CYBER SPHERE AND SECURITY COURSE (SEC)

COURSE CREDITS -2

SYLLABUS
UNIT -1 : INTRODUCING CYBER ‘SPHERE’ AND
‘SECURITY’

 Cyber Terminologies: Cyber Sphere, Cyber Security, Cyber Crime, Cyber

Attack, Cyber Espionage, Cyber Warfare, Cybernetics
 Cyber Security and Paradigms
 Cyber Security: Objectives and Roles
OVERVIEW

In today's interconnected world, where digital technologies permeate every

aspect of our lives, the concept of the cyber 'sphere' and 'security' has become
paramount. Cyber Sphere encompasses all aspects of life that are connected
to or influenced by the internet and related technologies. This includes
everything from our personal devices like smartphones and laptops, to larger
systems like banking, healthcare, and government infrastructure.
The Cyber sphere is vast and constantly evolving, offering numerous benefits
such as improved communication, access to information, and convenience.
However, it also presents new challenges and threats. This is where
‘cybersecurity’ comes into play.
Cybersecurity is the practice of protecting the integrity, confidentiality, and
availability of information in the cyber sphere. It involves implementing
measures to defend against cyber threats such as malware, phishing, and
hacking attempts, and ensuring that systems and data remain secure.
As our reliance on digital technologies continues to grow, so too does the
importance of cybersecurity. Organizations, governments, and individuals
alike must remain vigilant and proactive in defending against cyber threats to
safeguard sensitive information, preserve trust, and uphold the stability and
resilience of the cyber sphere.
CYBER TERMINOLOGIES

Cyber Terminologies are the words and phrases essential for understanding
the intricacies of the digital world. From casual internet users to cybersecurity
experts, familiarity with these terms not only enhances communication but
also bolsters defenses against online threats. Let's see the Important Cyber
Terminoligies that we all should be aware of :-

CYBER SPHERE:

This term refers to the virtual environment where all digital interactions,
communications, and activities occurs .
It includes everything from Internet, digital networks, and all the devices
connected to them, social media engagements and online shopping to critical
infrastructure networks and governmental operations,.

CYBER SECURITY:

This term refers to the measures, protocols, and technologies designed to

protect computers, servers, mobile devices, electronic systems, networks,
and data from digital attacks.
It’s about ensuring confidentiality, integrity, and availability of information in
Cyber Sphere. From firewalls and encryption to multi-factor authentication,
cyber security aims to resist unauthorized access, data breaches, and other
cyber threats.

CYBER CRIME:

This term refers to the illegal activities conducted in cyberspace that

targets or uses computers, networks, and digital devices.
These activities includes stealing data, disrupting operations, or extorting
money hacking, identity theft, phishing, and spreading malware or viruses.
Cybercriminals are like digital outlaws who exploit vulnerabilities for
 personal gain.

CYBER ATTACK:

A cyber attack is a malicious attempt to gain unauthorized

access to computer systems or networks by using various
methods to steal, alter, or destroy data or information systems.
Cyber attacks can be launched by individuals, criminal organizations, or even
nation-states with various motives, such as financial gain, political influence,
or sabotage. Common types of cyber attacks include malware infections,
Distributed denial-of-service (DDoS) attacks, ransomware, and data breaches.

CYBER ESPIONAGE:

Cyber espionage refers to the illegal surveillance of sensitive information

or intelligence data from individuals, organizations, or governments
through digital means.
Nation-states, corporate entities, intelligence agencies, and even criminal
syndicates may engage in cyber espionage. It’s often used to gain trade
secrets, economic, military or political advantage. Techniques used in cyber
espionage include hacking into secure networks, infiltrating systems, and
covertly monitoring or exfiltrating valuable data.

CYBER WARFARE:

This refers to the use of cyber attacks as weapons by nations to disrupt,

damage, or destroy networking systems, military systems, critical
Infrastructre or information networks of adversaries.
It involves employing advanced cyber capabilities to infiltrate, disable,
manipulate, or destroy computer systems, aiming to gain a tactical or strategic
advantage without direct physical confrontation. Cyber warfare has the
potential to disrupt essential services, compromise national security, and
cause significant economic and social damage.
Countries around the world are investing heavily in cyber security to protect
themselves from cyber attacks. However, cyber warfare is a constantly
evolving field, and it is difficult to stay ahead of the curve.

CYBERNETICS:

Cybernetics is the scientific study of control and communication between

humans, machines, and information systems.
It explores the theory, design, and construction of machines that
can mimic or enhance human capabilities. It delves into topics
such as artificial intelligence, robotics, and human-computer
interaction, shaping our understanding of complex systems in both
natural and artificial contexts. Artificial limbs, pacemakers, and even
some prosthetics fall under the umbrella of cybernetics.

CYBER SECURITY:

Cyber security refers to the practice of protecting systems, networks, and

programs from digital attacks.
These cyber attacks are usually aimed at accessing, changing, or destroying
sensitive information, extorting money from users, or interrupting normal
business processes.
In simpler terms, it's about keeping our online information and infrastructure
safe from those who intend to cause harm. It is a broad field that encompasses
a wide range of topics, including:

1) Network security: Protecting the Network infrastructure

2) Application security: Protecting software applications from vulnerabilities.
3) Data security: Protecting data from unauthorized use, or disclosure.
4) Operational security: Protecting organization's IT infrastructure and data.
5) Information security: Protecting information from unauthorized access.
WHY IS IT IMPORTANT ?

As our reliance on technology grows, so do the risks associated with it.

Cyberattacks can disrupt essential services, steal sensitive data, and cause
significant financial losses. Individuals and organizations alike are targets,
making cybersecurity a top priority.

What are threats ?

Some common cybersecurity threats are :-

1) Malware: Malicious software like viruses, worms, and
ransomware can infiltrate systems, steal data, or render them unusable.
2) Phishing: Deceptive emails or messages try to lure users into revealing
personal information or clicking malicious links.
3) Hacking: Unauthorized individuals attempt to gain access to systems or
networks for various malicious purposes.
4) Data breaches: Sensitive information like financial records or personal data
gets exposed due to security vulnerabilities.

Cybersecurity is a critical issue for businesses, governments, and individuals

alike. In the digital age, our personal information, financial data, and other
sensitive information is increasingly stored and transmitted electronically.
This makes it more important than ever to take steps to protect our data from
cyber attacks.

Securing your Defenses:

 Use strong passwords and security measures.

 Be aware of the latest cyber security threats.
 Keep your software up-to-date.
 Use antivirus softwares to protect your computers.
 Be careful about what you click on in emails and text messages.
 Don't give out your personal information to anyone you don't trust.
PARADIGMS

Cybersecurity is not merely a field; it's a dynamic landscape constantly

evolving to counter emerging threats. As the digital landscape continues to
expand, new Patterns have emerged to address the growing complexity and
diversity of cyber threats. These paradigms represent different approaches
and strategies employed to safeguard the cyber sphere.
Lets study some key paradigms shaping Cyber security today:

1) PERIMETER-BASED SECURITY:

The perimeter-based paradigm, also known as the traditional or

castle-and-moat approach, focuses on strengthening the
network perimeter to prevent unauthorized access.
 This Paradigm relied on implementing firewalls, intrusion
detection systems (IDS), and virtual private networks (VPNs) to
create a secure boundary between internal systems and the external
world.
 The goal is to control incoming and outgoing network traffic and
apply access controls to protect sensitive information.
 However, this paradigm has limitations, as it assumes that the
internal network is fully trusted, which may not be the case in
modern network architectures with cloud services, remote workers,
and mobile devices.

2) DEFENSE-IN DEPTH PARADIGM:

The defense-in-depth paradigm acknowledges the limitations of perimeter-

based security and adopts a layered approach to protect against diverse attack
vectors. It involves using a multiple layers of security controls throughout the
IT network infrastructure.
o It ensures that if one layer is breached, other layers can still provide
 protection, minimizing the potential impact of a successful attack.
o This includes implementing measures such as encryption, multi-
factor authentication (MFA), endpoint protection, network
segmentation,intrusion prevention systems (IPS), antivirus software,
access controls and security awareness training.
o By employing a multi-layered defense strategy, organizations can
mitigate the impact of security breaches and enhance their overall
resilience.

3) THE -ZERO TRUST MODEL:

The zero-trust paradigm challenges the traditional notion of trust within a

network. It is based on the idea that no one, inside or outside the organization,
should be trusted by default. Instead, all users must be authenticated and
authorized before they are granted access to any resources.
 This paradigm advocates for strict identity verification
andcontinuous monitoring of all network activities.
 This model shifts the focus from securing the network
perimeter to securing individual users, devices, and data.
 Under the zero-trust model, access controls, authentication, and
authorization mechanisms are implemented at a granular level.
 Users and devices are continuously authenticated and authorized based
on various factors, such as user behavior, device health, and network
context.

4) THREAT INTELLIGENCE:

The threat intelligence paradigm leverages information about past, current,

and emerging cyber threats to enhance cybersecurity defenses. Threat
intelligence involves gathering, analyzing, and spreading information about
potential threats and known attack patterns, including tactics, techniques, and
procedures (TTPs) employed by threat actors.
 Threat intelligence can be obtained from internal sources, such as
security logs and incident response data, as well as external
 sources, including cybersecurity vendors, government agencies,
and industry-specific information sharing platforms.
 This information helps organizations proactively identify and
mitigate potential threats before they can exploit vulnerabilities.

5) User centric paradigm:

The user-centric paradigm recognizes that human behavior plays a critical

role in cybersecurity. It focuses on empowering users to be active participants
in protecting the digital environment.
 This paradigm emphasizes user education and awareness training to
help individuals recognize and respond to potential threats, such as
phishing attacks, social engineering, and unsafe online behaviors.
 In the user-centric paradigm, organizations prioritize user-friendly
security measures, simplified security policies, and ongoing training
programs to foster a security-conscious culture.

6) Resilence and Continuity:

As cyber threats continue to evolve, the paradigm of resilience
and continuity has become increasingly important. Rather than
focusing solely on preventing security breaches, organizations also
prioritize resilience which means- the ability to withstand and recover from
cyber attacks swiftly.
This involves implementing robust incident response plans, regularly testing
backup and recovery procedures, and ensuring business continuity in the face
of disruptions caused by cyber incidents.