Cyber Security

 Cyber security is the protection of Internet-connected systems, including hardware, software,

and data from cyber attackers.
 The technique of protecting internet-connected systems such as computers, servers, mobile
devices, electronic systems, networks, and data from malicious attacks is known as
cybersecurity.
 Cyber Security is the body of technologies, processes, and practices designed to protect
networks, devices, programs, and data from attack, theft, damage, modification or
unauthorized access.
 Cyber Security is the set of principles and practices designed to protect our computing
resources and online information against threats.

Cyber security divided into two parts one is cyber and the other is security.
Cyber refers to the technology that includes systems, networks, programs, and data.

security is concerned with the protection of systems, networks, applications, and information.

It is also called electronic information security or information technology security.

Types of Cyber Security

Every organization's assets are the combinations of a variety of different systems, therefore we can
categorize cyber security in the following sub-domains:

o Network Security: It involves implementing the hardware and software to secure a computer
network from unauthorized access, intruders, attacks, disruption, and misuse.
o Application Security: It involves protecting the software and devices from unwanted threats.
This protection can be done by constantly updating the apps to ensure they are secure from
attacks.
o Information or Data Security: It involves implementing a strong data storage mechanism to
maintain the integrity and privacy of data, both in storage and in transit.
o Identity management: It deals with the procedure for determining the level of access that
each individual has within an organization.
o Operational Security: It involves processing and making decisions on handling and securing
data assets.
o Mobile Security: It involves securing the organizational and personal data stored on mobile
devices such as cell phones, computers, tablets etc. These threats are unauthorized access,
device loss or theft, malware, etc.
o Cloud Security: It involves in protecting the information stored in the digital environment or
cloud architectures for the organization. It uses various cloud service providers such as AWS,
Azure, Google, etc., to ensure security against multiple threats.
 o Disaster Recovery and Business Continuity Planning: It deals with the processes,
monitoring, alerts, and plans to how an organization responds when any malicious activity is
causing the loss of operations or data.

Why is Cyber Security important?

All critical infrastructure such as the banking system, healthcare, financial institutions, governments,
and manufacturing industries use devices connected to the Internet as a core part of their
operations. Some of their information, such as intellectual property, financial data, and personal
data, can be sensitive for unauthorized access or exposure that could have negative
consequences.

Cyber Security Goals

Cyber Security's main objective is to ensure data protection. The security community provides a
triangle of three related principles to protect the data from cyber-attacks. This principle is called
the CIA triad.

CIA model have three parts:

 Confidentiality
 Integrity
 Availability

Confidentiality

Confidentiality is equivalent to privacy that avoids unauthorized access of information. It involves

ensuring the data is accessible by those who are allowed to use it and blocking access to others.
Data encryption is an excellent example of ensuring confidentiality.

Integrity

This principle ensures that the data is authentic, accurate, and safeguarded from unauthorized
modification by threat actors or accidental user modification. If any modifications occur, certain
measures should be taken to protect the sensitive data from corruption or loss and speedily recover
from such an event.

AvailabilityThis principle makes the information to be available and useful for its authorized people
always. It ensures that these accesses are not hindered by system malfunction or cyber-attacks.

Types of Cyber Security Threats

A threat in cybersecurity is a malicious activity by an individual or organization to corrupt or steal data,
gain access to a network, or disrupts digital life in general .
Malware
Malware means malicious software, which is the most common cyber attacking tool. It is used by the
cybercriminal or hacker to disrupt or damage a legitimate user's system

o Virus: It is a malicious piece of code that spreads from one device to another. It can clean files
and spreads throughout a computer system, infecting files, stoles information, or damage
device.
o Spyware: It is a software that secretly records information about user activities on their
system. For example, spyware could capture credit card details that can be used by the
cybercriminals for unauthorized shopping, money withdrawing, etc.
o Trojans: It is a type of malware or code that appears as legitimate software or file to fool us into
downloading and running. Its primary purpose is to corrupt or steal data from our device or do
other harmful activities on our network.
o Ransomware: It's a piece of software that encrypts a user's files and data on a device,
rendering them unusable or erasing. Then, a monetary ransom is demanded by malicious
actors for decryption.
o Worms: It is a piece of software that spreads copies of itself from device to device without
human interaction. It does not require them to attach themselves to any program to steal or
damage the data.
o Adware: It is advertising software used to spread malware and displays advertisements on our
device. It is an unwanted program that is installed without the user's permission.
o Botnets: It is a collection of internet-connected malware-infected devices that allow
cybercriminals to control them. It enables cybercriminals to get credentials leaks, unauthorized
access, and data theft without the user's permission.
Phishing

Phishing is a type of cybercrime in which a sender seems to come from a genuine

organization like PayPal, eBay, financial institutions, or friends and co-workers. They contact a
target or targets via email, phone, or text message with a link to persuade them to click on that links.
This link will redirect them to fraudulent websites to provide sensitive data such as personal
information, banking and credit card information, social security numbers, usernames, and
passwords. Clicking on the link will also install malware on the target devices that allow hackers to
control devices remotely.

Man-in-the-middle (MITM) attack

A man-in-the-middle attack is a type of cyber threat (a form of eavesdropping attack) in which a

cybercriminal intercepts a conversation or data transfer between two individuals. Once the
cybercriminal places themselves in the middle of a two-party communication, they seem like genuine
participants and can get sensitive information and return different responses. The main objective of
this type of attack is to gain access to our business or customer data. For example, a cybercriminal
could intercept data passing between the target device and the network on an unprotected Wi-Fi
network.

Distributed denial of service (DDoS)

It is a type of cyber threat or malicious attempt where cybercriminals disrupt targeted servers,
services, or network's regular traffic by fulfilling legitimate requests to the target or its surrounding
infrastructure with Internet traffic. Here the requests come from several IP addresses that can make
the system unusable, overload their servers, slowing down significantly or temporarily taking them
offline, or preventing an organization from carrying out its vital functions.

Brute Force

A brute force attack is a cryptographic hack that uses a trial-and-error method to guess all
possible combinations until the correct information is discovered. Cybercriminals usually use this
attack to obtain personal information about targeted passwords, login info, encryption keys, and
Personal Identification Numbers (PINS).

SQL Injection (SQLI)

SQL injection is a common attack that occurs when cybercriminals use malicious SQL scripts for
backend database manipulation to access sensitive information. Once the attack is successful, the
malicious actor can view, change, or delete sensitive company data, user lists, or private customer
details stored in the SQL database.
Domain Name System (DNS) attack

A DNS attack is a type of cyberattack in which cyber criminals take advantage of flaws in the Domain
Name System to redirect site users to malicious websites (DNS hijacking) and steal data from
affected computers. It is a severe cybersecurity risk because the DNS system is an essential element
of the internet infrastructure.

Benefits of cybersecurity
o Cyberattacks and data breach protection for businesses.
o Data and network security are both protected.
o Unauthorized user access is avoided.
o After a breach, there is a faster recovery time.
o End-user and endpoint device protection.
o Regulatory adherence.
o Continuity of operations.
o Developers, partners, consumers, stakeholders, and workers have more faith in the company's
reputation and trust.
 DATA SCIENCE

Data science is a deep study of the massive amount of data, which involves extracting
meaningful insights from raw, structured, and unstructured data that is processed using
the scientific method, different technologies, and algorithms.

It is a multidisciplinary field that uses tools and techniques to manipulate the data so
that you can find something new and meaningful.

Data science uses the most powerful hardware, programming systems, and most
efficient algorithms to solve the data related problems. It is the future of artificial
intelligence.

Example:

Let suppose we want to travel from station A to station B by car. Now, we need to take
some decisions such as which route will be the best route to reach faster at the location,
in which route there will be no traffic jam, and which will be cost-effective. All these
decision factors will act as input data, and we will get an appropriate answer from these
decisions, so this analysis of data is called the data analysis, which is a part of data
science.
Data is becoming so vast, i.e., approximately 2.5 quintals bytes of data is generating
on every day, which led to data explosion.

It is estimated as per researches, that by 2020, 1.7 MB of data will be created at every
single second, by a single person on earth. Every Company requires data to work,
grow, and improve their businesses.

Now, handling of such huge amount of data is a challenging task for every organization.
So to handle, process, and analysis of this, we required some complex, powerful, and
efficient algorithms and technology, and that technology came into existence as data
Science.

Some main reasons for using data science technology:

o With the help of data science technology, we can convert the massive amount of
raw and unstructured data into meaningful insights.
o Data science technology is opting by various companies, whether it is a big
brand or a startup. Google, Amazon, Netflix, etc, which handle the huge amount
of data, are using data science algorithms for better customer experience.
o Data science is working for automating transportation such as creating a self-
driving car, which is the future of transportation.
o Data science can help in different predictions such as various survey, elections,
flight ticket confirmation, etc.

Data Science Components:

The main components of Data Science are given below:

1. Statistics: Statistics is one of the most important components of data science.

Statistics is a way to collect and analyze the numerical data in a large amount and
finding meaningful insights from it

2. Domain Expertise: In data science, domain expertise binds data science together.
Domain expertise means specialized knowledge or skills of a particular area. In data
science, there are various areas for which we need domain experts.

3. Data engineering: Data engineering is a part of data science, which involves

acquiring, storing, retrieving, and transforming the data. Data engineering also includes
metadata (data about data) to the data.
4. Visualization: Data visualization is meant by representing data in a visual context so
that people can easily understand the significance of data. Data visualization makes it
easy to access the huge amount of data in visuals.

5. Advanced computing: Heavy lifting of data science is advanced computing.

Advanced computing involves designing, writing, debugging, and maintaining the
source code of computer programs.

6. Mathematics: Mathematics is the critical part of data science. Mathematics involves

the study of quantity, structure, space, and changes. For a data scientist, knowledge of
good mathematics is essential.

7. Machine learning: Machine learning is backbone of data science. Machine learning

is all about to provide training to a machine so that it can act as a human brain. In data
science, we use various machine learning algorithms to solve the problems.

Data Science Lifecycle

The life-cycle of data science is explained as below diagram.

1. Discovery: The first phase is discovery, which involves asking the right questions.
When you start any data science project, you need to determine what are the basic
requirements, priorities, and project budget. In this phase, we need to determine all the
requirements of the project such as the number of people, technology, time, data, an
end goal, and then we can frame the business problem on first hypothesis level.

2. Data preparation: Data preparation is also known as Data Munging. In this phase,
we need to perform the following tasks:

o Data cleaning,Data Reduction,Data integration,Data transformation,

3. Model Planning: In this phase, we need to determine the various methods and
techniques to establish the relation between input variables.

4. Model-building: In this phase, the process of model building starts. We will create
datasets for training and testing purpose.

5. Operationalize: In this phase, we will deliver the final reports of the project, along
with briefings, code, and technical documents. This phase provides you a clear
overview of complete project performance and other components on a small scale
before the full deployment.

6. Communicate results: In this phase, we will check if we reach the goal, which we
have set on the initial phase. We will communicate the findings and final result with the
business team.

Applications of Data Science:

o Image recognition and speech recognition:

Data science is currently using for Image and speech recognition. When you
upload an image on Facebook and start getting the suggestion to tag to your
friends. This automatic tagging suggestion uses image recognition algorithm,
which is part of data science.
When you say something using, "Ok Google, Siri, Cortana", etc., and these
devices respond as per voice control, so this is possible with speech recognition
algorithm.
o Gaming world:
In the gaming world, the use of Machine learning algorithms is increasing day by
day. EA Sports, Sony, Nintendo, are widely using data science for enhancing
user experience.
o Internet search:
When we want to search for something on the internet, then we use different
types of search engines such as Google, Yahoo, Bing, Ask, etc., and you can get
a search result with a fraction of seconds.
o Transport:
Transport industries also using data science technology to create self-driving
cars. With self-driving cars, it will be easy to reduce the number of road
accidents.
o Risk Detection:
Finance industries always had an issue of fraud and risk of losses, but with the
help of data science, this can be rescued.
Most of the finance companies are looking for the data scientist to avoid risk and
any type of losses with an increase in customer satisfaction.
 Malware
Malware, or malicious software, is any program or file that is harmful to a computer
user. Malware includes computer viruses, worms, Trojan horses and spyware.

VIRUS

A computer virus is a malicious software program loaded onto a user’s computer

without the user’s knowledge and performs malicious actions.

❖ Computer viruses never occur naturally. They are always induced by people.
❖ It can self-replicate, inserting itself onto other programs or files, infecting them
in the process.

WORM

A computer worm is a malicious, self-replicating software program which affects the

functions of software and hardware programs.
It can also self-replicate itself and spread across networks.

Computer worms are different from computer viruses in certain aspects.

❖ First, unlike viruses worms exist as separate entities or standalone software.

They do not need host files or programs.
❖ Secondly, unlike viruses, worms do not alter files but reside in active memory
and duplicate themselves. their uncontrolled replication consumes system

TROJAN

It is a type of computer software that is camouflaged in the form of regular software

such as utilities, games and sometimes even antivirus programs. It causes problems
like,

❖ deleting hard drive data

❖ corrupting file allocation systems.
SPYWARE

Spyware can capture information like Web browsing habits, e-mail messages,
usernames and passwords, and credit card information. If left unchecked, the
software can transmit this data to another person's computer over the Internet.

Hacking

Hacking generally refers to unauthorized intrusion into a computer or a network. The

person engaged in hacking activities is known as a hacker. This hacker may alter
system or security features to accomplish a goal that differs from the original
purpose of the system.

Hackers employ a variety of techniques for hacking, including:

• Vulnerability scanner
• Password cracking
• Packet sniffer
• Spoofing attack

DIGITAL WORLD

Digital world means inter connected through digital devices, media digital marketing
services that are available to every one 24/7. It is the world full of ideas, opinions,
learning and opportunities. The Internet has made it possible for all of us to connect
whenever we consider it necessary.

ROBOTICS

Robotics is an interdisciplinary branch of engineering and science that

includes mechanical engineering, electronics engineering, computer science, and
others.

❖ Robotics deals with the design, construction, operation, and use of robots.

❖ The field of robotics has greatly advanced with several new general
technological achievements
 ❖ The field of robotics also intersects with artificial intelligence. Since robots are
physically discrete units, they are perceived to have their own intelligence.

ATM

An automated teller machine (ATM) is an electronic banking outlet that allows

customers to complete basic transactions without the aid of a branch representative
or teller. Anyone with a credit card or debit card can access most ATMs. The first
ATM appeared in London in 1967, and in less than 50 years, ATMs had spread
around the globe, securing a presence in every major country.

CAPTCHA

The word is actually an acronym for: Completely Automated Public Turing test to tell
Computers and Humans Apart. The reasoning behind why websites implement CAPTCHA
codes into their registration processes is because of spam. Those crazy letters are a way to
check if the person registering or trying to comment is a real live human being as opposed to
a computer program attempting to spam the system.