Professional Documents
Culture Documents
VIJAY ABHISHEK
Register no : 212000263
Cybersecurity refers to the protection of digital devices, networks, and sensitive information
from unauthorized access use and destruction with the rapid advancement of technology and
the increasing reliance on digital devices and networks, cybersecurity has become an
essential aspect of our daily lives, protecting not only personal information but also critical
infrastructure, businesses, and government organizations.
Cybersecurity involves a wide range of measures, including technical controls, policies, and
procedures that are designed to identify, prevent, detect, and respond to cyber threats. These
threats can come from a variety of sources, such as hackers, cybercriminals, nation-states,
and insiders.
1. Mission-Critical Assets:
This is data that is absolutely critical to protect. Whether businesses would like to
admit it or not, they face malicious forces daily. The question is how are leaders
dealing with this type of protection.
An example of mission-critical assets in the Healthcare industry is Electronic Medical
Record (EMR) software. In the financial sector, its customer’s financial records.
2. Data Security:
Data security is when there are security controls put in place to protect both the
transfer and the storage of data. There has to be a backup security measure in place to
prevent the loss of data, This will also require the use of encryption and archiving.
Data security is an important focus for all businesses as a breach of data can have dire
consequences.
3. Endpoint Security:
This layer of security makes sure that the endpoints of user devices are not exploited
by breaches. This includes the protection of mobile devices, desktops, and laptops.
Endpoint security systems enable protection either on a network or in the cloud
depending on the needs of a business.
4. Application Security:
This involves the security features that control access to an application and that
application’s access to your assets. It also includes the internal security of the app
itself.
Most of the time, applications are designed with security measures that continue to
provide protection when the app is in use.
5. Network Security:
This is where security controls are put in place to protect the business’s network. The
goal is to prevent unauthorized access to the network.
It is crucial to regularly update all systems on the business network with the necessary
security patches, including encryption. It’s always best to disable unused interfaces to
further guard against any threats.
6. Perimeter Security:
This security layer ensures that both the physical and digital security methods protect
a business as a whole. It includes things like firewalls that protect the business
network against external forces.
7. The Human Layer:
Despite being known as the weakest link in the security chain, the human layer is a
very necessary layer. It incorporates management controls and phishing simulations
Example;These human management controls aim to protect that which is most critical
to a business in terms of security. This includes the very real threat that humans, cyber
attackers, and malicious users pose to a business.
Cyber Attacks:
A cyberattack refers to any attempt to gain unauthorized access to digital devices, networks,
or data, with the intent to cause harm, steal information, or disrupt normal operations.
Cyberattacks are carried out by malicious actors, such as hackers, cybercriminals, and nation-
states, who use a variety of techniques and tools to exploit vulnerabilities in software,
hardware, and human behaviour.
Malware attacks: These are attacks that use malicious software, such as
viruses,worms, and Trojans, to gain unauthorized access to devices and networks and
steal sensitive information or cause damage to systems.
Phishing attacks: These are attacks that use deceptive emails, messages, or websites
to trick users into revealing sensitive information or installing malware on their
devices.
Denial-of-service (DoS) attacks: These are attacks that flood a network or website
with traffic to overwhelm its servers and prevent legitimate users from accessing it.
Man-in-the-middle (MitM) attacks: These are attacking that intercept andmodify
data transmitted between two parties to steal sensitive information or inject malware
into the communication.
Password attacks: These are attacks that attempt to guess or steal password to gain
unauthorized access to devices networks or account.
Social engineering attacks: These are attacks that use psychological manipulation to
trick users into revealing sensitive information or taking actions that could
compromise their security.
Cyberattacks can have serious consequences, including financial losses, reputational damage,
and legal and regulatory penalties. Organizations can protect themselves from cyberattacks
by implementing a comprehensive
cybersecurity program that includes measures such as network security, data encryption,
identity and access management, and employee training and awareness. Regular vulnerability
assessments and penetration testing can also help identify and address potential weaknesses
before they can be exploited by attackers.
Cybersecurity Defences:
Cybersecurity defences are the various measures and controls put in placeto protect digital
devices, networks, and sensitive information from cyberthreats.
Firewalls: These are network security devices that monitor and controlincoming and
outgoing network traffic based on predetermined security rules.Firewalls help to prevent
unauthorized access to networks and devices.
Antivirus and anti-malware software: These are software programs designed todetect and
remove malicious software, such as viruses, worms, and Trojans from digital devices.
Intrusion detection and prevention systems (IDPS): These are network securitydevices
that monitor network traffic for signs of a potential cyber-attack andcan automatically block
or prevent the attack.
Access controls: Access controls help to restrict access to sensitive informationand systems
to authorized individuals only,examples of access controls includepasswords, two-factor
authentication, and biometric authentication.
Encryption: Encryption is the process of converting sensitive data into a formatthat can only
be read by authorized individuals with the correct decryption keysencryption helps to protect
data from unauthorized access and theft.Incident response planning: Incident response
planning involves developing and implementing procedures for responding to cyber-attacks.
This includesidentifying the type and severity of the attack, containing and mitigating
thedamage caused by the attack, and restoring normal operations.
Hacking:
Hacking can also involve stealing sensitive information such as credit card numbers
passwords or personal identification information which can then be used for fraudulent
activities.
1. Malware attacks: Malware, such as viruses, worms, and Trojans, can infect a
computer system and steal sensitive information or damage the system.
2. Phishing attacks: Phishing attacks involve sending fraudulent emails or text
messages that appear to be from a legitimate source, such as a bank or a government
agency, in an attempt to trick the recipient into revealing sensitive information.
Hacking can have serious consequences, including financial losses, damage to reputation, and
legal repercussions. To protect against hacking, organizations and individuals should
implement cybersecurity measures, such as firewalls, antivirus software, encryption, and
multifactor authentication. It is also essential to keep software applications and operating
systems up to date with the latest security patches and to regularly educate employees and
individual on best cybersecurity practices.
Endpoint Security:
Endpoint security refers to the protection of digital devices, such asdesktops, laptops,
smartphones, and tablets, from cyber threats. Endpoints are the devices that connect to a
network and can be vulnerable to attacks such as malware, phishing, and other cyber threats.
These solutions are designed to detect and remove malicious software, such as viruses,
worms, Trojans, and spyware, from digital devices.
Firewall protection:
Firewalls help to monitor and control incoming andoutgoing network traffic to prevent
unauthorized access to the device and the network it is connected to.
Intrusion detection and prevention systems (IDPS) monitor the device and network traffic to
identify and prevent potential cyber attacks.
Data encryption:
Data encryption protects sensitive information on the device from unauthorized access by
encrypting it with a key or password.
Access controls: Access controls such as passwords, two-factor authentication, and biometric
authentication help to restrict access to sensitive information and applications on the device.
Patch management: Patch management involves regularly updating the device's operating
system and software to address known vulnerabilities and improve security.
Zero Trust:
Zero Trust is a cybersecurity approach that assumes that no user, device, or application
should be trusted by default, even if it is within the organization's network perimeter. Instead,
itrequires that every request for access to resources or data be verified and authenticated
before granting access. In other words, the Zero Trust model assumes that all network traffic,
including traffic originating from inside the network, should be treated as untrusted.
The Zero Trust model is based on the principle of "least privilege," which means that users
are only granted access to the minimum number of resources necessary to perform their job
functions. This approach helps to reduce the attack surface of the network and minimize the
impact of successful attacks.
To implement a Zero Trust model, organizations must adopt a range of security controls and
technologies, such as multifactor authentication, network segmentation, encryption, and
continuous monitoring.
Verification and authentication: Every request for access to resources or data must be
verified and authenticated before access is granted. This includes user identity, device
identity, and application identity.
Least privilege access: Users are only granted access to the minimum number of resources
necessary to perform their job functions.
Continuous monitoring: The network and its traffic must be continuously monitored
for suspicious activity, such as unusual login attempts or unusual traffic patterns.
Network segmentation: The network should be segmented to limit the scope of any
successful attacks and prevent lateral movement.
Encryption: Data in transit and at rest should be encrypted to protect it from
unauthorized access.
The Zero Trust model is gaining popularity in the cybersecurity community as a way to
providebetter protection against advanced threats, such as insider attacks and sophisticated
external attacks. By implementing a Zero Trust approach, organizations can improve their
security posture and reduce the risk of data breaches and other security incidents.
Ethical hacking and hacking are two different terms that refer to different activities.Hacking
refers to the unauthorized access, modification, or manipulation of computer systems,
networks, or software applications.
Hacking is generally considered illegal and unethical, as it involves breaking into computer
systems or networks without permission.
On the other hand, ethical hacking, also known as "penetration testing," involves authorized
attempts to hack into a computer system or network to identify security vulnerabilities and
weaknesses. Ethical hacking is done with the owner's permission, and the goal is to help the
owner strengthen their security defences by identifying and fixing vulnerabilities before a
malicious attacker can exploit them.
The primary difference between ethical hacking and hacking is that ethical hacking is a legal
and authorized activity that involves obtaining explicit permission from the owner of the
target system or network before performing any testing or hacking activity. Ethical hackers
follow a strict code of ethics and must maintain the confidentiality and integrity of any data
they access during the testing process.
In contrast, hacking is an illegal and unauthorized activity that violates the privacy and
security of individuals or organizations. Hackers do not have the owner's permission to access
or modify the target system or network, and their actions can have serious consequences,
including financial losses, damage to reputation, and legal repercussions.
In summary, ethical hacking is a legal and ethical activity that helps organizations identify
and fix security vulnerabilities, while hacking is an illegal and unethical activity that involves
breaking into computer systems or networks without permission.