This document defines cyber security and discusses its various aspects. Cyber security refers to technologies, processes, and practices designed to protect networks, devices, programs, and data from attacks, damage, or unauthorized access. It discusses key areas of cyber security like application security, information security, disaster recovery planning, network security, and operational security. It also provides examples of common cyber security threats like malware, ransomware, and social engineering. Finally, it states that cyber security vendors like Cisco, McAfee, and Trend Micro provide endpoint, network, and advanced threat protection as well as data loss prevention solutions.
2. CYBER + SECURITY = CYBER
SECURITY
Cyber means relating
to or characteristic of
the culture of
computers,
information
technology, and
virtual reality.
Security means the
state of being free
from danger of
threats.
3. CYBER SECURITY
CYBER SECURITY REFERS TO A BODY OF
TECHNOLOGIES, PROCESSES AND PRACTICES
DESIGNED TO PROTECT NETWORKS, DEVICES,
PROGRAMS AND DATA FROM ATTACK, DAMAGE
OR UNAUTHORISED ACCESS.
5. APPLICATION SECURITY:
APPLICATION SECURITY ENCOMPASSES MEASURES OR COUNTER-
MEASURES THAT ARE TAKEN DURING THE DEVELOPMENT LIFE-
CYCLE TO PROTECT APPLICATIONS FROM THREATS THAT CAN
COME THROUGH FLAWS IN THE APPLICATION DESIGN,
DEVELOPMENT, DEPLOYMENT, UPGRADE OR MAINTENANCE.
SOME BASICS TECHNIQUES ARE:
INPUT PARAMETER VALIDATION
USER/ROLL AUTHORIZATION
AUDITING AND LOGGING
7. INFORMATION SECURITY:
INFORMATION SECURITY PROTECTS INFORMATION FROM
ANOTHORIZED ACCESS TO AVOID IDENTITY THEFT AND TO
PROTECT PRIVACY.M MAJOR TECHNICQUES USED TO COVER
ARE:
IDENTIFICATION OF USER
AUTHORIZATION OF USER
AUTHENTICATION OF USER
CYPTOGRAPHY
8. DISASTER RECOVERY PLANNING:
DISASTER RECOVERY PLANNING IS A PROCESS THAT
INCLUDES PERFORMING RISK ASSESSMENT,
ESTABLISHING PRIORITIES, DEVELOPING RECOVERY
STRATEGIES IN CASE OF A DISASTER. ANY BUSINESS
SHOULD HAVE A CONCRETE PLAN FOR DISASTER
RECOVERY TO RESUME NORMAL BUSINESS
OPERATIONS AS QUICKLY AS POSSIBLE AFTER A
DISASTER.
9. NETWORK SECURITY:
NETWORK SECURITY INCLUDES ACTIVITES TO PROTECT THE USABILITY
RELIABILITY INTEGRITY AND SAFETY OF THE NETWORK. EFFECTIVE
NETWORK SECURITY TARGETS A VARIETY OF THREATS AND STOP THEM
FROM ENTERING OR SPREADING ON THE NETWORK. NETWORK
SECURITY COMPONENTS INCLUDE
ANTIVIRUS AND ANTI SPYWARE
FIREWALL, TO BLOCK UNAUTHORISED ACCESS TO YOUR NETWORK
INSTRUCTION, PREVENTION SYSTEM TO IDENTIFY FAST SPREADING
THREATS
10. RANSOMEWARE:
TYPE OF MALWARE THAT INVOLVE AN ATTACKER
LOCKING THE VICTIMS COMPUTER SYSTEM FILES
TYPICALLY THROUGH ENCRYPTION.
MALWARE:
ANY FILE OR PROGRAM USED TO HARM A
COMPUTER USER SUCH AS WORMS COMPUTER VIRUS.
SOCIAL ENGINEERING:
AN ATTACK THAT REALISE ON HUMAN INTERACTION
TO TRICK USER INTO BREAKING SECURITY PROCEDURES
IN ORDER TO GAIN SENSITIVE INFORMATION THAT IS
TYPICALLY PROTECTED.
11. BUSINESS PROTECTION:
USED AGAINST MALWARE,
RANSOMEWARE, SOCIAL ENGINEERING.
PROTECTION FOR DATA AND NETWORKS.
PREVENTION OF UNAUTHORISED USES.
PROTECTION FOR END-USERS.
IMPROVES RECOVERY TIME AFTER A
BREACH.
12. CYBER SECURITY VENDORS
IN THIS FIELD WE TYPICALLY USE END POINT NETWORK
AND ADVANCE THREAT PROTECTION SECURITY AS WELL AS
DATA LOSE PREVENTION.
THE THREE COMMONLY KNOWN CYBER SECURITY
VENDOR INCLUDE:
1.CISCO
2.MCAFEE
3.TREND MICRO