Micro-Project Report

On
Cyber Security Management

Maharashtra State Board of Technical Education

(2022-2023)

Government Polytechnic
Solapur
Department Of Information Technology.

Course Name: - Management (22509)

1
 Government Polytechnic
Solapur.
Department Of Information Technology.

CERTIFICATE
This is to certify that the project work entitled

is

Submitted by

Avinash Maruti Kore (2000150215)

By Guided
Smt.Ambika Mithhapally

in the partial fulfillment of Diploma in Information Technology has been

Satisfactory carried out under my guidance as per the requirement of
Maharashtra State Board of Technical Education, Mumbai during the
academic year 2023-2024.

Date:

Place:Solapur.

GUIDE HOD PRINCIPAL

(Ambika Mithhapally) ( Manisha Anjikhane.) ( Prof. Somnath Hunsimrad)

2
 INDEX

Sr.No. Content
1. Aciton Plan and resources required
2. Topic
3. Abstract
4. Introduction
5. Why is cyber security important?
6. Cyber Crime
7. Types of cyber security threats
8. Evaluation of cyber security
9. Advantages And Disadvantages of cyber
10. Security
11. The need for cyber security
12. Benefits Of Cyber security
13. Use Of Cyber security Across Domains
14. Features of cyber security
15. Conclusion
16. Reference

3
 Action Plan (Sequence and time required for major activity)

Name of
Sr. Planned Start Planned
Details of activity Responsible
No. date Finish date
Team Members

A. M. Kore.
1 Selection of topic 01 April 03 April

A. M. Kore.
2 Collecting information 04 April 05 April

A. M. Kore.
3 Typing in word 06 April 07 April

A. M. Kore.
4 Setting in word document 08 April 08 April

Resources Required (major resources such as raw material, some machining facility,
software etc.)

Sr. Name of
Specifications Qty Remarks
No. Resource/material

1 MS-Word - -

2 Adobe Reader - -

4
 ABSTRACT

Proposal of cyber security measures in companie. Cyber security

is currently the most wanted and most challenging research
discipline that is in constant development. Data reference
institutions and recognized to security researchers in 2017 shows
that cyber criminals using ‘low-tech’ ‘software were successful in
9 of 10 attacks on various web sites. Most web sites had serious
flaws for a period of 150 days or more. Various invasions and
fraud have cost the company $ 6.6 billion annually. Based on the
research of Oracle java in America is the biggest security risk for
desktop computers. According to reports java is installed on 65%
of computers, 48% of users did not have the latest patches for
Java last year been identified 119 new vulnerabilities in the
software.

5
 INTRODUCTION

“Cybersecurity is primarily about people, processes, and technologies working

together to encompass the full range of threat reduction, vulnerability reduction,
deterrence, international engagement, incident response, resiliency, and recovery
policies and activities, including computer network operations, information
assurance, law enforcement, etc.”

Cybersecurity is the protection of Internet-connected systems, including hardware,

software, and data from cyber attacks. It is made up of two words one is cyber and
other is security. Cyber is related to the technology which contains systems,
network and programs or data. Whereas security related to the protection which
includes systems security, network security and application and information
security..
We can also define cybersecurity as the set of principles and practices designed to
protect our computing resources and online information against threats. Due to the
heavy dependency on computers in a modern industry that store and transmit an
abundance of confidential and essential information about the people,
cybersecurity is a critical function and needed insurance of many businesses.

WHY IS CYBER SECURITY IMPORTANT ?

We live in a digital era which understands that our private information is more
vulnerable than ever before. We all live in a world which is networked together,
from internet banking to government infrastructure, where data is stored on
computers and other devices. A portion of that data can be sensitive information,
whether that be intellectual property, financial data, personal information, or other
types of data for which unauthorized access or exposure could have negative
consequences.

Cyber-attack is now an international concern and has given many concerns that
hacks and other security attacks could endanger the global economy.
Organizations transmit sensitive data across networks and to other devices in the
course of doing businesses, and cybersecurity describes to protect that information
and the systems used to process or store it.
As the volume of cyber-attacks grows, companies and organizations, especially
those that deal information related to national security, health, or financial records,
need to take steps to protect their sensitive business and personal information.

6
CYBER CRIME

Cyber crime is a term for any illegal activity that uses a computer as its primary
means of commission and theft. The U. S. Department of Justice expands the
definition of cyber crime to include any illegal activity that uses a computer for the
storage of evidence. The growing list of cyber crimes includes crimes that have been
made possible by computers, such as network intrusions and the dissemination of
computer viruses, as well as computer-based variations of existing crimes, such as
identify theft, stalking, bullying and terrorism which have become as major
problem to people and nations. Usually in common man’s language cyber crime
may be defined as crime committed using a computer and the internet to steel a
person’s identity or sell contraband or stalk victims or disrupt operation with
malevolent.

TYPES OF CYBER SECURITY THREATS

1. Malware

Malware is malicious software such as spyware, ransomware, viruses and worms.

Malware is activated when a user clicks on a malicious link or attachment, which
leads to installing dangerous software. Cisco reports that malware, once activated,
can:

⚫ Block access to key network components (ransomware) • Install additional

harmful software

• Covertly obtain information by transmitting data from the hard drive (spyware)

⚫ Disrupt individual parts, making the system inoperable

2. Emotet

The Cybersecurity and Infrastructure Security Agency (CISA) describes Emotet as

“an advanced, modular banking Trojan that primarily functions as a downloader or
dropper of other banking Trojans. Emotet continues to be among the most costly
and destructive malware.”

7
 3. Denial of Service

A denial of service (DoS) is a type of cyber attack that floods a computer or network
so it can’t respond to requests. A distributed DoS (DDoS) does the same thing, but
the attack originates from a computer network. Cyber attackers often use a flood
attack to disrupt the “handshake” process and carry out a DoS. Several other
techniques may be used, and some cyber attackers use the time that a network is
disabled to launch other attacks...

4. Man in the Middle

A man-in-the-middle (MITM) attack occurs when hackers insert themselves into a

two-party transaction. After interrupting the traffic, they can filter and steal data,
according to Cisco. MITM attacks often occur when a visitor uses an unsecured
public Wi-Fi network. Attackers insert themselves between the visitor and the
network, and then use malware to install software and use data maliciously.
5. Phishing

Phishing attacks use fake communication, such as an email, to trick the receiver
into opening it and carrying out the instructions inside, such as providing a credit
card number. “The goal is to steal sensitive data like credit card and login
information or to install malware on the victim’s machine,” Cisco reports.

6. SQL Injection

A Structured Query Language (SQL) injection is a type of cyber attack that results
from inserting malicious code into a server that uses SQL. When infected, the
server releases information. Submitting the malicious code can be as simple as
entering it into a vulnerable website search box.

8
 EVOLUTION OF CYBER SECURITY

Cyber security practices continue to evolve as the internet and digitally dependent
operations develop and change. According to Secure works, people who study cyber
security are turning more of their attention to the two areas in the following
sections.

• The Internet of Things

Individual devices that connect to the internet or other networks offer an access
point for hackers. Cytelligence reports that in 2019, hackers increasingly targeted
smart home and internet of things (IoT) devices, such as smart TVs, voice
assistants, connected baby monitors and cellphones. Hackers who successfully
compromise a connected home not only gain access to users’ Wi-Fi credentials, but
may also gain access to their data, such as medical records, bank statements and
website login information.

• The Explosion of Data

Data storage on devices such as laptops and cellphones makes it easier for cyber
attackers to find an entry point into a network through a personal device. For
example, in the May 2019 book Exploding Data: Reclaiming Our Cyber Security in
the Digital Age, former U.S. Secretary of Homeland Security Michael Chertoff warns
of a pervasive exposure of individuals’ personal information, which has become
increasingly vulnerable to cyber attacks.

Consequently, companies and government agencies need maximum cyber security

to protect their data and operations. Understanding how to address the latest
evolving cyber threats is essential for cyber security professionals. ADVANTAGES
AND DISADVANTAGES OF CYBER SECURITY Advantages: 1) Protects system
against viruses, worms, spyware and other unwanted programs. 2) Protection
against data from theft. 3) Protects the computer from being hacked. 4) Minimizes
computer freezing and crashes. 5) Gives privacy to users Disadvantages: 1)
Firewalls can be difficult to configure correctly. 2) Incorrectly configured firewalls
may block users from performing certain actions on the Internet, until the firewall
configured correctly. 3) Makes the system slower than before. 4) Need to keep
updating the new software in order to keep security up to date. 5) Could be costly
for average user.

9
 THE NEED FOR CYBER SECURITY

The present cyberspace is intermittently connected, which leaves pockets of

vulnerability leading to exploits and breaches by the deplorable. It is estimated that
cybercrime damages will exceed $6 trillion by 2021. The alarm bell has been rung
and every sector is intuitively investing in cybersecurity.

A successful running module for cybersecurity has layers of protection spread

across programs, networks, data, and computers. If a cybersecurity module is
integrated into an organization, technology, people and processes should all
seamlessly complement each other to provide a unified front for effective threat
management.

Cyberattacks are happening every 14 seconds and you are likely to be affected by it
eventually. With our reliance on cyberspace, cyberattacks are a reality just like
theft or robbery. With our sensitive information and social credibility at stake, it is
particularly not hyperbolic to think of cybersecurity as a part of your cyber hygiene.

BENEFITS OF CYBER SECURITY

⚫ Protecting data and networks from any unauthorized access

• Improvement in business continuity and information security management
• Providing security consolidation to stakeholders in terms of your information
security arrangements
⚫ Enhanced security controls without compromising company credentials
• Preemptive to a potential cyberattack and recovery protocols for a quick revival

Critical functions for an organization to be operable with lesser data loss.

• Compliance
The compliance domain center oversees the security controls, and that they comply
with the organizational regulations and legislation. This domain is instrumental in
understanding the nuances of these regulations such that appropriate security
controls can be taken and audited accordingly.

10
• Cryptography

This domain is often over-analyzed and mostly pertains to its theoretical value. As
of its virtual application, it can be as simple as pushing the right buttons.
Cryptography is primarily used for protecting the integrity, confidentiality, and
authenticity of the information concerned.

• Physical Security

This domain is almost overlooked, but mostly refers to the workflow associated with
physical hardware. Physical Security entails a set of protocol that exists outside the
cyberspace but has a direct effect on the cyberspace if breached. For instance, is
the facility fenced? Is the perimeter being patrolled? Are the data centers secure
enough to provide authorized access only? Do they have an HVAC system installed?

FUTURE OF CYBER SECURITY

It is predicted that the number of active users on the internet will triple in 2020,
reaching 6 billion. The number will exponentially rise to reach to about 7.5 billion
by 2030. So, cybersecurity will be at a cusp of being mandated by default. AI, for
instance, can come to fruition in the future where developers can use AI for
locating vulnerabilities and security breaches. AI can potentially be used in UI to
send warnings to people whenever they make poor security choices or visit risky
websites.
The next thing that is quite plausible would be cyber warfare, an avenue a few
nations might adopt as an alternative to traditional conflicts. This means the
security infrastructure would require the mobility to respond to an immediate
situation.

A study revealed computer hacks are taking place globally every 39 seconds.
Cyberspace will be infested with automated scripts, which means more skilled
people will be involved in cybercrimes. This will automate a massive expansion of
tech workers that will be cyber enforcers who’ll maintain civility and order in
cyberspace.

11
 CONCLUSION

If cybersecurity protocols are built to seamlessly manage your data security and
prioritize compliance, then your organization will have significant security
advantages with higher chances to combat any potential chances of a cyber attack.
But given the scenario, it is highly likely that the government will place more
localized security protocols to secure their digital space and that of their
consumers.

For now, there is no fully protected computer network. The most secure system is
one that is not connected to the Internet connection, which has its original internal
operating system on computers and has a high level of security protection. The
protection of network systems should be provided to enable the prevention of
intentional or unintentional unauthorized intrusion into the system both from the
outside and from the inside, ensuring the accuracy and integrity of information and
reliable access to data and resources. Early indetermination and monitoring
systems need to be used to reduce the security risks of intrusion into systems. The
paper presents measures that if fully implemented, would maximally protect the
company’s computer systems.

REFERENCE

https://sites.google.com/site/xinyicyber/the-disadvantages-and- advantages-of-
cyber-security

https://www.researchgate.net/publication/330325833 Cyber Secur ity Measures

In Companies/link/5c39299e299bf12be3c142ec/do wnload

https://www-mygreatlearning-
com.cdn.ampproject.org/v/s/www.mygreatlearning.com/blog/benef its-use-cases-
of-cybersecurity-across-different

https://www.nec.co.nz/market-leadership/publications-media/why- is-cyber-
security-important-why-we-need-cyber-securi

12