Cybersecurity is security as it is applied to information technology. This includes all technology that stores, manipulates, or moves data, such as computers, data networks, and all devices connected to or included in networks, such as routers and switches. All information technology devices and facilities need to be secured against intrusion, unauthorized use, and vandalism. Additionally, the users of information technology should be protected from theft of assets, extortion, identity theft, loss of privacy and confidentiality of personal information, malicious mischief, damage to equipment, business process compromise, and the general activity of cybercriminals. The general public should be protected against acts of cyberterrorism, such as the compromise or loss of the electric power grid.
Cybersecurity is a major endeavor of the IT industry. There are a number of professional certifications given for cybersecurity training and expertise. Although billions of dollars are spent annually on cybersecurity, no computer or network is immune from attacks or can be considered completely secure.
In this we will learn about :-
In this module, we will learn about the Cyber Security Concepts.
Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. ...
Application security focuses on keeping software and devices free of threats.
A compromised application could provide access to the data its designed to protect.
Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa.
It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it.
Cryptanalysis is the study of methods for obtaining the meaning of encrypted information, without access to the secret information that is typically required to do so.
Typically, this involves knowing how the system works and finding a secret key.
Cryptanalysis is also referred to as codebreaking or cracking the code.
Network infrastructure refers to resources that enable network connectivity, communication, operation, and management. Typically, it includes networking hardware, software, and services. If your network is not secure, it presents a significant vulnerability to various attacks such as denial-of-service, malware, spam, and unauthorized access.
Network security basics
Internet of Things (IoT) devices are rapidly becoming ubiquitous while IoT services are becoming pervasive.
Their success has not gone unnoticed and the number of threats and attacks against IoT devices and services are on the increase as well.
Cyber-attacks are not new to IoT, but as IoT will be deeply interwoven in our lives and societies, it is becoming necessary to step up and take cyber defense seriously.
Hence, there is a real need to secure IoT, which has consequently resulted in a need to comprehensively understand the threats and attacks on IoT infrastructure.
This paper is an attempt to classify threat types, besides analyze and characterize intruders and attacks facing IoT devices and service.
Malware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server, client, or computer network (by contrast, software that causes unintentional harm due to some deficiency is typically described as a software bug).A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, wiper and scareware.
Programs are also considered malware if they secretly act against the interests of the computer user. For example, at one point Sony music Compact discs silently installed a rootkit on purchasers' computers with the intention of preventing illicit copying, but which also reported on users' listening habits, and unintentionally created extra security vulnerabilities.
Integrating cloud into your existing enterprise security program is not just adding a few more controls or point solutions. It requires an assessment of your resources and business needs to develop a fresh approach to your culture and cloud security strategy.
To manage a cohesive hybrid, multicloud security program, you need to establish visibility and control. IBM Security products and experts can help you integrate appropriate controls, orchestrate workload deployment and establish effective threat management.
Cybercrimes cover a broad spectrum, from email scams to downloading copyrighted works for distribution, and are fueled by a desire to profit from another person's intellectual property or private information. Cyberforensics can readily display a digital audit trail for analysis by experts or law enforcement. Developers often build program applications to combat and capture online criminals; these applications are the crux of cyberforensics.
Cyberforensic techniques include:
Each of the above techniques is applied to cyberforensic investigations.