What is Cyber Security?

Cyber Security is the body of technologies, processes, and practices designed

to protect networks, devices, programs, and data from attack, theft, damage,
modification or unauthorized access. It’s also known as Information
Security (INFOSEC), Information Assurance (IA), or System Security.

The technique of protecting internet-connected systems such as

computers, servers, mobile devices, electronic systems, networks, and data
from malicious attacks is known as cyber security. We can divide cyber
security into two parts one is cyber, and the other is security. Cyber refers
to the technology that includes systems, networks, programs, and data. And
security is concerned with the protection of systems, networks, applications,
and information. In some cases, it is also called electronic information

security or information technology security.

Some other definitions of cyber security are:

"Cyber Security is the set of principles and practices designed to protect our
computing resources and online information against threats."

Types of Cyber Security

Every organization's assets are the combinations of a variety of different
systems. These systems have a strong cyber security posture that requires
coordinated efforts across all of its systems. Therefore, we can categorize
cyber security in the following sub-domains:

Network Security:

It involves implementing the hardware and software to secure a computer

network from unauthorized access, intruders, attacks, and misuse. This

security helps an organization to protect its assets against external and
internal threats.

Sometimes we used to utilize free Wi-Fi in public areas such as cafes, Malls,
etc. With this activity, 3rd Party starts tracking your Phone over the internet.
If you are using any payment gateway, then your bank account can be
Empty. So, avoid using Free Network because free network doesn’t support
Securities.
Application Security:

It involves protecting the software and devices from unwanted threats. This
protection can be done by constantly updating the apps to ensure they are
secure from attacks. Successful security begins in the design stage, writing
source code, validation, threat modeling, etc., before a program or device is
deployed.

 Most of the Apps that we use on our Cell-phone are Secured and work
under the rules and regulations of the Google Play Store.
 Many of the apps pretend to be safe, but after taking all information
from us, the app share the user information with the 3rd-party.
 The app must be installed from a trust-worthy platform, not from
some 3rd party website in the form of APK (Android Application
Package).

Information or Data Security:

It involves implementing a strong data storage mechanism to maintain the

integrity and privacy of data, both in storage and in transit. Encryption is the
process of converting information into an unreadable format (cipher text)
to protect it from unauthorized access.
Endpoint Security:

Refers to securing individual devices such as computers, laptops, smart

phones, and IoT devices. It includes antivirus software, device encryption,
regular software updates and intrusion prevention systems (IPS),

 Antivirus and Anti-malware software that scans and detects malicious

software, such as Viruses, Worms, Trojans, and Ransom ware. These
tools identify and eliminate or quarantine malicious files, protecting the
endpoint and the network from potential harm.
 Firewalls are essential components of endpoint security. They monitor
and control incoming and outgoing network traffic, filtering out
potentially malicious data packets.
 Keeping software and operating systems up to date with the latest
security patches and updates is crucial for endpoint security.

Mobile Security:

It involves securing the organizational and personal data stored on mobile

devices such as cell phones, computers, tablets, and other similar devices
against various malicious threats. These threats are unauthorized access,
device loss or theft, malware, etc.
 Mobile is the very common device for day to day work. Everything we
access and do are from mobile phone. Ex- Online class, Personal Calls,
Online Banking, UPI Payments, etc.
 Regularly backing up mobile device data is important to prevent data
loss in case of theft, damage, or device failure.
 Mobile devices often connect to various networks, including public Wi-
Fi, which can pose security risks. It is important to use secure networks
whenever possible, such as encrypted Wi-Fi networks or cellular data
connections.

Internet of Things (IoT) Security-

 Devices frequently run on old software, leaving them vulnerable to

recently identified security vulnerabilities. This is generally the result of
connectivity problems or the requirement for end users to manually
download updates from a C&C center.
 Manufacturers frequently ship Internet of Things (IoT) devices (such as
home routers) with easily crack able passwords, which may have been
left in place by suppliers and end users. These devices are easy targets
for attackers using automated scripts for mass exploitation when they
are left exposed to remote access.
 Cyber Security Goals
The objective of Cyber security is to protect information from being stolen,
compromised or attacked. Cyber security can be measured by at least one
of three goals-

1. Protect the confidentiality of data.

2. Preserve the integrity of data.

3. Promote the availability of data for authorized users.

These goals form the confidentiality, integrity, availability (CIA) triad, the
basis of all security programs. The CIA triad is a security model that is
designed to guide policies for information security within the premises of
an organization or company. This model is also referred to as the AIC
(Availability, Integrity, and Confidentiality) triad to avoid the confusion
with the Central Intelligence Agency. The elements of the triad are
considered the three most crucial components of security.
Confidentiality is defined as the process of protecting sensitive information
from unauthorized access by converting it into an unreadable form. This
process ensures that only authorized persons can decrypt and read the
information. Confidentiality plays a significant role in securing
communication networks and systems, protecting sensitive data such as
passwords, social security numbers, financial records, and trade secrets
from unauthorized access and disclosure.

For example if we say I have a password for my Gmail account but someone
saw while I was doing a login into Gmail account. In that case my password
has been compromised and Confidentiality has been breached.

Various techniques are used to achieve confidentiality in communication

networks and systems. Encryption is one technique used to protect data by
converting it into an unreadable form that can only be decrypted by
authorized individuals who possess a secret key or password. Another
technique is steganography which hides secret messages inside non-secret
messages such as images. Some measures to keep information confidential
are Encryption, Password, Two-factor authentication, Biometric, and
Security tokens.

Tools for Confidentiality

Encryption

Encryption is a method of transforming information to make it unreadable

for unauthorized users by using an algorithm. The transformation of data
uses a secret key (an encryption key) so that the transformed data can only
be read by using another secret key (decryption key). It protects sensitive
data such as credit card numbers by encoding and transforming data into
unreadable cipher text. This encrypted data can only be read by decrypting
it. Asymmetric-key and symmetric-key are the two primary types of
encryption.

Authentication

An authentication is a process that ensures and confirms a user's identity or

role that someone has. It can be done in a number of different ways, but it
is usually based on a combination of-

o something the person has (like a smart card),

o something the person knows (like a password),

o Something the person is (like a human with a fingerprint).

Authentication is the necessity of every organization because it enables

organizations to keep their networks secure by permitting only
authenticated users to access its protected resources. These resources may
include computer systems, networks, databases, websites and other
network-based applications or services.

Access control

Once a user has been authenticated, the next step is to ensure that they can
access the appropriate information resources. This is done through the use
of access control. Access control determines which users are authorized to
read, modify, add, and/or delete information. Several different access
control models exist. Here we will discuss two: the access control list (ACL)
and role-based access control (RBAC). For each information resource that
an organization wishes to manage, a list of users who have the ability to
take specific actions can be created. This is an access control list or ACL. For
each user, specific capabilities are assigned, such as reading, writing,
deleting, or adding. Only users with those capabilities are allowed to
perform those functions. If a user is not on the list, they have no ability even
to know that the information resource exists.

Access control defines rules and policies for limiting access to a system or
to physical or virtual resources. It is a process by which users are granted
access and certain privileges to systems, resources or information. In access
control systems, users need to present credentials before they can be
granted access such as a person's name or a computer's serial number. In
physical systems, these credentials may come in many forms, but
credentials that can't be transferred provide the most security.

Authorization

Authorization is a security mechanism which gives permission to do or have

something. It is used to determine a person or system is allowed access to
resources, based on an access control policy, including computer programs,
files, services, data and application features. It is normally preceded by
authentication for user identity verification. System administrators are
typically assigned permission levels covering all system and user resources.
During authorization, a system verifies an authenticated user's access rules
and either grants or refuses resource access.

Physical Security

Physical security describes measures designed to deny the unauthorized

access of IT assets like facilities, equipment, personnel, resources and other
properties from damage. It protects these assets from physical threats
including theft, vandalism, fire and natural disasters.

Integrity refers to maintaining the accuracy, and completeness of data. In

other words, it is about protecting data from being modified by
unauthorized parties, accidentally by authorized parties, or by non-human-
caused events such as electromagnetic pulse or server crash. For example, a
hacker may intercept data and modify it before sending it on to the
intended recipient. Cryptography uses various techniques to ensure the
integrity of information. One such technique is digital signatures which
provide proof of authenticity and non-repudiation for electronic
documents. Another technique involves using message authentication
codes (MACs) which provide a way to verify both message authenticity and
integrity.

Tools for Integrity

Backups

Backup is the periodic archiving of data. It is a process of making copies of

data or data files to use in the event when the original data or data files are
lost or destroyed. It is also used to make copies for historical purposes,
such as for longitudinal studies, statistics or for historical records or to meet
the requirements of a data retention policy. Many applications especially in
a Windows environment produce backup files using the .BAK file extension.

Checksums

A checksum is a numerical value used to verify the integrity of a file or a

data transfer. In other words, it is the computation of a function that maps
the contents of a file to a numerical value. They are typically used to
compare two sets of data to make sure that they are the same. A checksum
function depends on the entire contents of a file. It is designed in a way
that even a small change to the input file (such as flipping a single bit) likely
to results in different output value.

Data Correcting Codes

It is a method for storing data in such a way that small changes can be
easily detected and automatically corrected.