Notes taken from : https://www.geeksforgeeks.

org/cyber-security-types-and-importance/

Different Types of Cybersecurity

1. Network Security
Focuses on securing computer networks from unauthorized access, data breaches,
and other network-based threats. It involves technologies such
as Firewalls, Intrusion detection systems (IDS), Virtual private
networks (VPNs), and Network segmentation.
 Guard your internal network against outside threats with increased network
security.
 Sometimes we used to utilize free Wi-Fi in public areas such as cafes,
Malls, etc. With this activity, 3rd Party starts tracking your Phone over the
internet. If you are using any payment gateway, then your bank account
can be Empty.
 So, avoid using Free Network because Free Network Doesn’t support
Securities.
2. Application Security
Concerned with securing software applications and preventing vulnerabilities that
could be exploited by attackers. It involves secure coding practices, regular software
updates and patches, and application-level firewalls.
 Most of the Apps that we use on our cell phones are Secured and work
under the rules and regulations of the Google Play Store.
 There are 3.553 million applications in Google Play, Apple App Store has
1.642 million, and Amazon App Store has 483 million available for users
to download. When we have other choices, this does not mean that all apps
are safe.
 Many of the apps pretend to be safe, but after taking all information from
us, the app shares the user information with the 3rd-party.
 The app must be installed from a trustworthy platform, not from some 3rd
party website in the form of an APK (Android Application Package).
3. Information or Data Security
Focuses on protecting sensitive information from unauthorized access, disclosure,
alteration, or destruction. It includes Encryption, Access controls, Data
classification, and Data loss prevention (DLP) measures.
 Incident response refers to the process of detecting, analyzing, and
responding to security incidents promptly.
 Promoting security awareness among users is essential for maintaining
information security. It involves educating individuals about common
security risks, best practices for handling sensitive information, and how to
identify and respond to potential threats like phishing attacks or social
engineering attempts.
  Encryption is the process of converting information into an unreadable
format (ciphertext) to protect it from unauthorized access.
4. Cloud Security
It involves securing data, applications, and infrastructure hosted on cloud platforms,
and ensuring appropriate access controls, data protection, and compliance. It uses
various cloud service providers such as AWS, Azure, Google Cloud, etc., to ensure
security against multiple threats.
 Cloud-based data storage has become a popular option over the last
decade. It enhances privacy and saves data on the cloud, making it
accessible from any device with proper authentication.
 These platforms are free to some extent if we want to save more data than
we have to pay.
 AWS is also a new Technique that helps to run your business over the
internet and provides security to your data
5. Mobile Security
It involves securing the organizational and personal data stored on mobile devices
such as cell phones, tablets, and other similar devices against various malicious
threats. These threats are Unauthorized access, Device loss or Theft, Malware, etc.
 Mobile is a very common device for day-to-day work. Everything we
access and do is from a mobile phone. Ex- Online class, Personal Calls,
Online Banking, UPI Payments, etc.
 Regularly backing up mobile device data is important to prevent data loss
in case of theft, damage, or device failure.
 Mobile devices often connect to various networks, including public Wi-Fi,
which can pose security risks. It is important to use secure networks
whenever possible, such as encrypted Wi-Fi networks or cellular data
connections.
6. Endpoint Security
Refers to securing individual devices such as computers, laptops, smartphones, and
IoT devices. It includes antivirus software, intrusion prevention systems (IPS),
device encryption, and regular software updates.
 Antivirus and Anti-malware software that scans and detects malicious
software, such as Viruses, Worms, Trojans, and Ransomware. These
tools identify and eliminate or quarantine malicious files, protecting the
endpoint and the network from potential harm.
 Firewalls are essential components of endpoint security. They monitor and
control incoming and outgoing network traffic, filtering out potentially
malicious data packets.
 Keeping software and operating systems up to date with the latest security
patches and updates is crucial for endpoint security.
5. Critical Infrastructure Security
  All of the physical and virtual resources, systems, and networks that are
necessary for a society’s economics, security, or any combination of the
above to run smoothly are referred to as critical infrastructure. Food and
agricultural industries, as well as transportation systems, comprise critical
infrastructure.
 The infrastructure that is considered important might vary depending on a
country’s particular demands, resources, and level of development, even
though crucial infrastructure is comparable across all nations due to basic
living requirements.
 Industrial control systems (ICS), such as supervisory control and data
acquisition (SCADA) systems, which are used to automate industrial
operations in critical infrastructure industries, are frequently included in
critical infrastructure. SCADA and other industrial control system attacks
are very concerning. They can seriously undermine critical infrastructure,
including transportation, the supply of oil and gas, electrical grids, water
distribution, and wastewater collection.
 Due to the links and interdependence between infrastructure systems and
sectors, the failure or blackout of one or more functions could have an
immediate, detrimental effect on several sectors.
6. Internet of Things (IoT) Security
 Devices frequently run on old software, leaving them vulnerable to
recently identified security vulnerabilities. This is generally the result of
connectivity problems or the requirement for end users to manually
download updates from a C&C center.
 Manufacturers frequently ship Internet of Things (IoT) devices (such as
home routers) with easily crackable passwords, which may have been left
in place by suppliers and end users. These devices are easy targets for
attackers using automated scripts for mass exploitation when they are left
exposed to remote access.
 APIs are frequently the subject of threats such as Man in the Middle
(MITM), code injections (such as SQLI), and distributed denial of service
(DDoS) attacks since they serve as a gateway to a C&C center. You can
read more about the effects of attacks that target APIs here.