Professional Documents
Culture Documents
" Study of Measures To Be Taken For Ensuring: A Micro Project On 2020-21
" Study of Measures To Be Taken For Ensuring: A Micro Project On 2020-21
1 | Page
Sau. Shantidevi Chavan Institute Of Polytechnic
Bhoras, Chalisgaon - 424101
CERTIFICATE
This is to certify that the project study entitled “Study of
measures to be taken for ensuring cyber security.” has
been carried out by :
Amrutkar Chaitali S. (1810040116)
Bagul Dipali D. (1810040111)
Amle Chaitali R. (1810040131)
Deore Shweta P. (1910040163)
Of Diploma Engg.Under the guidance of Prof. J.R.Nerkar
Sir during the academic year 2020-21
To the best of our knowledge this project report has not
been submitted elsewhere for any other course.
2 | Page
INDEX
Sr. No Topic Page No.
1. Abstract 4
2. Introduction 5
3. Why is cyber security important ? 7
4. Cyber Crime 8
5. Types of cyber security threats 9
6. Evaluation of cyber security 11
Advantages And Disadvantages of cyber
7. 12
security
8. The need for cyber security 13
9. Benefits Of Cyber security 14
10. Use Of Cyber security Across Domains 15
11. Features of cyber security 17
12. Conclusion 18
13. Reference 19
3 | Page
ABSTRACT
Proposal of cyber security measures in companie. Cyber security is
currently the most wanted and most challenging research discipline that
is in constant development. Data reference institutions and recognized to
security researchers in 2017 shows that cyber criminals using 'low-tech'
'software were successful in 9 of 10 attacks on various web sites. Most
web sites had serious flaws for a period of 150 days or more. Various
invasions and fraud have cost the company $ 6.6 billion annually. Based
on the research of Oracle java in America is the biggest security risk for
desktop computers. According to reports java is installed on 65% of
computers, 48% of users did not have the latest patches for Java last year
been identified 119 new vulnerabilities in the software.
4 | Page
INTRODUCTION
5 | Page
6 | Page
WHY IS CYBER SECURITY IMPORTANT ?
7 | Page
CYBER CRIME
Cyber crime is a term for any illegal activity that uses a computer as its
primary means of commission and theft. The U. S. Department of
Justice expands the definition of cyber crime to include any illegal
activity that uses a computer for the storage of evidence. The growing
list of cyber crimes includes crimes that have been made possible by
computers, such as network intrusions and the dissemination of
computer viruses, as well as computer-based variations of existing
crimes, such as identify theft, stalking, bullying and terrorism which
have become as major problem to people and nations. Usually in
common man’s language cyber crime may be defined as crime
committed using a computer and the internet to steel a person’s identity
or sell contraband or stalk victims or disrupt operation with malevolent.
8 | Page
TYPES OF CYBER SECURITY THREATS
1. Malware
Malware is malicious software such as spyware, ransomware, viruses
and worms. Malware is activated when a user clicks on a malicious link
or attachment, which leads to installing dangerous software. Cisco
reports that malware, once activated, can:
Block access to key network components (ransomware)
Install additional harmful software
Covertly obtain information by transmitting data from the hard
drive (spyware)
Disrupt individual parts, making the system inoperable
2. Emotet
The Cybersecurity and Infrastructure Security Agency (CISA) describes
Emotet as “an advanced, modular banking Trojan that primarily
functions as a downloader or dropper of other banking Trojans. Emotet
continues to be among the most costly and destructive malware.”
3. Denial of Service
A denial of service (DoS) is a type of cyber attack that floods a
computer or network so it can’t respond to requests. A distributed DoS
(DDoS) does the same thing, but the attack originates from a computer
network. Cyber attackers often use a flood attack to disrupt the
“handshake” process and carry out a DoS. Several other techniques may
be used, and some cyber attackers use the time that a network is disabled
to launch other attacks..
9 | Page
4. Man in the Middle
A man-in-the-middle (MITM) attack occurs when hackers insert
themselves into a two-party transaction. After interrupting the traffic,
they can filter and steal data, according to Cisco. MITM attacks often
occur when a visitor uses an unsecured public Wi-Fi network. Attackers
insert themselves between the visitor and the network, and then use
malware to install software and use data maliciously.
5. Phishing
Phishing attacks use fake communication, such as an email, to trick the
receiver into opening it and carrying out the instructions inside, such as
providing a credit card number. “The goal is to steal sensitive data like
credit card and login information or to install malware on the victim’s
machine,” Cisco reports.
6. SQL Injection
A Structured Query Language (SQL) injection is a type of cyber attack
that results from inserting malicious code into a server that uses SQL.
When infected, the server releases information. Submitting the malicious
code can be as simple as entering it into a vulnerable website search box.
7. Password Attacks
With the right password, a cyber attacker has access to a wealth of
information. Social engineering is a type of password attack that Data
Insider defines as “a strategy cyber attackers use that relies heavily on
human interaction and often involves tricking people into breaking
standard security practices.” Other types of password attacks include
accessing a password database or outright guessing.
10 | P a g e
EVOLUTION OF CYBER SECURITY
Cyber security practices continue to evolve as the internet and digitally
dependent operations develop and change. According to Secure works,
people who study cyber security are turning more of their attention to
the two areas in the following sections.
11 | P a g e
address the latest evolving cyber threats is essential for cyber security
professionals.
Advantages:
1) Protects system against viruses, worms, spyware and other unwanted
programs.
Disadvantages:
1) Firewalls can be difficult to configure correctly.
12 | P a g e
13 | P a g e
THE NEED FOR CYBER SECURITY
But cybersecurity risks aren’t just restricted to large scale firms, they can
be everyday consumers who can potentially fall prey to cybercrime
schemes. According to a report, it only takes five minutes to hack all
your connected devices.
14 | P a g e
BENEFITS OF CYBER SECURITY
15 | P a g e
USE OF CYBER SECURITY ACROSS
DOMAINS
Security Management
This domain is almost overlooked but consists of several tasks,
including risk assessment, overseeing security functions to ensure
operational compliance, changing management procedures and
processes, sensitizing users for awareness.
Identity and Access Management
IAM entails all processes, systems, and procedures used for
managing authentication, assigning identities, and access controls.
The identity process assigns the respective system and users with
their unique names. Whereas authentication establishes a method
for these users to prove their identity.
Security Engineering
This domain has two subset domains i.e., computer operations
security and network security. Security engineering also encompasses
responsibilities around the firewall, router security, intrusion
detection and prevention, email filtering, vulnerability scanning, and
host-based security tools like DLP, antivirus, and endpoint data loss
prevention.
Business Continuity
This domain acts as a recovery center for business operations if and
when they undergo a catastrophic event like a natural disaster. The
domain studies and understands the central avenues that support
the organization and curates a procedure that inhabits all these
16 | P a g e
critical functions for an organization to be operable with lesser data
loss.
Compliance
The compliance domain center oversees the security controls, and
that they comply with the organizational regulations and legislation.
This domain is instrumental in understanding the nuances of these
regulations such that appropriate security controls can be taken and
audited accordingly.
Cryptography
This domain is often over-analyzed and mostly pertains to its
theoretical value. As of its virtual application, it can be as simple as
pushing the right buttons. Cryptography is primarily used for
protecting the integrity, confidentiality, and authenticity of the
information concerned.
Physical Security
This domain is almost overlooked, but mostly refers to the workflow
associated with physical hardware. Physical Security entails a set of
protocol that exists outside the cyberspace but has a direct effect on
the cyberspace if breached. For instance, is the facility fenced? Is the
perimeter being patrolled? Are the data centers secure enough to
provide authorized access only? Do they have an HVAC system
installed?
17 | P a g e
FUTURE OF CYBER SECURITY
It is predicted that the number of active users on the internet will triple
in 2020, reaching 6 billion. The number will exponentially rise to reach
to about 7.5 billion by 2030. So, cybersecurity will be at a cusp of being
mandated by default. AI, for instance, can come to fruition in the future
where developers can use AI for locating vulnerabilities and security
breaches. AI can potentially be used in UI to send warnings to people
whenever they make poor security choices or visit risky websites.
The next thing that is quite plausible would be cyber warfare, an avenue
a few nations might adopt as an alternative to traditional conflicts. This
means the security infrastructure would require the mobility to respond
to an immediate situation.
18 | P a g e
CONCLUSION
19 | P a g e
REFERENCE
https://sites.google.com/site/xinyicyber/the-disadvantages-and-
advantages-of-cyber-security
https://www.researchgate.net/publication/330325833_Cyber_Secur
ity_Measures_In_Companies/link/5c39299e299bf12be3c142ec/do
wnload
https://www-mygreatlearning-
com.cdn.ampproject.org/v/s/www.mygreatlearning.com/blog/benef
its-use-cases-of-cybersecurity-across-different
https://www.nec.co.nz/market-leadership/publications-media/why-
is-cyber-security-important-why-we-need-cyber-security/
20 | P a g e