuring the integrity of data.
o Ensuring the privacy of the data.
o Prevent the loss or destruction of data.
Data security consideration involves the protection of data against unauthorized
access, modification, destruction, loss, disclosure or transfer whether accidental or
intentional. Some of the important data security consideration are described below:
Backups
Data backup refers to save additional copies of our data in separate physical or
cloud locations from data files in storage. It is essential for us to keep secure, store,
and backup our data on a regular basis. Securing of the data will help us to prevent
from-
o Accidental or malicious damage/modification to data.
o Theft of valuable information.
o Breach of confidentiality agreements and privacy laws.
o Premature release of data which can avoid intellectual properties claims.
o Release before data have been checked for authenticity and accuracy.
Keeping reliable and regular backups of our data protects against the risk of
damage or loss due to power failure, hardware failure, software or media faults,
viruses or hacking, or even human errors.
To use the Backup 3-2-1 Rule is very popular. This rule includes:
o Three copies of our data
o Two different formats, i.e., hard drive tape backup or DVD (short term)
flash drive
o One off-site backup, i.e., have two physical backups and one in the cloud
Some important backup options are as follows-
1. Hard drives - personal or work computer
2. Departmental or institution server
3. External hard drives
4. Tape backups
5. Discipline-specific repositories
6. University Archives
7. Cloud storage
Some of the top considerations for implementing secure backup and recovery are-
1. Authentication of the users and backup clients to the backup server.
2. Role-based access control lists for all backup and recovery operations.
 3. Data encryption options for both transmission and the storage.
4. Flexibility in choosing encryption and authentication algorithms.
5. Backup of a remote client to the centralized location behind firewalls.
6. Backup and recovery of a client running Security-Enhanced Linux (SE
Linux).
7. Using best practices to write secure software.

Archival Storage
Data archiving is the process of retaining or keeping of data at a secure place for
long-term storage. The data might be stored in safe locations so that it can be used
whenever it is required. The archive data is still essential to the organization and
may be needed for future reference. Also, data archives are indexed and have
search capabilities so that the files and parts of files can be easily located and
retrieved. The Data archival serve as a way of reducing primary storage
consumption of data and its related costs.
Data archival is different from data backup in the sense that data backups created
copies of data and used as a data recovery mechanism to restore data in the event
when it is corrupted or destroyed. On the other hand, data archives protect the
older information that is not needed in day to day operations but may have to be
accessed occasionally.
Data archives may have many different forms. It can be stored as Online, offline,
or cloud storage-
o Online data storage places archive data onto disk systems where it is readily
accessible.
o Offline data storage places archive data onto the tape or other removable
media using data archiving software. Because tape can be removed and
consumes less power than disk systems.
o Cloud storage is also another possible archive target. For example, Amazon
Glacier is designed for data archiving. Cloud storage is inexpensive, but its
costs can grow over time as more data is added to the cloud archive.
The following list of considerations will help us to improve the long-term
usefulness of our achieves-
 1. Storage medium
2. Storage device
3. Revisiting old archives
4. Data usability
5. Selective archiving
6. Space considerations
7. Online vs. offline storage
Storage medium
The first thing is to what storage medium we use for archives. The archived data
will be stored for long periods of time, so we must need to choose the type of
media that will be lost as long as our retention policy dictates.
Storage device
This consideration about the storage device we are using for our archives which
will be accessible in a few years. There is no way to predict which types of storage
devices will stand the best. So, it is essential to try to pick those devices that have
the best chance of being supported over the long term.
Revisiting old archives
Since we know our archive policies and the storage mechanisms we use for
archiving data would change over time. So, we have to review our archived data at
least once a year to see that if anything needs to be migrated into a different
storage medium.
For example, about ten years ago, we used Zip drives for archival then we had
transferred all of my archives to CD. But in today’s? we store most of our archives
on DVD. Since modern DVD drives can also read CDs, so we haven't needed to
move our extremely old archives off CD onto DVD.
Data usability
In this consideration, we have seen one major problem in the real world is archived
data which is in an obsolete format.
For example, a few years ago, document files that had been archived in the early
1990s were created by an application known as PFS Write. The PFS Write file
format was supported in the late 80s and early 90s, but today, there are not any
applications that can read that files. To avoid this situation, it might be helpful to
archive not only the data but also copies the installation media for the applications
that created the data.

Selective archiving
In this consideration, we have to sure about what should be archived. That means
we will archive only a selective part of data because not all data is equally
important.

Space considerations
If our archives become huge, we must plan for the long-term retention of all our
data. If we are archiving our data to removable media, capacity planning might be
simple which makes sure that there is a free space in the vault to hold all of those
tapes, and it makes sure that there is a room in our IT budget to continue
purchasing tapes.
Online vs. offline storage
In this consideration, we have to decide whether to store our archives online (on a
dedicated archive server) or offline (on removable media). Both methods of
archival contain advantages and disadvantages. Storing of data online keeps the
data easily accessible. But keeping data online may be vulnerable to theft,
tampering, corruption, etc. Offline storage enables us to store an unlimited amount
of data, but it is not readily accessible.

Disposal of Data
Data destruction or disposal of data is the method of destroying data which is
stored on tapes, hard disks and other electronic media so that it is completely
unreadable, unusable and inaccessible for unauthorized purposes. It also ensures
that the organization retains records of data for as long as they are needed. When it
is no longer required, appropriately destroys them or disposes of that data in some
other way, for example, by transfer to an archives service.
The managed process of data disposal has some essential benefits-
o It avoids the unnecessary storage costs incurred by using office or server
space in maintaining records which is no longer needed by the organization.
o Finding and retrieving information is easier and quicker because there is less
to search.
The disposal of data usually takes place as part of the normal records management
process. There are two essential circumstances in which the destruction of data
needs to be handled as an addition to this process-
o The quantity of a legacy record requires attention.
o The functions are being transferred to another authority and disposal of data
records becomes part of the change process.
The following list of considerations will help us for the secure disposal of data-
1. Eliminate access
2. Destroy the data
3. Destroy the device
4. Keep the record of which systems have been decommissioned
5. Keep careful records
6. Eliminate potential clues
7. Keep systems secure until disposal

Eliminate access
In this consideration, we have to ensure that eliminating access account does not
have any rights to re access the disposed of data again.

Destroy the Data

In this consideration, there is not necessary to remove data from storage media will
be safe. Even these days reformatting or repartitioning a drive to "erase" the data
that it stores is not good enough. Today's many tools available which can help us to
delete files more securely. To encrypt the data on the drive before performing any
deletion can help us to make data more difficult to recover later.

Destroy the device

In the most cases, storage media need to be physically destroyed to ensure that our
sensitive data is not leaked to whoever gets the drives next. In such cases, we
should not destroy them itself. To do this, there should be experts who can make
probably a lot better at safely and effectively rendering any data on our drives
unrecoverable. If we can't trust this to an outsider agency that specializes in the
secure destruction of storage devices, we should have a specialized team within our
organization who has the same equipment and skills as outside contractors.

Keep the record of which systems have been decommissioned

In this, we have to make sure that the storage media has been fully
decommissioned securely and they do not consist of something easily misplaced or
overlooked. It is best if storage media that have not been fully decommissioned are
kept in a specific location, while decommissioned equipment placed somewhere
else so that it will help us to avoid making mistakes.

Keep careful records

In this consideration, it is necessary to keep the record of whoever is responsible
for decommissioning a storage media. If more than one person is assigned for such
responsibility, he should sign off after the completion of the decommissioning
process. So that, if something happened wrong, we know who to talk to find out
what happened and how bad the mistake is.
In this consideration, we have to clear the configuration settings from networking
equipment. We do this because it can provide crucial clues to a security cracker to
break into our network and the systems that reside on it.

Keep system secure until disposal of data

In this consideration, we should have to make clear guidelines for who should have
access to the equipment in need of secure disposal. It will be better to ensure that
nobody should have access authentication to it before disposal of data won't get his
or her hands on it.

Cyber Security Tools

Protecting our IT environment is very critical. Every organization needs to take

cybersecurity very seriously. There are numbers of hacking attacks which affecting
businesses of all sizes. Hackers, malware, viruses are some of the real security
threats in the virtual world. It is essential that every company is aware of the
dangerous security attacks and it is necessary to keep themselves secure. There are
many different aspects of the cyber defense may need to be considered. Here are
six essential tools and services that every organization needs to consider to ensure
their cybersecurity is as strong as possible. They are described below:

Cyber Security Challenges

Today cybersecurity is the main component of the country's overall national

security and economic security strategies. In India, there are so many challenges
related to cybersecurity. With the increase of the cyber-attacks, every organization
needs a security analyst who makes sure that their system is secured. These
security analysts face many challenges related to cybersecurity such as securing
confidential data of government organizations, securing the private organization
servers, etc.
The recent important cybersecurity challenges are described below:
1. Ransomware Evolution
Ransomware is a type of malware in which the data on a victim's computer is
locked, and payment is demanded before the ransomed data is unlocked. After
successful payment, access rights returned to the victim. Ransomware is the bane
of cybersecurity, data professionals, IT, and executives.
Ransomware attacks are growing day by day in the areas of cybercrime. IT
professionals and business leaders need to have a powerful recovery strategy
against the malware attacks to protect their organization. It involves proper
planning to recover corporate and customers' data and application as well as
reporting any breaches against the Notifiable Data Breaches scheme. Today's
DRaaS solutions are the best defense against the ransomware attacks. With DRaaS
solutions method, we can automatically back up our files, easily identify which
backup is clean, and launch a fail-over with the press of a button when malicious
attacks corrupt our data.
2. Blockchain Revolution
Blockchain technology is the most important invention in computing era. It is the
first time in human history that we have a genuinely native digital medium for
peer-to-peer value exchange. The blockchain is a technology that enables
cryptocurrencies like Bitcoin. The blockchain is a vast global platform that allows
two or more parties to do a transaction or do business without needing a third party
for establishing trust.
It is difficult to predict what blockchain systems will offer in regards to
cybersecurity. The professionals in cybersecurity can make some educated guesses
regarding blockchain. As the application and utility of blockchain in a
cybersecurity context emerges, there will be a healthy tension but also
complementary integrations with traditional, proven, cybersecurity approaches.

3. IoT Threats
IoT stands for Internet of Things. It is a system of interrelated physical devices
which can be accessible through the internet. The connected physical devices have
a unique identifier (UID) and have the ability to transfer data over a network
without any requirements of the human-to-human or human-to-computer
interaction. The firmware and software which is running on IoT devices make
consumer and businesses highly susceptible to cyber-attacks.
When IoT things were designed, it is not considered in mind about the used in
cybersecurity and for commercial purposes. So, every organization needs to work
with cybersecurity professionals to ensure the security of their password policies,
session handling, user verification, multifactor authentication, and security
protocols to help in managing the risk.

4. AI Expansion
AI short form is Artificial intelligence. According to John McCarthy, father of
Artificial Intelligence defined AI: "The science and engineering of making
intelligent machines, especially intelligent computer programs."
It is an area of computer science which is the creation of intelligent machines that
do work and react like humans. Some of the activities related to artificial
intelligence include speech recognition, Learning, Planning, Problem-solving, etc.
The key benefits with AI into our cybersecurity strategy have the ability to protect
and defend an environment when the malicious attack begins, thus mitigating the
impact. AI take immediate action against the malicious attacks at a moment when a
threat impacts a business. IT business leaders and cybersecurity strategy teams
consider AI as a future protective control that will allow our business to stay ahead
of the cybersecurity technology curve.

5. Serverless Apps Vulnerability

Serverless architecture and apps is an application which depends on third-party
cloud infrastructure or on a back-end service such as google cloud function,
Amazon web services (AWS) lambda, etc. The serverless apps invite the cyber
attackers to spread threats on their system easily because the users access the
application locally or off-server on their device. Therefore, it is the user
responsibility for the security precautions while using serverless application.
The serverless apps do nothing to keep the attackers away from our data. The
serverless application doesn't help if an attacker gains access to our data through a
vulnerability such as leaked credentials, a compromised insider or by any other
means then serverless.
We can run software with the application which provides best chance to defeat the
cybercriminals. The serverless applications are typically small in size. It helps
developers to launch their applications quickly and easily. They don't need to
worry about the underlying infrastructure. The web-services and data processing
tools are examples of the most common serverless apps.