Cyber security theory

Information security
What is cyber security ?
Cyber security is the protection of data from unauthorized
access, modification, or destruction.

Main objectives:

● Confidentiality – access to data is granted only to

authorized users.
● Integrity – protecting data from alteration and corruption.
● Accessibility – ensuring the flawless operation of systems.

Cyber security
The main threats to cyber security

Cyber attacks - account Unauthorized access – the use

hacking attempts, virus of someone else's credentials or
attacks, and phishing lack of protection

Malware – viruses, spyware, Human factor – user errors and

trojans accidental data leakage

Cyber security
Data protection methods

➢ Authentication and authorization – verification of the user's identity.

➢ Data encryption – the protection of stored information.

➢ Access control – configuring user permissions.

➢ Antivirus systems – malware protection.

➢ Backup – preventing data loss.

Cyber security
Protection from password guessing

Using complex passwords and multi-factor

authentication

Enabling rate limiting to prevent brute-force

attacks

Automatic account suspension after multiple failed

login attempts.

Example:
If someone tries to log into a bank account and enters the wrong password 5 times, the system
will temporarily block the login.

Cyber security
Secure network connection

Using VPNs (virtual private networks) for remote

access.

Avoiding public Wi-Fi networks or using them only

with additional protection.

Regular software updates to protect against

vulnerabilities

Example:
An employee works from a cafe and connects to public Wi-Fi. If he or she doesn't use a VPN, an
attacker can intercept their data.

Cyber security
Physical computer security

Automatic logout when user is inactive.

Screen lock in case of temporary user absence.

Using biometric authentication or smart cards.

Example:
An employee left an unlocked laptop in the office and the attacker gained access to it.

Cyber security
Data encryption
Converting information into an encrypted form that can only be accessed
with a key. It is used to protect databases, files, and correspondence.

Basic methods:

Symmetric Asymmetric (public and

(one key) private keys).

Example:
Messengers use end-to-end encryption so that only the sender and recipient can read
the messages.

Cyber security
Malicious attachments and
mail protection
Filters and antivirus scanners protect against viruses
in emails.

When receiving emails:

Do not open suspicious attachments, Use spam filters and verify the
even if you know the sender. sender's domain.

Example:
An employee received an email with an attachment "Invoice.ехе ". If the email is opened,
a virus is installed on the computer.

Cyber security
Restrict access to systems

Differentiate user rights Log all user actions for security

(administrators, users, guests). monitoring.

Use the role-based access model (RBAC).

Example:
A company accountant can see employee salaries, but cannot edit them without
the approval of the executive.

Cyber security
Security monitoring and auditing
Includes:

Regular check of logs Performing Updating passwords

for suspicious activity. penetration tests to and credentials for
find vulnerabilities. former employees.

Example:
A company conducts a security audit and discovers that many employees
have weak passwords.

Cyber security
Human factor and user training
Training employees to recognize
Conducting cyber security trainings. phishing attacks.

Actions taken by management to protect information

Regularly remind employees of the rules for

handling confidential information.

Example:
A company sent test phishing emails to employees. Half of the employees have opened them,
which means additional training is needed.

Cyber security
Modern protection technologies

Biometric authentication
(fingerprints, Face ID)

Artificial intelligence to analyze abnormal activity

Blockchain for secure data storage

Example:
An AI system notices that a user has logged into their account from a different country and
requests additional verification.
Cyber security
What should be done
in the event of an incident?

Disconnect infected devices from the network.

Notify the IT service or the security administrator.

Perform a system check and restore the data.

Develop a plan to prevent similar incidents in the future.

Cyber security
Results and key conclusions

Information security is a set of measures taken to protect data.

● It is important to use authentication, encryption, and access control.

● It is required to regularly update the software and to train the users.
● Automated systems help identify and prevent threats.

Cyber security