Government College University, Faisalabad

Information Technology & Innovation in

Business
Name:
Momina Irfan

Submitted to
Sir Zubair
 ASSIGNMENT

What is Cyber Security?

Cyber security is the protection of network connections (including software and data) from
online threats. It is used by individuals and businesses to prevent unauthorized access to data
centers and other computer systems. Cyber security also helps prevent attacks that attempt to
disrupt or disrupt a system or device. The best cyber security approach should provide multiple
layers of protection at all points of entry or attack. This includes security measures for your data,
software, hardware, and network connections. Additionally, anyone within the organization who
has access to these endpoints must be trained on compliance and security procedures.
Organizations are also using tools like integrated threat management as another layer of threat
protection. These tools can detect, isolate, and remove potential threats and alert users when
further action is needed. Cyber attacks can affect victims in a variety of ways. Therefore,
establishing secure cyber security is an important part of any organization. Organizations should
also have a disaster recovery plan in place to ensure they can recover quickly if a cyber attack is
successful.

Why is cyber security important?

In today's businesses, cybers ecurity has become more important than ever as the number of
users, devices, and programs increases along with the amount of data (much of it secret or
confidential). However, the number and complexity of cyber attacks and attack methods is
making the problem worse. Without a proper cyber security strategy in place and staff properly
trained in security best practices, attackers can completely disrupt an organization's operations.

Elements of cyber security

 Application security.
 Information security or data security.
 Network security.
  Disaster recovery and business continuity planning. Operational security. Cloud
security.
 Security of critical infrastructure.
 Physical security.

End user training. Maintaining cyber security in an ever-changing threat landscape is a

challenge for every organization. The traditional reactive approach of focusing resources on
protecting systems against the biggest known threats and leaving lesser-known threats
unprotected is no longer a sufficient tactic. Keeping pace with changing security risks requires a
more proactive and adaptive approach. Several major cyber security advisory bodies provide
guidance. What are the benefits of cyber security? Practicing cyber security provides the
following benefits:

 Protect your business from cyber attacks and data breaches.

 Protect your data and network.
 Deny access to unauthorized users.
 Reduces recovery time after hacking. Protects end users and end devices agreement.
 Business continuity.

What types of cyber security threats are there?

Keeping up with new technologies, security trends, and threat intelligence is no easy task. This is
necessary to protect information and other assets from cyber threats that come in many forms.
Types of cyber threats include:
 Malware is a form of malicious software that can use files or programs to cause harm to
your computer. Different types of malware include worms, viruses, Trojan horses, and
spyware. Ransom ware is a type of malware in which an attacker locks a victim's
computer system files (usually through encryption) and demands a fee to decrypt and un
lock them.

 Phishing is a form of social engineering that involves sending fraudulent emails or text
messages that resemble messages from reputable or well-known sources. The purpose of
phishing emails is often brute-force attacks aimed at stealing sensitive data, such as
credit card information or login information. Spear Phishing is a type of phishing that
targets users, organizations, and businesses.

 A distributed denial of service (DDoS) attack is an attack in which multiple systems

disrupt traffic to a target system, such as a server, website, or other network resource.
DDoS attacks can flood a target with messages, connection requests, or packets, slowing
down or crashing the system, making it unusable for legitimate traffic. Advanced
persistent threats (APTs) are long-term, targeted attacks in which attackers infiltrate
networks and remain undetected for long periods of time. The purpose of APT is to steal
data.

 A Man-in-the-Middle (MitM) attack is an eaves dropping attack that intercepts and

transmits messages between two parties that the attacker believes are communicating
with each other.

 SQL injection is a technique used by attackers to access a web application's database by

appending strings of malicious SQL code to database queries. SQL injection provides
access to sensitive data and allows attackers to execute malicious SQL statements. Other
common attack types include botnets, disk loading attacks, exploit kits, malvertising,
vishing, credential stuffing attacks, cross-site scripting attacks, keyloggers, worms, and
zero-day exploits.
What are the key cybersecurity issues?

Cyber security is constantly under threat from hackers, data loss, privacy, risk management, and
changing cyber security strategies. The number of cyber attacks is not expected to decrease
anytime soon.

Key issues that continue to be addressed include: an evolving threat

One of the most concerning aspects regarding cyber security is the changing nature of security
risks. As new technologies emerge and are used in new or different ways, new attack vectors
develop. It can be difficult to keep up with the frequent changes and developments in these
attacks and update your defenses against them. The challenge is to keep all cyber security
elements up to date to protect against potential vulnerabilities. This can be especially difficult for
small organizations that do not have sufficient staff or resources of their own. data stream
 Organizations can potentially collect a lot of data about the people who use their services. The
more data cybercriminals collect, the more likely they are to steal your personally identifiable
information (PII). For example, organizations that store personal data in the cloud may be subject
to ransomware attacks.

Cyber security Training

Cyber security programs should also focus on end-user training. Employees can inadvertently
bring threats and vulnerabilities into the workplace through their laptops or mobile devices. They
may also act inappropriately, such as clicking links or downloading attachments in phishing
emails. Regular security training helps employees do their part to protect your company from
cyber threats.

Labor and skills shortages

Another cybersecurity issue is the lack of qualified cybersecurity personnel. As the amount of
data collected and used by businesses increases, so does the need for cybersecurity professionals
to analyze, manage, and respond to incidents. Cybersecurity association ISC2 estimates that the
gap between needed cybersecurity jobs and security professionals will reach 4 million in 2023, a
12.6% increase from 2022.

Supply chain attacks and third-party risks

Organizations can do everything they can to ensure security, but all these efforts will be in vain
if partners, vendors, and third-party providers with network access do not act securely. Supply
chain attacks using software and hardware are becoming an increasingly serious security
problem. Organizations must eliminate third-party risks from their supply chain and reduce
software delivery issues using software specifications and more.

Cybersecurity Best Practices

To minimize the likelihood of a cyberattack, it is important to implement and follow a number

of best practices, including:

Keep your software up to date. Keep all software, including antivirus software, up to date. This
prevents attackers from exploiting known vulnerabilities that have already been patched by
software companies. Change the default username and password. An attacker can easily guess
your device's username and password with factory default settings and gain network access.

Use a strong password. Employees should choose passwords that contain a combination of
letters, numbers, and symbols that are difficult to crack by brute force or guessing. Employees
should also change their passwords frequently. Use multi-factor authentication (MFA). Gaining
MFA access requires two or more authentication components, minimizing the chance of an
attacker gaining access to your device or system.

Train employees with appropriate safety knowledge. This can help employees better understand
how seemingly innocuous behavior can make systems vulnerable to attack. This should include
training on how to spot suspicious emails to prevent phishing attacks. Implement an identity and
access management (IAM) system. IAM defines the roles and access rights of each user within
your organization, and the conditions under which they can access specific data.

Implement an attack surface management system. This process involves continuous discovery,
inventory, classification, and monitoring of an organization's IT infrastructure. This helps protect
all potentially vulnerable IT assets within your organization. Use a firewall. A firewall restricts
unnecessary outgoing traffic, preventing access to potentially harmful content.

Implement disaster recovery processes. In the event of a successful cyberattack, a disaster

recovery plan can help your organization continue operations and recover important data.

How is automation used in cybersecurity? Automation has become an essential

component in protecting businesses from increasingly numerous and complex cyber threats.
Using artificial intelligence (AI) and machine learning in data-rich areas can help improve
cybersecurity in three key categories:

Threat detection: AI platforms can analyze data and recognize known threats, as well as
predict new threats that use newly discovered attack methods to bypass existing security systems.

Reaction to threat: The artificial intelligence platform creates and automatically

implements security measures. Human augmentation. Security professionals are often
overwhelmed with notifications and repetitive tasks. AI helps eliminate alert fatigue by
automatically triaging low-risk alerts and automating big data analytics and other repetitive
tasks, freeing people to focus on more complex tasks.

Other benefits of cyber security automation include attack triage, malware classification, traffic
analysis, and compliance analysis.

Cyber security vendors and tools

 Cyber security providers offer a variety of security products and services that fall into the
following categories:

 Endpoint protection.
 Anti-malware and antivirus.
 Intrusion prevention and detection systems.
 Avoid data loss. Endpoint detection and response.
 Security information and event management.
 encryption.
 Vulnerability scanner.
 Virtual private network. Cloud workload protection platform.
 Cloud access security broker.

Examples of cyber security service providers include:

 Checkpoint software.
 Cisco.
 Code42 Software, Ltd. Crowd strike.
 eyes of fire.
 Fortinet.
 IBM.
 Imperva. Novipo Co., Ltd.
 McAfee.
 Microsoft.
 Palo Alto Networks.
 Rapid7. Splank.
 Symantec from Broadcom.
 Trend Micro.
 Trust wave.

What are the career opportunities in cyber security?

As the cyber threat landscape continues to grow and new threats emerge, organizations need
personnel with cyber security knowledge and skills in the use of hardware and software.

IT professionals and other computer specialists are needed in the following security roles:

 Chief information security officer (CISO). A CISO is the person who implements the
security program across the organization and oversees the IT security department's
operations.

 Chief security officer (CSO). A CSO is the executive responsible for the physical and cyber
security of a company.

 Computer forensics analysts. They investigate computers and digital devices involved in
cybercrimes to prevent a cyber attack from happening again. Computer forensics analysts
uncover how a threat actor gained access to a network, identifying security gaps. This
position is also in charge of preparing evidence for legal purposes.

 Security engineers. These IT professionals protect company assets from threats with a focus
on quality control within the IT infrastructure.
 Security architects. These people are responsible for planning, analyzing, designing, testing,
maintaining and supporting an enterprise's critical infrastructure.

 Security analysts. These IT professionals plan security measures and controls, protect
digital files, and conduct both internal and external security audits.

 Security software developers. These IT professionals develop software and ensure it's
secured to help prevent potential attacks.

 Network security architects. Their responsibilities include defining network policies and
procedures and configuring network security tools like antivirus and firewall configurations.
Network security architects improve the security strength while maintaining network
availability and performance.

 Penetration testers. These are ethical hackers who test the security of systems, networks
and applications, seeking vulnerabilities that malicious actors could exploit.

 Threat hunters. These IT professionals are threat analysts who aim to uncover
vulnerabilities and attacks and mitigate them before they compromise a business.

Other cyber security careers include security consultants, data protection officers, cloud security
architects, security operations managers and analysts, security investigators, cryptographers and
security administrators.

Entry-level cyber security positions typically require one to three years of experience and a
bachelor's degree in business or liberal arts, as well as certifications such as CompTIA Security+.
Jobs in this area include associate cyber security analysts and network security analyst positions,
as well as cyber security risk and SOC analysts.

Mid-level positions typically require three to five years of experience. These positions typically
include security engineers, security analysts and forensics analysts.

Senior-level positions typically require five to eight years of experience. They typically include
positions such as senior cyber security risk analyst, principal application security engineer,
penetration tester, threat hunter and cloud security analyst.
Higher-level positions generally require more than eight years of experience and typically
encompass C-level positions.

Advancements in cyber security technology

As newer technologies evolve, they can be applied to cyber security to advance security
practices. Some recent technology trends in cyber security include the following:

 Security automation through AI. While AI and machine learning can aid attackers, they
can also be used to automate cybe rsecurity tasks. AI is useful for analyzing large data
volumes to identify patterns and for making predictions on potential threats. AI tools can also
suggest possible fixes for vulnerabilities and identify patterns of unusual behavior.

 Zero-trust architecture. Zero-trust principles assume that no users or devices should be

considered trustworthy without verification. Implementing a zero-trust approach can reduce
both the frequency and severity of cyber security incidents, along with other zero-trust
benefits.

 Behavioral biometrics. This cyber security method uses machine learning to analyze user
behavior. It can detect patterns in the way users interact with their devices to identify
potential threats, such as if someone else has access to their account.

 Continued improvements in response capabilities. Organizations must be continually

prepared to respond to large-scale ransomware attacks so they can properly respond to a
threat without paying any ransom and without losing any critical data.

 Quantum computing. While this technology is still in its infancy and still has a long way to
go before it sees use, quantum computing will have a large impact on cyber security practices
-- introducing new concepts such as quantum cryptography.