Cyber Security

Cyber Security
is the practice of defending
computers, servers, mobile
devices, electronic systems,
networks, and data from malicious
attacks. It's also known as
information technology security or
electronic information security.
➢ There are 3 threats countered by cyber-security

❖ Cybercrime includes single actors

or groups targeting systems for
financial gain or to cause
disruption.

❖ Cyber-attack often involves

politically motivated information
gathering.

❖ Cyberterrorism is intended to
undermine electronic systems to
cause panic or fear.
❑ Common Categories of Cyber Security
❖ Network security
is the practice of securing a computer
network from intruders, whether targeted
attackers or opportunistic malware.
❖ Application Security
focuses on keeping software and
devices free of threats. A compromised
application could provide access to the data
its designed to protect. Successful security
begins in the design stage, well before a
program or device is deployed.

❖ Information Security
protects the integrity and privacy of
data, both in storage and in transit.
❖ OperationalSecurity
includes the processes and decisions
for handling and protecting data assets.
The permissions users have when
accessing a network and the procedures
that determine how and where data may
be stored or shared all fall under this
umbrella.

❖ Disaster Recovery and Business

continuity define how an organization
responds to a cyber-security incident or
any other event that causes the loss of
operations or data. Disaster recovery
policies dictate how the organization
restores its operations and information to
return to the same operating capacity as
before the event. Business continuity is the
plan the organization falls back on while
trying to operate without certain resources.
❖ End-user Education addresses the most
unpredictable cyber-security factor: people.
Anyone can accidentally introduce a virus
to an otherwise secure system by failing to
follow good security practices. Teaching
users to delete suspicious email
attachments, not plug in unidentified USB
drives, and various other important lessons
is vital for the security of any organization.
❑ Different types of Cyber Security
threats
❖ Malware is a form of malicious software in
which any file or program can be used to
harm a computer user. Different types of
malware include worms, viruses, Trojans
and spyware.

❑ Types of Malware
❖ Virus: A self-replicating program that
attaches itself to clean file and spreads
throughout a computer system, infecting
files with malicious code.

❖ Trojans: A type of malware that is disguised

as legitimate
❖ Ransomware is another type of malware
that involves an attacker locking the victim's
computer system files -- typically through
encryption -- and demanding a payment to
decrypt and unlock them.
❖ Social Engineering is an attack that relies
on human interaction. It tricks users into
breaking security procedures to gain
sensitive information that is typically
protected.

❖ Phishing is a form of social engineering

where fraudulent email or text messages
that resemble those from reputable or
known sources are sent. Often random
attacks, the intent of these messages is to
steal sensitive data, such as credit card or
login information.
❖ Spear phishing is a type of phishing that
has an intended target user, organization
or business.

❖ Insider threats are security breaches or

losses caused by humans -- for example,
employees, contractors or customers.
Insider threats can be malicious or
negligent in nature.

❖ Distributed denial-of-service (DDoS)

attacks are those in which multiple systems
disrupt the traffic of a targeted system,
such as a server, website or other network
resource. By flooding the target with
messages, connection requests or
packets, the attackers can slow the system
or crash it, preventing legitimate traffic from
using it.
❖ Advanced persistent threats (APTs) are
prolonged targeted attacks in which an
attacker infiltrates a network and remains
undetected for long periods of time with the
aim to steal data.

❖ Man-in-the-middle (MitM) attacks are

eavesdropping attacks that involve an
attacker intercepting and relaying
messages between two parties who
believe they are communicating with each
other.

❖ Other common attacks include botnets,

drive-by-download attacks, exploit kits,
malvertising, vishing, credential stuffing
attacks, cross-site scripting (XSS) attacks,
SQL injection attacks, business email
compromise (BEC) and zero-day exploits
❑ Benefits of Cyber Security

❖ Business protection against cyberattacks

and data breaches.
❖ Protection for data and networks.

❖ Prevention of unauthorized user access.

❖ Improved recovery time after a breach.

❖ Protection for end users and endpoint
devices.
❖ Regulatory compliance.

❖ Business continuity.
❖ Improved confidence in the company's
reputation and trust for developers,
partners, customers, stakeholders and
employees.

❑ Cyber Safety Tips

Create a strong password for all
platforms, to create unique pass. Most
important the password not related at all in
this way. Hackers will not succeed in their
pass. Guessing mythology.

❑ Importance of Cyber Security

To Helps protect sensitive data
such as personal information, financial
data and intellectual property from an
authorized access & theft.
❑ Who need’s Cyber Security
Identities, individuals, government,
for-profit - companies, not for - profit
organization and educational institutions.