What is Cyber Security ?

Introduction

The protection of internet-connected systems such as computers, laptops, mobile phones, etc., is done by cybersecurity from the malicious attacks. Here are two parts of cybersecurity which are cyber and security.?

• Cyber:?The technology that includes networks, programs, systems, and data is cyber.?
• Security:?The concern of the protection of the above technologies is security.?

Cybersecurity is also called?electronic information security?or?information technology security.

Types of Cybersecurity

The assets of every firm are made up of a range of distinct systems. These systems have a strong cybersecurity posture, requiring coordinated efforts across all platforms. As a result, we may divide cybersecurity into the following sub-domains:

Network Security

It entails putting in place the technology and software necessary to protect a computer network against unauthorized access, intruders, assaults, interruption, and abuse. This security aids an organization in safeguarding its assets against both external and internal threats.

Application Security

It entails safeguarding software and equipment against malicious attacks. For ensuring whether the apps are secured from cyber attacks, we constantly update our app. Before deploying a program or device, successful security begins with the design stage, which includes authoring source code, validation, threat modeling, and so on.

Information or Data Security

To maintain the integrity and privacy of data, both in storage and in transit, implementing a robust data storage mechanism is involved.

Identity management

It is concerned with the technique for identifying each individual's level of access inside an organization.

Operational Security

This type of cybersecurity involves processing and decision-making on securing and handling data assets.

User Education

It is concerned with the protocols, monitoring, alarms, and strategies that an organization employs when hostile behavior causes operations or data loss. Its policies require it to resume lost activities at the same operational capacity as before the accident.

Mobile Security

Security of the personal and organizational data present in the mobile phone, tablets, computers, and other similar devices against various malicious threats is involved here. These threats can be unauthorized access, malware or device loss, theft, etc.

Cloud Security

Protection of the data present in the cloud environment for the organization is involved here. For this purpose, we use many cloud service providers like AZURE, Google, etc.

Disaster Recovery and Business Continuity Planning

It covers the protocols, monitoring, alarms, and plans that an organization uses to respond when hostile behavior disrupts operations or data. Its policies call for recovering lost operations at the same operating capacity as before any accident.

Importance of cybersecurity

In this digital era, we live where the network, computer and other electronic devices, and software programs have a role in every part of our lives. The banking system, healthcare, financial institutions, governments, and manufacturing industries are critical infrastructures dependent on networks, and use devices that are a core part of their operations are connected to the Internet. There are many information in these infrastructures, such as bank details, financial data, and personal data, which can be sensitive for exposure that could have negative consequences or unauthorized access. For monetary gains, political, or social motives, these unauthorized people can use this information.

Cyber-attacks, which compromise the system, are now a global problem, potentially jeopardizing the global economy. Therefore an excellent cybersecurity strategy is essential to protect sensitive data from high-profile security breaches. Furthermore, considering the growth of cyberattacks, companies and organizations, particularly those dealing with sensitive business and personal information connected to national security, health, or financial records, must employ robust cybersecurity procedures and processes to secure their sensitive business and personal information.

Goals of cybersecurity

Data protection is the main objective of cybersecurity. The security sector offers a triangle of three related concepts to safeguard data from cyber-attacks. The CIA trio is the name given to this approach. The CIA model is intended to serve as a framework for rules governing an organization's information security infrastructure. When security breaches are discovered, one or more of these principles has been violated.

The CIA model is divided into?Confidentiality, Integrity, and Availability.

• Confidentiality
• Confidentiality is synonymous with privacy, which prevents illegal access to information. It entails ensuring that the data is only available to those authorized to use it and restricting access to others. It keeps vital information from getting into the hands of the wrong individuals. Data encryption is a great way to ensure confidentiality.
• Integrity
• This concept assures that the data is legitimate, correct, and protected from unauthorized alteration by threat actors or unintentional user modification. If any changes are made, specific precautions should be taken to safeguard sensitive data from corruption or loss and to recover from such an incident as quickly as possible. Furthermore, it denotes that the source of information must be authentic.
• Availability
• This approach ensures that information is constantly available and helpful to authorized users. It guarantees that system errors or cyber-attacks do not hamper these accesses.

Types of cybersecurity threats

Cyber-security counters three types of threats:

1.?Cybercrime:?It encompasses both single actors and groups who attack systems for monetary gain or to create damage.

2.?Cyber-attacks:?Politically motivated information collection is frequently used in cyber-attacks.

3.?Cyberterrorism?aims to disrupt electronic systems to generate panic or fear.

?

So how can hostile actors obtain access to computer systems? Here are some common strategies for jeopardizing cyber-security:

Malware?

Malware refers to malicious software, the most popular type of cyber assault instrument. It is utilized by a cybercriminal or hacker to disrupt or harm the system of a legitimate user. Below given are the most common forms of malware developed by the hacker:

• A virus?is self-replicating software that attaches to a clean file and travels throughout a computer system, infecting files with harmful code.
• Trojans?are a form of malware that masquerades as genuine software. Cybercriminals mislead people into installing Trojans on their computers, which inflict damage or gather data.
• Spyware:?A program that covertly records what a user performs for hackers to leverage this information. Spyware may record credit card information.
• Ransomware:?Malware encrypts a user's files and data and threatens to delete it unless a ransom is paid.
• Adware?is advertising software that may be used to distribute viruses.
• Botnets:?Networks of malware-infected computers used by hackers to do internet operations without the user's permission.

SQL injection

SQL (Structured Language Query) injection is a cyber-attack used to gain access to and steal data from a database. Cybercriminals exploit weaknesses in data-driven applications to malicious implant malware into a database using a fraudulent SQL query. This allows them access to the database's sensitive information.

Phishing

Phishing occurs when fraudsters send emails that look to be from a reputable firm and request sensitive information from victims. Phishing attacks are frequently used to trick consumers into providing credit card details and other sensitive information.

The man-in-the-middle attack

A man-in-the-middle attack is a cyber threat in which a cybercriminal intercepts communication between two people to steal information. For example, on an insecure WiFi network, an attacker may intercept data passing between the victim's device and the web.

The denial-of-service attack

A denial-of-service attack occurs when fraudsters overload networks and servers with traffic to prevent a computer system from delivering legitimate requests. This results in rendering the system inoperable and prevents an organization from performing critical operations.