Cyber-Security 2.0

 





Do visit the {fundamental of cyber security Blog} and read it before continuing.


WHY IS CYBER SECURITY SO IMPORTANT?

 

Our reliance on the internet has grown tremendously. And that gives enough opportunities for fraudsters to target you with your money or other important information if you are not careful.

 What is cyber security and why is it important? According to the report, up to 2019, Cyber-crimes have been operating at $ 2 trillion. And if research is to be believed, this could go up to $ 6 trillion if the need for Cyber-security is not realized. Understanding is not enough. It is important to take appropriate action against cyber-crime.

 Why is Cyber-security important to companies? Larger organizations with more employees are at greater risk of attack. This is for two reasons. First, because data is so important and secondly even if one employee does not follow the security process the whole organization gets into trouble.

 If you think you are safe and why we need Cyber-security and that only large organizations get into the trap of hackers or steal some malware then you are completely wrong. The average consumer, connected to the internet if he is not careful enough, can be easily caught. Because it's just a matter of minutes of hacking an Internet-connected device and that's why it's important that Cyber-security. This device can be a laptop, desktop, smart TV, smartphone, or smartwatch. Every smart device needs a smart user when connected to the internet! I hope this has brought awareness to why we need to be confident of cyber security. So let’s discuss the threats that exist online and the importance of cyber security with the following points:

 

HOW CYBER SECURITY WORKS?

 Four stages of cyber security

Due to the rapidly growing threat of cyber-attack and intrusion, Domain has created a dedicated section of Cyber ​​Security in its IT Assessments portfolio. Cyber security is an integral part of Domain’s IT Assessments.  The assessment is the first of four stages in Domain’s cyber security process.  The four stages are assessment, prevention, monitoring, and response.  The stages can be conducted together.

 

1. Assessment

Cyber security services provided by IT consulting firms use network analysis tools, measure the current state of the security network and identify system vulnerabilities. These services also analyze your network within your firewall and outside your firewall. A detailed report of your company's current security level is compiled and reviewed with your management team.

 

2. Protection

Based on the information from the analysis above, Cyber security services will work with your team to "lock down" your network. This can be as simple as closing down unnecessary network ports to open up the outside world, performing complex tasks such as using new and highly advanced firewalls and possibly hiding your information.

 

3. Monitoring

Hackers are persistent and are constantly changing their tactics. Due to the strong tendency of cyber crime, cyber security must be a constant, ongoing battle.

Cyber security services use sophisticated software to monitor your network traffic and notify server when suspicious activity is detected. If a suspicious activity is found, a notice is issued and then these services take immediate steps to protect your business from any threats.

4. Response

The domain uses the tools that differentiate the changes in your network to determine which changes were intended and which, if any, were harmful. This software not only helps to monitor your network, but also helps to conduct forensic research to determine if certain information is altered, deleted or stolen.

According to system findings, you may need to notify government agencies of this violation and you may need to inform your customers, especially if personal information is involved. The domain may use proper tools to provide you with the necessary information.

Recovery is part of the Response section. At this stage, Domain will help your organization get back on track with recovery information where possible and provide advice where needed. The biggest concern with cyber security is not IF your system will be hacked- but WHEN. Organizations should have a cyber-response response process prior to this event, in order to protect the organization from adverse effects.

 The plan should include:

Determining where the intervention occurred (anything "hacked"). This requires the installation of software to track the change before any attack.

Determining which information has been stolen or tampered with.

Determining how to turn off system vulnerability ("hole").

Deciding how to clean up all hack remnants from the system.

Immediately notifying everyone whose information was stolen or suspected of being stolen.

Providing credit monitoring, management, and refunds to stolen accounts.

Initiate a public relations campaign to protect and restore the brand image.

Using and implementing cyber insurance.

 

As you can see, cyber security planning is no longer just about protecting the system from hacking, but it involves acknowledging in advance that the system can be detected and setting up a strong response system that will help the organization recover successfully from cyber-attacks in the short term.

The main purpose of cyber security is to protect any system from malware attack or hijacking.

 

Now, the question is - What is Malware?

 Malicious software, or malware, is a term used to describe software designed to disrupt computer operations, or gain access to computer systems, without the user's knowledge or permission. Malware has become an umbrella term used to describe all hostile or intrusive software. The term malware includes computer viruses, worms, Trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. Malware may be obvious and simple to identify or it can be very stealthy and almost impossible to detect.

·       Viruses

A virus is malicious executable code attached to another executable file, such as a legitimate program. Most viruses require end-user initiation, and can activate at a specific time or date. Computer viruses usually spread in one of three ways: from removable media; from downloads off the Internet; and from email attachments. Viruses can be harmless and simply display a picture or they can be destructive, such as those that modify or delete data. In order to avoid detection, a virus mutates. The simple act of opening a file can trigger a virus. A boot sector, or file system virus, infects USB flash drives and can spread to the system’s hard disk. Executing a specific program can activate a program virus. Once the program virus is active, it will usually infect other programs on the computer or other computers on the network. The Melissa Virus was an example of a virus spread via email. Melissa affected tens of thousands of users and caused an estimated $1.2 billion in damage.

·       Worms

Worms are malicious code that replicates by independently exploiting vulnerabilities in networks. Worms usually slow down networks. Whereas a virus requires a host program to run, worms can run by themselves. Other than the initial infection, worms no longer require user participation. After a worm affects a host, it is able to spread very quickly over the network. Worms share similar patterns. They all have an enabling vulnerability, a way to propagate themselves, and they all contain a payload.

Worms are responsible for some of the most devastating attacks on the Internet. For example, in 2001, the Code Red worm infected 658 servers. Within 19 hours, the worm infected over 300,000 servers.

  •    Trojan horse

A Trojan horse is malware that carries out malicious operations under the guise of a desired operation such as playing an online game. This malicious code exploits the privileges of the user that runs it. A Trojan horse differs from a virus because the Trojan binds itself to non-executable files, such as image files, audio files, or games.



 Risk management in cyber security:

Risks are part of everyday life and something we are all instinctively familiar with. A risk is the possibility of something happening with a negative consequence. Managing risk is at the heart of most businesses and the core of many industries.

All risks are not equally important. Certain risks may require urgent attention whereas others may be ignored.

Basic equation to calculate the value of a risk:

Risk value = Consequence x Likelihood


Consequence is the impact and associated damages.

Likelihood is how often the risk impact occurs.

 

Risk Response

 

Once an organization has assessed all of its risks, the emphasis is then placed upon risk management, or response. In general, there are four responses to a risk that an organization could choose. The following table describes them. 

Accept The organization accepts the risk in its current form. This is a decision that will be made by a senior individual within the organization, referred to as a “risk owner”.

Reduce The organization could decide a risk is too large to accept and aim to have it reduced in some fashion. This could either be through reducing the likelihood or consequence.

Transfer The organization may want a third party to accept the risk, or part of it, instead of accepting it themselves. This is done via insurance.

Reject The organization could decide a risk is too high and may withdraw from being affected by it. This will have significant business impacts such as shutting down sites or avoiding markets.

 Credits & References: Kushal Deulkar and Yash Bhoskar (Team Tech Tuesday)

Cisco cyber security

NOTE:

This blog is meant for Educational Purpose only .We do not own any Copyrights related to images and information , all the rights goes to their respective owners . The soul purpose of this blog is to Educate, Inspire, Empower and to create awareness in the viewers. The usage is non-commercial(Not For Profit) and we do not make any money from it.



                                                                                                                            

                                                                                                                                

Comments

Post a Comment

Popular posts from this blog

CRISPR-Cas9: The Marvel of Gene Editing Unveiled!

Image
     CRISPR-Cas9: The Marvel of Gene Editing Unveiled!   Introduction: Welcome to the incredible world of CRISPR-Cas9 – a cutting-edge technology that's like having a superhero duo for genetic makeovers! CRISPR, or Clustered Regularly Interspaced Short Palindromic Repeats, and its trusty sidekick, Cas9, are rewriting the rules of genetic engineering. Let's embark on this adventure and uncover the magic behind these scientific marvels.   Understanding the Basics: Picture CRISPR as your gene-editing GPS. It contains short, repetitive sequences that act like genetic bookmarks. Now, imagine Cas9 as your molecular scissors, ready to cut and paste DNA with surgical precision. Together, they're a dynamic duo ready to reshape the blueprint of life.   How it Works: Here's the wizardry in action: Scientists design a guide RNA, like a treasure map, leading Cas9 to the specific gene they want to edit. Cas9 follows the map, finds the target gene, and snips the DNA at th...
Read more

Know more on QR codes

Image
  QR Codes QR code is one of the most trending technology being used to help users access certain information just with a scan using their smartphones. QR stands for Quick Response as the codes provide information to the user instantly.   History of QR codes: The  QR  code system was invented in 1994 by Masahiro Hara from the Japanese company Denso Wave. The initial design was influenced by the black and white pieces on a Go board. Its purpose was to track vehicles during manufacturing; it was designed to allow high-speed component scanning. Back then, Japan was going through a huge economic growth, and supermarkets selling a wide range of commodities from foodstuff to clothing began to spring up in many neighbourhoods. Cash registers that were then used at checkout counters in these stores required the price to be keyed in manually. Because of this, many cashiers suffered from numbness in the wrist and carpal tunnel syndrome. The invention of the ‘ Ba...
Read more

3D Printing - A Leading Edge Technology

Image
  3D printing  is a manufacturing process to fabricate physical object of materials like polymers, metals, composites, bio-materials, edibles, etc. from the object’s  Computer-Aided-Design [CAD] Model  i.e., its digital model. There are two types of processes 1) Additive manufacturing processes 2) Subtractive manufacturing processes In additive manufacturing process, the material is added to form a product while in subtractive manufacturing process, the material is removed in order to create an object. 3D printing  comes in the category of  additive manufacturing processes  as it creates an object by layering method. It is possible to manufacture products with wide range of size, shape, colour, rigidity, and with variety of materials which are either in powdered or melted form. 3D printing technology:                                            ...
Read more