Professional Documents
Culture Documents
(1658) Cyber Final Draft
(1658) Cyber Final Draft
SUBMITTED BY:
Sweta Kumari
Roll No. - 1658
B.B.A LL.B
SUBMITTED TO:
Mr. Kumar Gaurav
FACULTY OF “CYBER LAW”
OCTOBER, 2020
I hereby declare that the work reported in the B.B.A. LL.B (Hons.) Project Report entitled
“CYBERSECURITY: ISSUES AND CHALLENGES” submitted at Chanakya National Law
University; Patna is an authentic record of my work carried out under the supervision of Mr.
Kumar Gaurav. I have not submitted this work elsewhere for any other degree or diploma. I
am fully responsible for the contents of my Project Report.
i
ACKNOWLEDGEMENT
- SwetaKumari
- 9th Semester
- B.BA LL.B
ii
TABLE OF CONTENTS
ACKNOWLEDGEMENT.........................................................................................................ii
TABLE OF CONTENTS..........................................................................................................iii
RESEARCH QUESTION.........................................................................................................iv
HYPOTHESES.........................................................................................................................iv
RESEARCH METHODOLOGY..............................................................................................iv
SOURCES OF DATA................................................................................................................v
LIMITATIONS..........................................................................................................................v
INTRODUCTION......................................................................................................................1
BIBLIOGRAPHY....................................................................................................................18
iii
AIMS AND OBJECTIVES
RESEARCH QUESTION
HYPOTHESES
Digitization brings with it endless opportunities for innovation. It still has a long way
to go before becoming a fully secure ecosystem that is programmed to regulate and
control itself. Decision-makers should ensure that all systems in their company adhere
to the latest high-security standards.
Employees must also be trained in basic cyber-security protocols too. This
is especially true of non-tech employees. For instance, everyone needs to know how
to identify a phishing email and how to quarantine it, while notifying the proper
authority, both internal and external.
iv
RESEARCH METHODOLOGY
For this study, doctrinal research method was utilised. Various articles, e-articles, reports and
books from library were used extensively in framing all the data and figures in appropriate
form, essential for this study.
The method used in writing this research is primarily analytical.
SOURCES OF DATA
In order to complete the research study, the researcher will collect the material through
various primary and secondary sources of data.
PRIMARY SOURCES such as the occasional policy papers of the State, statutes,
commentaries, case-law, juristic opinions, policy formulations of various governmental
bodies, the reports published by governmental, non-governmental and international
organisations.
SECONDARY SOURCES reviewing the text books, existing literature on the area, the
views and perspectives of stake holders, policy makers and all other relevant sections of
the society which includes the efforts of charitable organizations, non-governmental
organizations and philanthropists.
LIMITATIONS
Since the researcher is a student of law, she has access to a limited area and knowledge.
The researcher having only a preliminary knowledge of the subject could understand the
problem clearly but was faced with constraints.
The researcher has limited time for the project. The historical need and background are
also necessary for having a bird’s eye view of the particular topic and it gets developed
v
only by effective and extended reading over a long period of time. The researcher has a
restricted access to information and sources for reasons beyond her control. But the
researcher will still attempt to take out the best possible work.
vi
INTRODUCTION
Cyberspace comprises IT networks, computer resources, and all the fixed and mobile devices
connected to the global Internet. A nation’s cyberspace is part of the global cyberspace; it
cannot be isolated to define its boundaries since cyberspace is borderless. This is what makes
cyberspace unique. Unlike the physical world that is limited by geographical boundaries in
space—land, sea, river waters, and air—cyberspace can and is continuing to expand.
Increased Internet penetration is leading to growth of cyberspace, since its size is proportional
to the activities that are carried through it.
Nations are investing heavily in their ICT infrastructures with a view to providing higher
bandwidths, integrate national economies with the global marketplace, and to enable citizens
or “netizens” to access more and more e-services.
Given the security problems, there is increased emphasis on, and investment in, the security
of cyber infrastructure. Core Internet protocols are insecure, and an explosion of mobile
devices continues to be based on the same insecure systems. This is adding up to increased
usage of the Internet in more vulnerable cyberspace.
Protection of critical infrastructure operations has emerged as a major challenge. This is
because trillions of dollars move through the networks every day involving a broad range of
activities, including e-commerce, e-governance, travel, hospitality, health care, and general
communications. Electricity distribution, water distribution, and several other utility services
are based on ICT infrastructures. The defense sector relies heavily on electronic systems.
Critical infrastructure is largely owned and operated by the private sector. But is security only
the private sector’s responsibility? Does this mean that government has a lesser role? These
are some of the important cybersecurity issues that nations are grappling with. At an
organizational level, too, cybersecurity is not merely a technology issue, but a management
issue. This is grounded in enterprise risk management, which calls for an understanding of
the human, process, legal, network, and ICT security aspects.
It is obvious that multiple agencies are involved in securing ICT infrastructure. These include
private operators for their respective pieces of the infrastructure. Their efforts need to be
firmly coordinated through an integrated command-and-control entity, which should serve as
a unifying structure that is accountable for cybersecurity.
Roles and responsibilities of each of the parties need to be clearly defined. At the same time,
governments need to establish the appropriate policy and legal structures. Nations, such as
1|Page
the United States, have advocated for a market-based, voluntary approach to industry
cybersecurity as part of the National Strategy to Secure Cyberspace. But this has not worked
entirely, because security investments made by industry, as per their corporate needs, are not
found to be commensurate with the broader national interest. How will the additional private
investments be generated? Is there a case for government incentives, as part of an incentive
program to bridge the gap between those security investments already made and those
additional ones that are needed to secure critical infrastructure?
Several security surveys point to this need. They reveal a lack of adequate knowledge among
executives about security policy and incidents, the latest technological solutions, data
leakage, financial loss, and the training that is needed for their employees.
Since cyberspace is relatively new, legal concepts for “standards of care” do not exist. Is
there a case for governments to offer incentives to generate collective action? For example,
they could provide reduced liability or tax incentives as a trade-off for improved security,
new regulatory requirements, and compliance mechanisms. Governments need to provide
incentives for industry to invest in security at a level that is not justified by corporate business
plans.
2|Page
MEANING, IMPORTANCE AND TYPES OF CYBERSECURITY
1
AnirudhRastogi, Cyber Law, Lexis Nexis, 2014
3|Page
This includes the processes and decisions for handling and protecting data assets. The
permissions users have when accessing a network and the procedures that determine how and
where data may be stored or shared all fall under this umbrella.2
Disaster recovery and business continuity
Disaster recovery and business continuity define how an organization responds to a cyber-
security incident or any other event that causes the loss of operations or data. Disaster
recovery policies dictate how the organization restores its operations and information to
return to the same operating capacity as before the event. Business continuity is the plan the
organization falls back on while trying to operate without certain resources.
End-user education
This addresses the most unpredictable cyber-security factor: people. Anyone can accidentally
introduce a virus to an otherwise secure system by failing to follow good security practices.
Teaching users to delete suspicious email attachments, not plug in unidentified USB drives,
and various other important lessons is vital for the security of any organization.3
2
https://www.toptal.com/finance/finance-directors/cyber-security
3
Hemavathy (2010), “Emerging Cyber Threats and Counter Measures for Protecting Defense Network”
Proceedings from Conference on Cyber Security, “Emerging Cyber Threats & Challenges, (2010)” CII,
Confederation of Indian Industry, Chennai
4
Ibid.
4|Page
cybersecuritymeasure among organizations of all types. This will serve as a motivation for
cybercriminals to up their game by staging new and more sophisticated attacks in the future.5
Wide-ranging security vulnerabilities, faster and more sophisticated cyber attacks are all
making it extremely difficult for security experts to prevent those threats. Thus, there should
be a proper cybersecurity plan in place to prevent cyber attacks from causing any damage.
The ComodoCybersecurity is a global innovator of cybersecurity solutions, offering unique
cybersecurity solutions that cater to the need of organizations of all sizes.
ComodoCybersecurity provides complete end-to-end security solutions. Our solutions offer
360-degree protection across the boundary, internal network, and endpoint against even the
most advanced malware threats, both known and unknown.
5
https://blog.logsign.com/cyber-security-issues-and-challenges-in-2019/
5|Page
PRINCIPLES AND INCIDENTS OF CYBERSECURITY
The principles or the steps to cybersecurity are for enterprises and businesses that are looking
to protect themselves from the attacks in cyberspace. It’s a 10 steps guidance which was
originally produced by NCSC (National Cyber Security Center).
6
https://www.cyber.gov.au/acsc/view-all-content/guidance/cyber-security-principles
6|Page
connecting to an unsecured network, for an instance – HTTP, over the internet, poses a big
risk of getting your systems to be attacked or infected by bugs that lie at the other end. So
policies and appropriate architectural and technical responses must be established which will
serve as a baseline for networking. It will ensure the inbound and outbound networking rules
that must be implemented to secure your network perimeter. E.g., the inbound connections
(outside to inside) should first face the network firewall and should be filtered for threats and
then finally should be passed to the destination system. By implementing these policies, any
organization can reduce the chances of becoming a victim of cyber-attack. Furthermore,
SIEM (security information and event management) solution should further be implemented;
SOC centers should be established to use the technologies to effectively monitor your
network.7
4. Managing User Privileges
All the users should be provided with reasonable (and minimal) access privileges that would
allow them to just go fine with their work. If users are granted more access than they need, it
will be misuse and a much bigger risk to information security. Also, the granting of highly
elevated privileges should be very carefully controlled and managed.
5. User Education and Awareness
End users and organization’s people play a vital role in keeping an organization safe and
secure. If end-users are not aware of the policies, risk management regime that has been set
and defined by the organization, these policies will fail its purpose. End-users must be
provided with security awareness training and regular training should be conducted to ensure
the users are aware of the organization’s policies and threats that may lead to security
breaches. On the other hand, the cybersecurity professionals of the organization should be
highly trained and should be ready to combat mode at any point in time if any breaches
happen.8
6. Incident Management
A SIEM solution will always create security-related incidents to you. An organization should
establish effective incident management policies to support the business and ensure security
throughout the organization and at all the endpoints, endpoints at rest (Like desktop) as well
as endpoints in motion (Like laptops, Mobile Phones, etc.).
7. Malware Prevention
7
https://www.cyber.gov.au/acsc/view-all-content/guidance/cyber-security-principles
8
Ibid.
7|Page
It requires the establishment of policies that directly address the business processes that are at
the forefront of getting infected by malware such as email, web, personal devices, USB. E.g.,
a policy should be established which will restrict USB access to computers, similarly, other
policy may restrict outbound internet request, etc., all depending upon situations and needs.
Separate expertise solutions should be implemented to protect each forefront
from malware such as email threat protection for emails, network analyzer like IDS, IPS and
firewalls for networking and any web requests, managing profiles to monitor organization
data at the end user’s mobile, etc. The endpoints should be very effectively protected by
implementing anti-virus solutions that can detect, prevent and remediate malware from
endpoints.
8. Monitoring
A monitoring strategy and solution should be created in order with the help of which an
organization will have complete visibility of the security posture. It is also be used to create
another layer of security when security breaches are passed by our detection and prevention
system but the monitoring solution detects it and creates a security incident. E.g. you
endpoint solution was able to detect the malware but it was unable to block or delete that
malware, in that case, the monitoring solution will create a security incident. The solution
will monitor all the inbound and outbound traffic and will integrate with logs from the
firewall, endpoints, NIPS, NIDS, HIPS, HIDS, and other solutions.9
9. Removable Media Controls
Every organization must define its removable media policies and should restrict the use of
removable media as much as possible. If there are cases where their use is unavoidable, the
policy should limit the types of media that can be used and the types of information that can
be shared.
10. Home and Mobile Networking
When users are at home or mobile, they are no longer connecting to the company’s LAN or
WAN. This poses a network risk where organizations do not have control over the internet.
So risk-based policies that support mobile and home working should be established. The
company can also choose to manage the user’s profile on mobile and have control of their
data that is stored on mobile or Home computer.
9
https://www.educba.com/cyber-security-principles/
8|Page
EMERGING ISSUES AND CHALLENGES OF CYBERSECURITY
In today’s inter-connected world, technologies underpin almost every facet of our society.
Thus, cybersecurity becomes increasingly important, and the challenge lies in dealing with
wide-ranging cyber threats in nearly real-time conditions. The capability to detect, analyze,
and defend against such threats in near real-time terms is not possible without threat
intelligence, data analysis, modeling techniques.
Cyberspace comprises IT networks, computer resources, and all the fixed and mobile devices
connected to the global network. A nation’s cyberspace is part of the worldwide cyberspace;
it cannot be isolated to define its boundaries since cyberspace is borderless. This aspect
makes cyberspace unique and challenging to solve. Unlike the physical world that is limited
by geographical boundaries in space, land, sea, river waters, and air, cyberspace is continuing
to expand. Increased Internet penetration is leading to the growth of cyberspace since its size
is proportional to the activities that are carried through it.10
The pace of change in cybersecurity is quickening as technologies like 5G and artificial
intelligence enable new services, products and modes of communication.
Most medium and large organisations are coming to terms with the fact that a cyber security
incident is not a factor of ‘if’, but rather ‘when’, however, many operations are still struggling
to translate this into the right security architecture, training and mindset.
Though varied in their uses, from consumer goods and smart cities to the Industrial Internet
of Things (IoT) and in their level of maturity, nearly all are defined by growing connectivity
and the risks and opportunities this brings.
Inter-connectivity is one trend from 2019 that will help define 2020. By analyzing it along
with other macro trends spotted in the previous year, we can make the following 2020
cybersecurity predictions with at least some degree of confidence.
Cybersecurity will remain an important topic and on top of the priority list for every
enterprise as it encounters massive amounts of data that are created every single day.
Cybersecurity is still a significant issue in the minds of every business leader.
10
Mugil, Raja, Mathiyazhagan, Chandrashekhar (2010), “Phishing Ruse over Security Network” Proceedings
from Conference on Cyber Security, “Emerging Cyber Threats & Challenges, (2010)” CII, Confederation of
Indian Industry, Chennai
9|Page
Cybersecurity Improvements
One of the cybersecurity trends to look out for is the constant need to see the ongoing
development in the relevant regulations concerning cybersecurity. The dynamic and
rapidly moving nature of cybersecurity becomes a significant regulation that is far too
slow to be considered as a benefit and might restrict the security by building a culture
of compliance with rules and a false sense of security against enemies that are agile,
motivated, and smart.
Data Theft
The enterprises can expect to come across attackers with changing methodology from
pure data theft and website hacking to attacking data integrity itself. Such attacks,
with an outspoken theft of data, will cause long-term, reputational damage to people
or groups by getting people to question the integrity of their data. Some firms are
already making use of AI to sort and check the integrity of data more efficiently.
Attackers
Hackers might also appear more organised and commercialised. Furthermore, they
might have their call centers like the ones, which were already witnessed with fake
dating sites. They might find a platform for themselves, where cybercrime is rarely
regarded as a crime, and thereby putting themselves outside their victims' police
powers.
Looking Ahead
It’s important that these predictions, which stem from known trends, are acted on as
quickly and effectively as possible. Doing so will ensure that the promise of next-
generation technology is not derailed, but rather the beginning of a transformative
decade to come.
1. Designing secure cyberspace: Experts often say that adequate security needs to be an
integral part of ICT design. Developers have traditionally focused more on features
10 | P a g e
than safety for economic reasons. Also, many future security needs cannot be
predicted, posing a difficult challenge for designing secure cyberspace. As a result,
our physical-world mental models won’t work in cyberspace. For example, in the
physical world, we assign government the task of border security. But given the
nature of cyberspace, everyone’s network is at the border. In the physical world,
crime is local. You have to be at a location to steal an object, so police have
jurisdictions based on physical boundaries. But in cyberspace you can be anywhere
and carry out the action, so local police jurisdictions don’t work very well. Therefore,
designing a secure cyberspace is a huge challenge.
2. Needed clarity in ownership and responsibility in cybersecurity: Critical
infrastructure is mostly owned and operated by the private sector. But security is not
the private sector’s responsibility. The government also has a vital role to play in the
governance of cyberspace in the civil-sector. These are some of the critical
cybersecurity issues that nations are grappling with. At an organizational level, too,
cybersecurity is not merely a technology issue, but a management issue. It is
grounded in enterprise risk management, which calls for an understanding of the
human, process, legal, network, and ICT security aspect. Roles and responsibilities of
each of the parties need to be clearly defined. At the same time, governments need to
establish appropriate policy and legal structures.
3. An incentive to secure the cyberspace: The structure of economic incentives for
cybersecurity has been called distorted or even perverse. Cybercrime is regarded as
cheap, profitable, and comparatively safe for the criminals. In contrast, cybersecurity
can be expensive, is by its nature imperfect, and the economic returns on investments
are often unsure. Therefore, the challenge here is to reverse this figure to favour
cybersecurity and stakeholders that intend to do so.
4. Building common consensus: Cybersecurity means different things to different
stakeholders, often with little universal agreement on meaning, implementation, and
risks. Substantial cultural impediments to consensus also exist, not only between
sectors but within sectors and even within organizations. Traditional approaches to
security may be insufficient in the hyperconnected environment of cyberspace, but
consensus on alternatives has proven elusive.11
Hemavathy (2010), “Emerging Cyber Threats and Counter Measures for Protecting Defense Network”
11
Proceedings from Conference on Cyber Security, “Emerging Cyber Threats & Challenges, (2010)” CII,
Confederation of Indian Industry, Chennai
11 | P a g e
5. Ever-changing nature of cybersecurity: Cyberspace operates according to different
rules than the physical world. The nodal nature of a light-speed network means that
concepts like distance, borders, and proximity all work differently, which has
profound implications for security. First, with range significantly reduced, threats can
come from anywhere and from any actor. Second, the borders in cyberspace don’t
follow the same lines we have imposed on the physical world. Instead, they are
marked by routers, firewalls, and other gateways. Proximity is a matter of who’s
connected along what paths, not their physical location.12
6. Legal and Policy Frameworks: Cyberspace is still very new from a legal and policy
point of view. In the modern form, the Internet and cyberspace have existed for only
about 25 years and have changed continuously over that period. Therefore, we have
not developed the comprehensive frameworks we need. Perhaps we should borrow
concepts from the disaster response world, and divide responsibility in a fluid manner
that adapts over time in response to changing circumstances. In disaster response,
preparedness and initial response reside at the local level. 13 If a given incident
overwhelms or threatens to overwhelm local responders, then steadily higher levels of
government can step in. But, if it becomes clear that a nation-state is involved, or even
if there is a mere suspicion that a nation-state is involved, then the national
government would start bringing its capabilities to bear.
12
R. Ganesan, (2010), “Emerging Cyber Security Trends for 2010”, Proceedings from Conference on Cyber
Security, ”Emerging Cyber Threats & Challenges, (2010)” CII, Confederation of Indian Industry, Chennai.
13
Hemavathy (2010), “Emerging Cyber Threats and Counter Measures for Protecting Defense Network”
Proceedings from Conference on Cyber Security, “Emerging Cyber Threats & Challenges, (2010)” CII,
Confederation of Indian Industry, Chennai
12 | P a g e
NATIONAL CYBER SECURITY POLICY
The National Cyber Security Policy 2013 aims at (1) facilitating the creation of secure
computing environment (2) enabling adequate trust and confidence in electronic transactions
and (3) guiding stakeholders actions for the protection of cyberspace.
The National Cyber Security Policy document outlines a roadmap to create a framework for
comprehensive, collaborative and collective response to deal with the issue of cyber security
at all levels within the country14.
The need to protect information
National Cyber Security Policy 2013 should be seen as about protecting of information, such
as personal information, financial/banking information, sovereign data etc.
Information empowers, and in order to empower people with information, we need to
secure the information/data.
There is a need to distinguish between data which can freely flow and data which
needs to be protected.
The “National Cyber Security Policy” has been prepared in consultation with all
relevant stakeholders, user entities and public.
This policy aims at facilitating the creation of secure computing environment and
enabling adequate trust and confidence in electronic transactions and also guiding
stakeholders actions for the protection of cyberspace.
The National Cyber Security Policy document outlines a roadmap to create a
framework for comprehensive, collaborative and collective response to deal with the
issue of cyber security at all levels within the country.
The policy recognises the need for objectives and strategies that need to be adopted
both at the national level as well as international level.
The objectives and strategies outlined in the National Cyber Security Policy
Articulate our concerns, understanding, priorities for action as well as directed efforts.
Provide confidence and reasonable assurance to all stakeholders in the country
(Government, business, industry and the general public) and global community, about
the safety, resiliency and security of cyberspace.
Adopt a suitable posturing that can signal our resolve to make determined efforts to
effectively monitor, deter and deal with cyber crime and cyber attacks.
14
https://www.clearias.com/national-cyber-security-policy-2013/
13 | P a g e
Salient features of the National Cyber Security Policy 2013
A vision and mission statement aimed at building a secure and resilience cyberspace
for citizens, businesses and Government.
Enabling goals aimed at reducing national vulnerability to cyber attacks, preventing
cyber attacks & cyber crimes, minimising response & recovery time and effective
cybercrime investigation and prosecution.
Focused actions at the level of Govt., public-private partnership arrangements, cyber
security related technology actions, protection of critical information infrastructure
and national alerts and advice mechanism, awareness & capacity building and
promoting information sharing and cooperation.
Enhancing cooperation and coordination among all the stakeholder entities within the
country.
Objectives and strategies in support of the National Cybersecurity vision and mission.
Framework and initiatives that can be pursued at the Govt. level, sectoral levels as
well as in public-private partnership mode.
Facilitating monitoring key trends at the national level such as trends in cyber security
compliance, cyber attacks, cyber crime and cyber infrastructure growth.
A National and sectoral 24X7 mechanism has been envisaged to deal with cyber
threats through National Critical Information Infrastructure Protection Centre
(NCIIPC).
A mechanism is proposed to be evolved for obtaining strategic information regarding
threats to information and communication technology (ICT) infrastructure, creating
scenarios of response, resolution and crisis management through effective predictive,
prevention, response and recovery action.
14 | P a g e
CONCLUSION & SUGGESTIONS
Nations are investing heavily in their ICT infrastructures intending to provide higher
bandwidths, integrate national economies with the global marketplace, and to enable citizens
to access more e-services. Given the security problems, there is an increased emphasis on,
and investment in, the security of cyber infrastructure. Core Internet protocols are insecure,
and an explosion of mobile devices continues to be based on the same unstable systems. This
is adding up to increased usage of the Internet in more vulnerable cyberspace.
Cyberspace has been called the fastest evolving technology space in human history, both in
scale and properties. New and emerging features and applications — especially social media,
mobile computing, big data, cloud computing, artificial intelligence, and the Internet of
Things — further complicate the evolving threat environment.
In today’s digital age, cybersecurity has become increasingly critical for large corporations
and small startups alike. Today, the stakes are higher than ever, as “every company has
become a tech company.” Technology has become more than a supplement to a company’s
operations, and in many cases, the assets living on their network are their core operations.
This is compounded by the fact that hacks are becoming commonplace due to the rise of
mobile usage and internet of things, as well as the growing ecosystem of cybercriminals 15.
Cyber security is a vast topic that is becoming more important because the world is becoming
highly interconnected, with networks being used to carry out critical transactions. Cyber
crime continues to diverge down different paths with each New Year that passes and so does
the security of the information. The latest and disruptive technologies, along with the new
cyber tools and threats that come to light each day, are challenging organizations with not
only how they secure their infrastructure, but how they require new platforms and
intelligence to do so. There is no perfect solution for cyber crimes but we should try our level
best to minimize them in order to have a safe and secure future in cyber space.
Suggestions
The challenges can be under surveillance and methodical steps can be taken to avoid
such malpractices. To solve data theft problem, online space must regulate the use of
data and clearly indicate when information will be shared provided by the users. The
user can then choose to opt out, leaving personal information restricted to the space
Update on Litigation Involving Facebook and Maximilian Schrems, Explanatory Memo, Data Protection
15
Commissioner,https://goo.gl/8eupnN
15 | P a g e
for which it was deliberated. When software online contains bugs or viruses, it is
fairly easy for cyber criminals to gain personal information. Large technology firms
should collaborate and create solutions that to increase security for their customers.
Security controls need to move outward, beginning at the application level where such
frauds can be caught easily. When there are no unified monitoring methods, firms
become vulnerable.
With cloud hovering our lives with all our data it is imperative to protect our cloud
space. With growing technology, the growth of cybercrime is evident but measure
taken early and effectively can avoid cyber mishaps both big and small.
16 | P a g e
remove malicious software programs, such as viruses and worms. Most antivirus programs
include an auto-update feature that enables the program to download profiles of new viruses
so that it can check for the new viruses as soon as they are discovered. An anti virus software
is a must and basic necessity for every system.
CYBER ETHICS
Cyber ethics are nothing but the code of the internet. When we practice these cyber ethics
there are good chances of us using the internet in a proper and safer way. The below are a few
of them:
Internet is considered as world’s largest library with information on any topic in any
subject area, so using this information in a correct and legal way is always essential.
Never try to send any kind of malware to other’s systems and make them corrupt.
Never share your personal information to anyone as there is a good chance of others
misusing it and finally you would end up in a trouble.
Always adhere to copyrighted information and download games or videos only if they
are permissible.
The above are a few cyber ethics one must follow while using the internet. We are always
thought proper rules from out very early stages the same here we apply in cyber space.
BIBLIOGRAPHY
Books
1. AnirudhRastogi, Cyber Law, Lexis Nexis, 2014
2. B.G.Gupta (2010), “Security Convergence – Physical & Information” Proceedings
from Conference on Cyber Security, “Emerging Cyber Threats & Challenges, (2010)”
CII, Confederation of Indian Industry, Chennai.
17 | P a g e
3. Hemavathy (2010), “Emerging Cyber Threats and Counter Measures for Protecting
Defense Network” Proceedings from Conference on Cyber Security, “Emerging
Cyber Threats & Challenges, (2010)” CII, Confederation of Indian Industry, Chennai
4. Mugil, Raja, Mathiyazhagan, Chandrashekhar (2010), “Phishing Ruse over Security
Network” Proceedings from Conference on Cyber Security, “Emerging Cyber Threats
& Challenges, (2010)” CII, Confederation of Indian Industry, Chennai
5. R. Ganesan, (2010), “Emerging Cyber Security Trends for 2010”, Proceedings from
Conference on Cyber Security, ”Emerging Cyber Threats & Challenges, (2010)” CII,
Confederation of Indian Industry, Chennai.
Websites
1. https://www.toptal.com/finance/finance-directors/cyber-security
2. https://www.dsci.in/content/cyber-security-challenges
3. https://medium.com/@cyberpeacealliance/cybersecurity-issues-challenges-
ce6b5460061e
4. https://blog.logsign.com/cyber-security-issues-and-challenges-in-2019/
5. https://one.comodo.com/blog/cyber-security/what-is-cyber-
security.php#:~:text=Cybersecurity%20Definition%3A&text=Cybersecurity%20aims
%20to%20protect%20the,or%20interrupting%20normal%20business%20operations.
6. https://www.kaspersky.co.in/resource-center/definitions/what-is-cyber-security
7. https://www.educba.com/cyber-security-principles/
8. https://www.cyber.gov.au/acsc/view-all-content/guidance/cyber-security-principles
18 | P a g e