Soniya Hariramani (CYBERSECURITY Report
Soniya Hariramani (CYBERSECURITY Report
Soniya Hariramani (CYBERSECURITY Report
ABSTRACT
SEMINAR REPORT
Submitted by
SONIYA HARIRAMANI
Of
In
ABSTRACT
1. INTRODUCTION 4- 6
• Purpose 4
• GENERAL 10-13
• SECURITY 18-22
5. PRACTICAL IMPLICATIONS OF CYBER SECURITY 22-23
23-26
• Case Study Examples
6. DISCUSSION 27-32
8. CONCLUSION 34-35
9. REFERENCES 36
01 INTRODUCTION
Cybersecurity, a critical component of the digital age, is a
multidisciplinary field dedicated to safeguarding information systems,
networks, and data from unauthorized access,cyberattacks, and data
breaches. As our dependence on technology grows, so does the
complexity and sophistication of cyber threats, making cybersecurity
an essential practice forindividuals, organizations, and governments.
Key Components of Cybersecurity:
❖ Confidentiality: Protecting sensitive information from
unauthorized access or disclosure,ensuring that only authorized
individuals or systems can access specific data.
❖ Integrity: Ensuring the accuracy and reliability of data by
preventing unauthorizedalterations, modifications, or
deletions.
❖ Availability: Ensuring that information systems and resources are
consistently availablefor authorized users, free from disruptions
or downtime caused by cyber incidents.
❖ Authentication: Verifying the identity of individuals or systems
attempting to access resources, typically through the use of
usernames, passwords, biometrics, or multi-factorauthentication.
❖ Authorization: Granting appropriate access permissions to
individuals or systems based on their authenticated identity,
ensuring they only have access to the resources necessary for their
roles.
❖ Risk Management: Identifying, assessing, and mitigating
potential risks and vulnerabilities within an organization's
information systems to minimize the impact ofcyber threats.
❖ Cybersecurity Measures:
❖ Firewalls and Intrusion Detection/Prevention Systems:
Establishing barriers to filterand monitor network traffic,
preventing unauthorized access.
❖ Antivirus and Anti-malware Software: Detecting and removing
malicious software toprotect against various forms of malware.
❖ Encryption: Securing data by converting it into
unreadable code, ensuringconfidentiality, even if
intercepted.
❖ Security Awareness Training: Educating individuals about
cybersecurity risks, bestpractices, and how to recognize and
respond to potential threats.
❖ Incident Response Planning: Developing and implementing
strategies to detect, respondto, and recover from cybersecurity
incidents effectively.
❖ Patch Management: Regularly updating and patching software
and systems to addressknown vulnerabilities and reduce the risk
of exploit
1.3. Encryption
It is the method toward encoding messages so programmers cannot
scrutinize it. In encryption, the message is encoded by encryption, changing it into a
stirred-up figure content. It commonly completes with the use of an “encryption
key,” that demonstrates how the message is to encode. Encryption at the earliest
reference point level secures information protection and its respectability
(Sharma, 2012). Additional use of encryption obtains more problems in
cybersecurity. Encryption is used to ensure the information in travel, for instance,
the information being exchanged using systems (for example the Internet, online
business), mobile phones, wireless radios and so on.
1. Cyber Terrorism
Incident Response:
Preparation: Establishing an incident response plan to effectively manage and mitigate
security incidents.
Detection and Analysis: Identifying and analyzing security incidents to understand their
nature and impact.
Containment, Eradication, and Recovery: Taking steps to contain the incident,
eliminate the threat, and recover affected systems.
Security Awareness and Training:
Educating Users: Raising awareness among individuals about common cybersecurity
threats and best practices.
Phishing Awareness: Training users to recognize and avoid phishing attacks.
Security Policies and Compliance:
Policy Development: Creating and enforcing security policies to guide organizational
practices.
Compliance: Ensuring adherence to relevant laws, regulations, and industry standards.
Challenges in Cybersecurity:
Risk Assessment: Regularly assess and identify potential risks to prioritize and address
security concerns.
Multi-Factor Authentication (MFA): Implement MFA to add an extra layer of security
for user authentication.
Regular Updates and Patching: Keep all software, systems, and devices up to date to
address known vulnerabilities.
Encryption: Use encryption to protect sensitive data both in transit and at rest.
Employee Training: Educate and train employees on cybersecurity best practices to
reduce the risk of human error.
Incident Response Planning: Develop and regularly update an incident response plan to
effectively manage security incidents.
Collaboration and Information Sharing: Share threat intelligence and collaborate with
other organizations to enhance cybersecurity defenses.
Continuous Monitoring: Implement continuous monitoring systems to detect and
respond to security incidents in real-time.
Cybersecurity is a dynamic and ever-evolving field that requires a holistic approach,
incorporating technology, policies, and human factors to safeguard digital assets and maintain
trust in the digital ecosystem. Organizations and individuals must stay proactive, adaptive, and
vigilant to counter the evolving threat landscape.
03
OBJECTIVES OF THE STUDY OF CYBER SECURITY
04
REVIEW OF LITERATURE
A comprehensive review of the literature on cybersecurity reveals a dynamic and rapidly
evolving field with a multitude of dimensions, challenges, and approaches. The literature
encompasses a wide range of topics, including but
not limited to network security, information
security, privacy, cryptography, threat
intelligence, incident response, and policy and
governance. Here is a brief overview of key
themes and trends in the literature:
Skill Gap Analysis: Numerous studies highlight the persistent gap between the demand
for cybersecurity professionals and the available skilled workforce. Research consistently
emphasizes the need for targeted education programs to address this gap.
Curriculum Development: Literature underscores the importance of adaptive and up-to-
date curricula that align with industry needs. Effective cybersecurity education requires a
multidisciplinary approach, integrating technical skills with critical thinking, ethics, and
communication abilities.
Role of Industry Partnerships: Collaboration between academia and industry is
identified as a critical factor in enhancing cybersecurity education. Programs that involve
industry experts, internships, and real-world projects contribute significantly to the
practical skills development of cybersecurity professionals.
Diversity and Inclusion: A growing body of literature recognizes the need for diversity
and inclusion in the cybersecurity workforce. Research emphasizes the benefits of a
diverse workforce in addressing complex and evolving cyber threats and calls for targeted
efforts to attract underrepresented groups to the field.
Continuous Learning and Professional Development: The rapidly changing nature of
cyber threats necessitates ongoing learning and professional development. Literature
stresses the importance of establishing mechanisms for continuous education,
certifications, and training to keep cybersecurity professionals abreast of emerging
technologies and threats.
Pedagogical Approaches: Studies explore various pedagogical approaches, including
hands-on learning, simulation exercises, and interactive teaching methods. The
effectiveness of experiential learning in cybersecurity education is highlighted,
emphasizing the need for practical, scenario-based training.
Cybersecurity Awareness: Beyond formal education, there is a consensus in the
literature on the critical role of cybersecurity awareness programs. Educating the general
public, as well as non-specialized professionals, is essential for creating a security-
conscious culture and reducing vulnerabilities.
Global Perspectives: The international dimension of cybersecurity education and
workforce development is increasingly recognized. Comparative studies explore different
countries' approaches, identifying best practices and areas for improvement in global
efforts to address the growing cybersecurity challenges.
In conclusion, the literature on Cybersecurity Education and Workforce Development reflects a
field in constant evolution. The synthesis of existing research provides a foundation for
understanding current challenges and opportunities, offering valuable insights for policymakers,
educators, and industry stakeholders striving to build a robust and resilient cybersecurity
workforce.
International Collaboration and Information Sharing:
Given the global nature of cyber threats, literature emphasizes the importance of international
collaboration and information sharing. Discussions cover challenges related to trust, privacy, and
the need for coordinated responses to cyber incidents. A comprehensive review of the literature
on International Collaboration and Information Sharing reveals a nuanced and evolving
landscape characterized by the increasing interconnectedness of global systems. The synthesis of
existing research highlights several key themes:
Need for Cross-Border Cooperation: Literature consistently underscores the imperative
for international collaboration in addressing complex global challenges. Issues such as
transnational cyber threats, pandemics, terrorism, and climate change necessitate
collaborative efforts among nations to develop effective strategies and responses.
Information Sharing Mechanisms: Research explores various models and mechanisms
for sharing information across borders. Successful case studies and best practices
emphasize the importance of establishing secure, standardized, and timely information-
sharing protocols to enhance situational awareness and facilitate rapid response to
emerging threats.
Challenges and Barriers: The literature recognizes and examines the challenges and
barriers to international collaboration and information sharing. Issues such as data
privacy concerns, legal and regulatory disparities, and geopolitical tensions are identified
as potential impediments that must be addressed to foster effective cooperation.
Public-Private Partnerships: Studies highlight the growing importance of public-
private partnerships in international collaboration. The involvement of both government
and private sector entities is seen as crucial for leveraging expertise, resources, and
technology to tackle global issues effectively.
Role of Technology: Technological advancements play a significant role in enabling and
enhancing international collaboration. Literature explores the use of technologies such as
blockchain, secure communication platforms, and artificial intelligence to facilitate
secure and efficient information sharing across borders.
Capacity Building and Knowledge Transfer: Successful international collaboration
involves capacity building and knowledge transfer among participating nations. The
literature emphasizes the importance of fostering educational exchanges, joint training
programs, and collaborative research initiatives to build the expertise and capabilities
necessary for addressing shared challenges.
Diplomacy and Trust Building: Diplomacy and trust-building are identified as critical
components of successful international collaboration. Research explores strategies for
building trust among nations, emphasizing transparent communication, mutual
understanding, and the establishment of diplomatic channels to navigate challenges and
conflicts.
Global Governance Frameworks: The development of global governance frameworks
is a recurring theme in the literature. Scholars discuss the need for international
agreements, protocols, and institutions that can facilitate coordinated responses to global
challenges and ensure equitable participation among nations.
The literature also delves into the ethical considerations of cybersecurity, including
the responsible disclosure of vulnerabilities, the ethics of hacking, and the balance between
national security and individual privacy the literature on cybersecurity is rich and diverse,
reflecting the multifaceted nature of the field. Ongoing research and collaboration are essential to
staying ahead of evolving threats and ensuring the continued security of digital ecosystems. A
comprehensive review of literature on the ethical and legal implications in a given context
involves a thorough exploration of existing scholarly works, research studies, and legal
frameworks. The synthesis of this body of knowledge provides a nuanced understanding of the
complex interplay between ethics and legality. In examining the literature, key themes emerge,
such as the evolving nature of ethical considerations in response to technological advancements,
cultural shifts, and societal expectations.
Scholarly articles and academic journals contribute valuable insights into the
theoretical foundations of ethical frameworks and legal structures. These sources shed light on
the historical development of ethical principles and the evolution of legal standards, offering a
contextualized perspective on their current applications. Furthermore, a review should scrutinize
contemporary case studies that exemplify ethical dilemmas and legal challenges, providing real-
world illustrations of the complexities inherent in navigating these issues. Analyzing how
various stakeholders, including individuals, organizations, and policymakers, respond to and
shape these dilemmas contributes to a holistic understanding of the subject. Additionally,
exploring interdisciplinary literature is essential, as ethical and legal implications often extend
beyond a single field of study. Incorporating perspectives from philosophy, sociology,
psychology, and other relevant disciplines enriches the analysis and fosters a more
comprehensive appreciation of the multifaceted nature of ethical and legal considerations.
Ultimately, a well-rounded review of the literature on ethical and legal implications not only
identifies existing gaps in knowledge but also serves as a foundation for future research and
policy development. By synthesizing diverse perspectives, the review contributes to a nuanced
and informed discourse on the ethical and legal dimensions of a given subject, promoting a
deeper understanding of the challenges and opportunities within the chosen context.
05
PRACTICAL IMPLICATIONS OF CYBER SECURITY
Cybersecurity is crucial in today's interconnected world to protect digital systems, networks, and
data from various cyber threats. The practical implications of cybersecurity are far-reaching and
impact various aspects of individuals, organizations, and society as a whole. Here are five
examples of practical implications of cybersecurity:
Data Protection and Privacy:
Implication: Cybersecurity measures are essential to safeguard sensitive and personal
information from unauthorized access, theft, or disclosure.
Example: Encryption techniques, secure data storage practices, and access controls help
protect financial information, healthcare records, and personal data from being
compromised. Compliance with data protection regulations, such as GDPR (General Data
Protection Regulation), is a practical implication of cybersecurity in ensuring user
privacy.
Financial Security:
Implication: Cyber-attacks can have severe financial implications for individuals and
organizations, including theft of funds, fraud, and disruption of financial services.
Example: Implementing secure online transaction mechanisms, multi-factor
authentication, and continuous monitoring for suspicious activities are practical
cybersecurity measures to safeguard financial systems.
Financial institutions invest heavily in cybersecurity to protect
against threats such as phishing, ransomware, and
unauthorized access to customer accounts.
Critical Infrastructure Protection:
Implication: Cybersecurity is crucial for safeguarding critical
infrastructure, such as power grids, water supply systems, and
transportation networks, from cyber-attacks thatcould have
significant real-world consequences.
Example: Deploying firewalls, intrusion detection systems, and
regular security auditsare practical measures to protect critical
infrastructure. National governments often establish
cybersecurity standards and regulations to ensure the resilience
of essential services against cyber threats.
Business Continuity and Risk Management:
Implication: Cybersecurity is integral to ensuring business
continuity by mitigating therisks associated with cyber threats
that could disrupt operations or lead to data loss.
Example: Creating incident response plans, regularly updating
software and systems, andeducating employees on cybersecurity
best practices contribute to business continuity. Cybersecurity risk
assessments help organizations identify vulnerabilities, prioritize
threats, and implement measures to reduce overall risk.
National Security:
Implication: Cybersecurity plays a vital role in protecting a
nation's security interests bydefending against cyber-attacks on
government systems, military infrastructure, and critical national
assets.
Example: Establishing national cybersecurity strategies,
developing cyber defense capabilities, and fostering international
cooperation to combat cyber threats are practicalimplications for
national security. Governments invest in cybersecurity to protect
againststate-sponsored cyber espionage, cyber terrorism, and other
forms of cyber warfare.
The practical implications of cybersecurity extend across various domains,
encompassing the protection of sensitive data, financial assets, critical
infrastructure, business operations, and evennational security. As
technology evolves, the importance of cybersecurity continues to grow to
address emerging threats and vulnerabilities.
3.3.2. Details:
The worst part of this attack is how the Uber handled the issue, this is a
lesson to most companies what not to do. In late 2016 just two hackers were able to
steel the Users personal data with includes names, phone numbers and email
addresses. They were able to steal the 600,000 driver's license information.
Hackers got access to the Uber's GitHub account through a third-party cloud-
based service. With the details found from the GitHub, Hackers found a way to
access Uber user data in AWS. Ubers paid those two hackers $100, 000 to
permanently destroy the whole data they obtained and not letting the users or the
regulators about stolen information.
But also, Uber confirmed that data was destroyed with the assurance they
received from the hackers. According to US Law enforcement, any breach should
be reported to the authorities and not pay hackers. And this kind of approach from
Uber led other hackers to blackmail Netflix, where Hackers frightened to release
TV shows unless the company paid the money hackers requested. Almost 49 states
have this law enforcement where a security breach should be notified, after the
court hearings Uber agreed to pay 20million to settle FTC charges. Not only the US
but also other major countries like UK, Italy, and the Philippines reacted on this
29
3.3.4. Solutions
Some solutions regarding cyber security and cyber terrorism describe here:
• Cyber Security Techniques
Some techniques can use to improve cybersecurity.
• Access control and “password security”: The idea of password and user
name has a primary method for ensuring data. It may be the principal
measures concerning cybersecurity.
• Data’s Authentication: The documents that we get should dependably be
validated be before transferring. It should check if it has begun from a
critical and dependable source and that they are not modified (Gade, &
Reddy, 2014). Verifying of these records is typically done by the “anti-
virus” software present in the gadgets. Subsequently, a decent “anti-
virus” software is likewise necessary to shield the gadgets from viruses.
• Anti-virus software: It is a PC program that classifies, avoids, and makes
a move to harm or evacuate noxious software programs, for instance,
viruses as well as worms. Most "antivirus programs" comprise an "auto-
update" feature that authorizes the program to download profiles of new
viruses with the objective that it can chequer for the new viruses when
they find.
• Malware scanners: This is software that typically filters each of the
records and archives current in the framework for vindictive code or
destructive viruses [10]. Viruses, worms, as well as Trojan horses, are
instances of “malicious software” that regularly assemble and alluded to
as malware.
• Firewall: A “software program” or an equipment that helps monitor
hackers, infections, and all types of worms which endeavour to achieve
PC over the Internet. All data which is transmitting to and fro over the
web go through the firewall contemporary, which looks at every
individual message and hinders which do not meet the security requirements
and classify them as threat and try to block from the system and monitor
the activities. Henceforth firewalls assume an essential job in recognizing
the malware.
3.4. Prevention of Cyber Terrorism
The capacity to prevent cyber terrorism lies with the capacity to securely
verify cyberspace. Cybersecurity has an intriguing parallel to terrorism. Both are
lopsided. Guaranteeing the security of information, data, and correspondence is
impressively harder than hacking into a framework. The attacker has an
inalienable preferred standpoint in both regular terrorism and cyber-attacks. On
account of state-supported attacks, the difficulties are of a lot higher greatness
(Cabaj, Kotulski, Księżopolski, & Mazurczyk, 2018). Governments should
guarantee that their rules smear to cybercrimes and be wholly actualized and hold
fast to; it is essential that the countries of the biosphere take measures to guarantee
that its punitive and technical law is satisfactory to address the difficulties
presented by cybercrimes (Kumar, & Somani, 2018).
The availability, confidentiality and the integrity of information in any
associations are essential which endeavors must be set up to guarantee that they
are exceptionally secure because it is the significant cyber resource that makes
each association stand and in the meantime depended upon. The information has
entered by the “cyber-terrorist” is something beyond records which may
incorporate messages, web applications, web pages, and just as some
indispensable operating systems. (Kumar, & Somani, 2018)
06
DISCUSSION
07
SCOPE OF FURTHER STUDY
The field of cybersecurity is dynamic and continually evolving, making it essential for
professionals to engage in further study to stay ahead of emerging threats and technologies. Here
are several areas within cybersecurity that offer significant scope for further study:
Advanced Threat Detection and Response: Focus on advanced threat detection
techniques, threat hunting, and incident response to effectively identify and mitigate
sophisticated cyber threats.
Ethical Hacking and Penetration Testing: Specialize in ethical hacking and penetration
testing to assess the security of systems, networks, and applications. Certifications like
Certified Ethical Hacker (CEH) and Offensive Security Certified Professional (OSCP)
can be pursued.
Security Analytics and Big Data: Explore the intersection of cybersecurity and big data
analytics to detect patterns and anomalies in large datasets, enhancing the ability to
identify and respond to security incidents.
Cloud Security: Gain expertise in securing cloud environments, understanding the
unique challenges associated with cloud platforms like AWS, Azure, and Google Cloud.
IoT Security: Study the security challenges associated with the Internet of Things (IoT)
and learn how to secure connected devices and networks in diverse IoT ecosystems.
Mobile Security: With the proliferation of mobile devices, focus on securing mobile
applications, devices, and networks. Understand mobile threat vectors and effective
security measures.
Blockchain Security: Explore the security considerations related to blockchain
technology, especially in areas like cryptocurrency and smart contracts.
Incident Response and Digital Forensics: Specialize in incident response and digital
forensics to investigate and analyze security incidents, breaches, and cybercrime
activities.
Identity and Access Management (IAM): Study IAM solutions and protocols to ensure
secure and efficient management of user identities, access permissions, and
authentication processes.
Network Security and Infrastructure: Deepen our understanding of network security
principles, secure network design, and the implementation of security measures at the
infrastructure level.
Security Automation and Orchestration: Explore the integration of automation and
orchestration in cybersecurity workflows to streamline security operations and response
processes.
Risk Management and Compliance: Gain expertise in assessing and managing
cybersecurity risks, as well as understanding regulatory compliance requirements relevant
to various industries.
Artificial Intelligence and Machine Learning in Cybersecurity: Study the application
of AI and machine learning algorithms in cybersecurity for threat detection, anomaly
detection, and predictive analysis.
Cybersecurity Governance and Policy: Understand the legal and policy aspects of
cybersecurity, including privacy laws, regulations, and best practices for establishing
effective cybersecurity governance.
Cryptography and Post-Quantum Cryptography: Explore cryptographic algorithms
and protocols, as well as the emerging field of post-quantum cryptography to ensure
secure communication in the era of quantum computing.
Continuous learning, staying updated on industry trends, and obtaining relevant certifications are
crucial for a successful career in cybersecurity. Certifications from reputable organizations such
as (ISC)², CompTIA, ISACA, and others can validate your skills and knowledge in specific areas
of cybersecurity.
5. Conclusion
Cyber-security is both about the insecurity made by and through this new
space and about the practices or procedures to make it (progressively) secure.
Exertion to verify the cyberspace should give a definitive need else the
"information technology" will not be viably used by clients. The terrorist of things
to come will win the wars without discharging a shot just by crushing the country's
necessary substructure if steps are not taken to handle the pervasiveness of the
expansion in such a cyber-attack. They can bring an unknown look into the lives of
others, regardless of whether they live nearby or over the globe.
The “cyber-terrorism” can in one method or alternate prompts the death
toll just as causing severe harms. Though social media can utilize for cybercrimes,
these organizations cannot stand to quit utilizing social media as it assumes an
essential role in the attention of an organization. Cyber terrorism has guaranteed
numerous innocent lives and in the meantime render numerous homes to a
condition of the problem that is occasionally coming about to mental injury to the
influenced families. Cyber terrorism stays vital issues of the present society. Not
just that the battle against Cyber terrorism is falling behind, current cybercrime
assaults are ending up progressively forceful and confrontational. Cybersecurity
has an intriguing parallel to terrorism. Guaranteeing the security of information,
data, and correspondence is impressively harder than hacking into a system.
6. References
[1] Bendovschi, A. (2015). Cyber-Attacks – Trends, Patterns and Security
Countermeasures.
Procedia Economics and Finance, 24-31. doi:10.1016/S2212-
5671(15)01077-
[2] Cabaj, K., Kotulski, Z., Księżopolski, B., & Mazurczyk, W. (2018).
Cybersecurity: trends, issues, and challenges. EURASIP Journal on
Information Security. doi:10.1186/s13635- 018-0080-0
[3] Dervojeda, K., Verzijl, D., Nagtegaal, F., Lengton, M., & Rouwmaat, E. (2014). Innovative
Business Models: Supply chain finance. Netherlands: Business Innovation Observatory;
European Union.
[4] Gade, N. R., & Reddy, U. G. (2014). A Study Of Cyber Security Challenges And Its Emerging
Trends On Latest Technologies. Retrieved from
https://www.researchgate.net/publication/260126665_A_Study_Of_Cyber_Security_Ch
allenges_And_Its_Emerging_Trends_On_Latest_Technologies
[5] Gross, M. L., Canetti, D., & Vashdi, D. R. (2017). Cyberterrorism: its effects on psychological
well-being, public confidence and political attitudes. Journal of Cybersecurity, 3(1), 49–58.
doi:10.1093/cybsec/tyw018
[6] Hua, J., & Bapna, S. (2013). The economic impact of cyber terrorism. The Journal of Strategic
Information Systems, 22(2), pp. 175-186.
[7] Kumar, S., & Somani, V. (2018). Social Media Security Risks, Cyber Threats And Risks
Prevention And Mitigation Techniques. International Journal of Advance Research in Computer
Science and Management, 4(4), pp. 125-129.
[8] Panchanatham, D. N. (2015). A case study on Cyber Security in E-Governance.
International Research Journal of Engineering and Technology.
[9] Samuel, K. O., & Osman, W. R. (2014). Cyber Terrorism Attack of The Contemporary
Information Technology Age: Issues, Consequences and Panacea. International Journal of
Computer Science and Mobile Computing, 3(5), pp. 1082-1090.
[10] Sharma, R. (2012). Study of Latest Emerging Trends on Cyber Security and its challenges to
Society. International Journal of Scientific & Engineering Research, 3(6).
[11] Sreenu, M., & Krishna, D. V. (2017). A General Study on Cyber-Attacks on Social Networks.
IOSR Journal of Computer Engineering (IOSR-JCE), 19(5), pp. 01-04.
[12] Sutton, D. (2017). Cyber Security : A Practitioner’s Guide. Swindon, UK: BCS, the Chartered
Institute for IT.