CYBERSECURITY

INFORMATION TECHNOLOGY SECURITY OR ELECTRONIC INFORMATION SECURITY

TOPIC CONTENTS

 What is cybersecurity?
 What are the different type of cybersecurity?
 What are some threats in cybersecurity?
 Cybersecurity measures
 Why is cybersecurity important?
 What careers does cybersecurity have?
 Principles of cybersecurity
 Applications of cybersecurity
 The aim of cybersecurity
 WHAT IS CYBERSECURITY?
 Cybersecurity is the practice of protecting critical systems and sensitive information from digital
attacks. Also known as information technology cybersecurity  measures are designed to combat threats
against networked system  and applications, whether those threats originate from inside or outside of
an organization.
 Cyber security is known to use technology, procedures, and controls to defend against cyber attacks
on systems, networks, programs, devices, and data.
 Its objectives are to lower the danger of cyber attacks and safeguard the company against the
unauthorized use of technology, networks, and systems.
 WHAT ARE THE TYPE OF CYBERSECURITY?

Cyber security is a wide field covering several disciplines. It can be divided into six main pillars:
 1. Network Security

Network security  solutions are designed to identify and block these attacks that occur due to network. These solutions
include data and access controls such as Data Loss Prevention (DLP), IAM (Identity Access Management),NGFW (Next-
Generation Firewall) etc. application controls to enforce safe web use policies.
 2. Cloud Security

A cloud security strategy includes cyber security solutions, controls, policies, and services that help to protect an
organization’s entire cloud deployment (applications, data, infrastructure, etc.) against attack.
 3. Endpoint Security

With endpoint security, companies can secure end-user devices such as desktops and laptops with data and network
security controls, advanced threat prevention such as anti-phishing and anti-ransomware.
CONTINUED…

 4. Mobile Security

Often overlooked, mobile devices such as tablets and smartphones have access to corporate data, exposing businesses
to threats from malicious apps, zero-day, phishing, and IM (Instant Messaging) attacks. Mobile security prevents
these attacks and secures the operating systems and devices from rooting and jail breaking.
 5. IoT Security

IoT security protects these devices with discovery and classification of the connected devices, auto-segmentation to
control network activities.
 6. Application Security.

Application security prevents bot attacks and stops any malicious interaction with applications. Authentication,
authorization, encryption, logging, and application security testing are all examples of application security
features.
 WHAT ARE SOME OF THE CYBERSECURITY THREATS?

Although cybersecurity professionals work hard to close security gaps, attackers are always looking for new ways to escape IT
notice, evade defence measures, and exploit emerging weaknesses. These evolving threats include:
 Malware /virus/
It is a software that has been created to intentionally cause damage. It cause harm simply by opening the wrong attachment
or clicking on the wrong link.
 Ransomware
It is actually a type of malware. The difference here is that ransomware infects a network or steals confidential data and then
demands a ransom (currency) in exchange for access to your systems.
 Phishing Attacks
It is just like it sounds. Hackers throw a line out there hoping that you’ll bite, and when you do, they steal sensitive
information like passwords, credit card numbers and more.
 Social Engineering
It involves malicious human interaction. This is a case of people outright lying and manipulating others to divulge personal
information. Often, these people obtain information from social media profiles and posts.
CYBERSECURITY MEASURES

There are some measures we should take in cybersecurity:

 Staff awareness training: Training courses will show staff how security threats affect them and help them apply best-
practice advice to real-world situations.
 Application security: - As web applications play an increasingly critical role in business, it is vital to focus on web
application security.
 Network security: - Network security is the process of protecting the usability and integrity of your network and data and
can be achieved by conducting a network penetration test, which scans your network for vulnerabilities and security issues.
 Leadership commitment: - Leadership commitment is the key to cyber resilience.
 Password management: - You should implement a password management policy that provides guidance to ensure staff
create strong passwords and keep them secure.
 WHY IS CYBERSECURITY IMPORTANT?

 First of all cybersecurity is an ethical practice to protect our devices from hackers and make them more secure.
 It basically deals with protecting our network, devices, and data from illegal and unauthorized access by other
people.
Hackers and cybercriminals use the Internet as an opportunity to crack into other’s people devices by using spyware,
malware and carrying out cyber attacks.
 The main purpose of Cybersecurity is to protect all the users on the Internet from infected files, malware, and
digital attacks which lead the users to access private sensitive issues.
 It helps to solve pre-built vulnerabilities in applications and helps them to remain stable throughout the time.
 PRINCIPLES OF CYBERSECURITY AND THERE PURPOSE

Purpose of the cyber security principles

The purpose of the cyber security principles is to provide strategic guidance on how an organization can
protect their systems and data from cyber threats. These cyber security principles are grouped into four
key activities: govern, protect, detect and respond.

 Govern: Identifying and managing security risks.

 Protect: Implementing controls to reduce security risks.
 Detect: Detecting and understanding cyber security events to identify cyber security incidents.
 Respond: Responding to and recovering from cyber security incidents.
CYBERSECURITY AS A CAREER

 Cybersecurity is a great career to enter right now, as there is a high demand for professionals with these skills. 
 The field of cybersecurity offers plenty of variety. Businesses across all industries – from healthcare and
finance to entertainment, so there are opportunities in countless fields and disciplines.
 As a cybersecurity professional, you are on the front lines of ensuring that data stays safe and secure. For this
reason, it can be rewarding and satisfying, allowing you to make a real impact. However, cybersecurity jobs
also come with challenges and stress.
Depending on your experience level, you may consider the following cybersecurity jobs:
 Entry-level: Systems Administrator, Network Engineer, Network Administrator, Security Administrator
 Mid-level: Cybersecurity Analyst, Penetration Tester, Security Technician, IT Auditor
 Senior-level: Cybersecurity Manager, Cybersecurity Engineer, Chief Information Security Officer
APPLICATIONS OF CYBERSECURITY

 Web Firewall: it checks all the incoming and outgoing traffic on the server and it
automatically tracks and removes fake and malicious website traffic. This Cybersecurity
measure helps to determine and enable auto-traffic monitoring by reducing attack risk.
 Bots: Many hackers and attackers use bots to cause multiple device traffic on the server
to make it crash. Cybersecurity helps to deal with identifying fake users, by making them
log out of their sessions so they don’t affect the experience of the normal users.
 Antivirus and Antimalware: Cybersecurity is used to develop Antivirus and
Antimalware software for preventing all the digital attacks on the computer and
protecting these devices from digital attacks, and unauthorized attacks from hackers.
 THE AIM OF CYBERSECURITY

 The ultimate goal of cybersecurity is to protect the information from being stolen or compromised. To achieve this we look
at 3 fundamental goals of cybersecurity.
1. Protecting the Confidentiality of data
2. Preserving the Integrity of data
3. Restricting the Availability of data only to authorized users