Table of Contents
What is Cyber Security?
- Cyber security is the security that is offered through on-line services to protect our online information.
- Cyber is a combining form relating to information technology, the internet and the virtual reality.
- Cyber security is the fastest growing and most in-demand industries which includes the fact that cyber-attacks are increasing at an unprecedented rate.
- Cyber security consist of technologies and processes designed to protect computers, networks and data from unauthorized access, attacks delivered through internet.
- Cyber security can be defined as a practice that defends computers, servers, mobile devices, electronic system, networks and data from malicious attacks.
Different Types of Cyber Threats
1. Malware
- Most common type of cyber attack
- It includes attacks like spyware, viruses and worms which gets installed in the system when a user clicks a “planted” dangerous link or email attachment
- Once the malware is inside the system, it can block the user access to critical component of the system, damage the system and gather confidential information
- Malware is so common that it has its varieties such as virus, trojan, worms, spyware
2. Phishing
- Phishing attacks include fraudulent emails that seems to be legitimate, are sent in mass to unsuspecting users, disguised as coming from a reliable source
- The emails consist of malicious link leading to malware installation or disclosure of sensitive information like credit card details and login credentials
3. Spear phishing
- Spear phising is more sophisticated form of phishing attack where the target is directed at specific companies and/or individuals
- Among the targeted attacks, more than 71% use spear phishing
4. Man in the middle attack
- It occurs when the attacker place themselves between two party communication
- Once they interpret the data, they can steal and manipulate the data by interrupting the traffic
5. Denial of service attack
- This takes place by flooding systems, networks, or servers with massive traffic, thereby making the system unable to fulfill legitimate requests
- Attacks can also be used as launching from several host machine to achieve service denial and taking the whole system offline and pave their way to another attack to enter the network which is known as distributed denial of service attack
6. SQL injection
- This occurs when the server are forced to deliver protected information through inserting malicious code into server query language (SQL)
- It involves submitting malicious code into an unprotected website comment or search box
7. Zero-day exploit
- It occurs through exploiting of network vulnerability when it is new and recent –before a patch is announced and/or implemented
- Zero- day attackers jump into the vulnerability where no solution exist
8. Advanced persistent threats
- It occurs when attacker gains an unauthorized access to a system or network and remains undetected for a long time
9. Ransomware
- It is a type of malware attack that denies access to victim data and threatens to publish or block access to data unless a ransom is paid
10. DNS attack
- DNS attack is any attack that targets the availability and stability of a network’s domain name system (DNS) services
Types of Cyber Security
1. Infrastructure security
- It is the process of protecting utility service infrastructure by installing preventive measures to deny unauthorized access, modifications, deletion and theft
2. Network security
- It protects the network and data from breaches, intrusions and other threats whether inside or outside attacks
3. Information security
- It protects the integrity and privacy of the data in storage as well as in transit
4. Cloud security
- It ensures that this infrastructure and the data stored in cloud systems is secure against cyber threats and include that privacy and service availability is ensured within a network of shared cloud infrastructure resources
5. Organizational policy framework
- It is a part of cyber security responsible for mitigating security risks
6. End-user behavior
- Many security vulnerabilities in technologies and systems can be addressed by best-practices such as regularly updating systems for security, keeping strong passwords and authentication systems
Challenges in Cyber Security
1. Adapting to a remote workforce
- Due to the pandemic many companies has adopted hybrid work models which increases the cyber security risk for remote employees as using home networks have greater chance of security breach
2. Emerging 5G applications
- The new technologies come with new risks and thus there is never ending loop to look for potential threats in the evolved networks
3. Block chain and crypto currency attacks
- As there is an increase in the block chain and crypto currency use, the transactions are digital
- Thus naturally cyber security measures to protect against cyber-attack is necessary
4. Internet of things (IoT) attacks
- It is essentially the interconnection of physical objects using various sensors that communicate with each other
- As the data is transmitted, it leaves a room for hackers or cyber criminals to exploit the data
5. Phishing scams
- There has been increase in the phishing scams though people are becoming digitally literate
6. Need of training and education
Cyber security is a continuous evolving process. Thus, a person needs regular training and education to be updated on the latest cyber threats and cyber security measures.
Ways to Improve Cyber Security
- Keep your software and Operating system updated.
- Install anti-virus software in your system
- Install firewalls and popup blockers
- Use strong passwords
- Maintain backups
- Avoid opening emails from unknown sources.
- Avoid usage of public Wi-Fi and use secure connection
Cyber Security Vs Information Security
- Cyber security is often confused with information security and it only differs in its response and reduction/prevention
- Major differences between cyber security and information security are:
| Cyber security | Information security |
| Cyber security focuses on protecting computer systems from unauthorized access or being otherwise damaged or made inaccessible | Information security is a broader category that protects all information assets, whether in hard copy or digital form |
| Cyber security protects data on a cyber space and deals with cybercrimes, cyber frauds | Information security deals with unauthorized access, disclosure modification and disruption |
| Cyber security is handled by professionals who are trained to deal with advanced persistent threats | Information security lays a foundation of data security and are trained to prioritize resources first before eradicating threats or attacks |
| It acts as a first line defense | It makes plans to recover from a breach |
References and For More Information
https://www.techtarget.com/searchsecurity/definition/cybersecurity
https://www.kaspersky.com/resource-center/definitions/what-is-cyber-security
https://www.itgovernance.co.uk/what-is-cybersecurity
https://www.kaspersky.com/resource-center/definitions/what-is-cyber-security
https://deandorton.com/cyber-security-benefits/
https://www.careerera.com/blog/what-are-the-advantages-of-cyber-security
https://www.logpoint.com/en/blog/what-is-cyber-security/
https://thecyphere.com/blog/benefits-of-cyber-security/
