Chapter 6 Security of Information and Cyber Security(FASS) Course: First Aid, Safety and Security

1. SECURITY OF INFORMATION AND CYBER SECURITY

2. SPEAKER PROFILE:
MD. SHAIFULLAR RABBI
TOURISM EDUCATOR & CONSULTANT
Professional Experiences
Coordinator & Lecturer- Dept. of Tourism & Hospitality
Management, Daffodil Institute of IT(Affiliated National University)
Assessor -Bangladesh Technical Education Board (Ticketing
and Reservation)
Guest Trainer - Sheikh Hasina National Institute of Youth
Development
GuestTrainer - ATABTourismTraining Institute
GuestTrainer- HB AviationTraining Center
Guest Trainer - Bangladesh Hotel Management Tourism
Training Institute
Former Manager sales - Mamun Air Service (IATA Travel
Agency)
Founder –Travel Memoria
Educational Qualifications
MBA & BBA-Major in Tourism & Hospitality
Management, University of Dhaka.
Certified NTVQF Level -4/Assessor Part (Ticketing
And Reservation)
Completed Diploma Course in Travel Agency &
Tour Operation Management
Certified NTVQF Level 2 Course entitled Ticketing
& Reservation
Certified NTVQF Level 1 Course entitled Tour
Guiding

3. INFORMATION SECURITY DEFINITION
Information security, sometimes shortened to infosec, is the practice of
protecting information by mitigating information risks. It is part of information risk
management. It typically involves preventing or at least reducing the probability of
unauthorized/inappropriate access to data, or the unlawful use, disclosure, disruption,
deletion, corruption, modification, inspection, recording or devaluation of information.
 This is largely achieved through a structured risk management process that involves:
 Identifying information and related assets, plus potential threats, vulnerabilities and
impacts;
 Evaluating the risks;
 Deciding how to address or treat the risks i.e. to avoid, mitigate, share or accept them;
 Where risk mitigation is required, selecting or designing appropriate security controls
and implementing them;
 Monitoring the activities, making adjustments as necessary to address any issues,
changes and improvement opportunities.

5. TYPES OF INFORMATION SECURITY
 Application security: Application security is a broad topic that covers
software vulnerabilities in web and mobile applications and application
programming interfaces (APIs). These vulnerabilities may be found in
authentication or authorization of users, integrity of code and
configurations, and mature policies and procedures. Application
vulnerabilities can create entry points for significant Information security
breaches. Application security is an important part of perimeter defense
for Information security.
Cloud security: Cloud security focuses on building and hosting secure
applications in cloud environments and securely consuming third-party
cloud applications. “Cloud” simply means that the application is running
in a shared environment. Businesses must make sure that there is
adequate isolation between different processes in shared environments.

6. Cryptography: Encrypting data in transit and data at rest
helps ensure data confidentiality and integrity. Digital
signatures are commonly used in cryptography to
validate the authenticity of data. Cryptography and
encryption has become increasingly important. A good
example of cryptography use is the Advanced Encryption
Standard (AES). The AES is a symmetric key algorithm
used to protect classified government information.
Infrastructure security: Infrastructure security deals with
the protection of internal and extranet networks, labs,
data centers, servers, desktops, and mobile devices.

7. INFORMATION SECURITY PRINCIPLES
The basic components of information security are most often summed
up by the so-called CIA triad: confidentiality, integrity, and availability.
Confidentiality is perhaps the element of the triad that most
immediately comes to mind when you think of information security.
Integrity means maintaining data in its correct state and preventing
it from being improperly modified, either by accident or maliciously.
Many of the techniques that ensure confidentiality will also protect
data integrity.
Availability is the mirror image of confidentiality: while you need to
make sure that your data can't be accessed by unauthorized users,
you also need to ensure that it can be accessed by those who have
the proper permissions.

8. INFORMATION SECURITY POLICY
The means by which these principles are applied to
an organization take the form of a security
policy. This isn't a piece of security hardware or
software; rather, it's a document that an enterprise
draws up, based on its own specific needs and quirks,
to establish what data needs to be protected and in
what ways. These policies guide the organization's
decisions around procuring cyber security tools, and
also mandate employee behavior and responsibilities.

9. AMONG OTHERTHINGS,YOUR COMPANY'S
INFORMATION SECURITY POLICY SHOULD INCLUDE:
A statement describing the purpose of the information security program
and your overall objectives:
Definitions of key terms used in the document to ensure shared
understanding
An access control policy, determining who has access to what data and
how they can establish their rights
A password policy
A data support and operations plan to ensure that data is always
available to those who need it
Employee roles and responsibilities when it comes to safeguarding data,
including who is ultimately responsible for information security

10. INFORMATION SECURITY MEASURES
As should be clear by now, just about all the technical measures associated
with cyber security touch on information security to a certain degree, but
there it is worthwhile to think about Information security measures in a big-
picture way:
Technical measures include the hardware and software that protects data
— everything from encryption to firewalls
Organizational measures include the creation of an internal unit dedicated
to information security, along with making Information security part of the
duties of some staff in every department
Human measures include providing awareness training for users on proper
Information security practices
Physical measures include controlling access to the office locations and,
especially, data centers

11. DEFINITION OF CYBER SECURITY
Cyber security refers to the body of technologies, processes, and practices
designed to protect networks, devices, programs, and data from attack,
damage, or unauthorized access. Cyber security may also be referred to as
information technology security.
Cyber security is the practice of protecting systems, networks, and
programs from digital attacks. These cyber-attacks are usually aimed at
accessing, changing, or destroying sensitive information; extorting money
from users; or interrupting normal business processes.
Implementing effective cyber security measures is particularly challenging
today because there are more devices than people, and attackers are
becoming more innovative.

13. THE IMPORTANCE OF CYBER SECURITY
 Cyber security is important because government, military, corporate, financial,
and medical organizations collect, process, and store unprecedented amounts of
data on computers and other devices. A significant portion of that data can be
sensitive information, whether that be intellectual property, financial data,
personal information, or other types of data for which unauthorized access or
exposure could have negative consequences.
 Organizations transmit sensitive data across networks and to other devices in
the course of doing businesses, and cyber security describe the discipline
dedicated to protecting that information and the systems used to process or
store it. As the volume and sophistication of cyber-attacks grow, companies and
organizations, especially those that are tasked with safeguarding information
relating to national security, health, or financial records, need to take steps to
protect their sensitive business and personnel information.

14. CHALLENGES/ ELEMENTS OF CYBER SECURITY
For an effective cyber security, an organization needs to coordinate its
efforts throughout its entire information system.
Elements of cyber encompass all of the following:
Network security: The process of protecting the network from unwanted
users, attacks and intrusions.
Application security: Apps require constant updates and testing to ensure
these programs are secure from attacks.
Endpoint security: Remote access is a necessary part of business, but can
also be a weak point for data. Endpoint security is the process of
protecting remote access to a company’s network.
Data security: Inside of networks and applications is data. Protecting
company and customer information is a separate layer of security.

15.  Identity management: Essentially, this is a process of understanding the access every
individual has in an organization.
 Database and infrastructure security: Everything in a network involves databases and
physical equipment. Protecting these devices is equally important.
 Cloud security: Many files are in digital environments or “the cloud”. Protecting data in
a 100% online environment presents a large amount of challenges.
 Mobile security: Cell phones and tablets involve virtually every type of security
challenge in and of themselves.
 Disaster recovery/business continuity planning: In the event of a breach, natural disaster
or other event data must be protected and business must go on. For this, you’ll need a
plan.
 End-user education: Users may be employees accessing the network or customers
logging on to a company app. educating good habits (password changes, 2-factor
authentication, etc.) is an important part of cyber security.

16. THE SCALE OFTHE CYBERTHREAT
 The global cyber threat continues to evolve at a rapid pace, with a rising
number of data breaches each year. A report by Risk Based Security revealed
that a shocking 7.9 billion records have been exposed by data breaches in the
first nine months of 2019 alone. This figure is more than double (112%) the
number of records exposed in the same period in 2018.
 Medical services, retailers and public entities experienced the most breaches,
with malicious criminals responsible for most incidents. Some of these sectors
are more appealing to cybercriminals because they collect financial and medical
data, but all businesses that use networks can be targeted for customer data,
corporate espionage, or customer attacks.
 With the scale of the cyber threat set to continue to rise, the International Data
Corporation predicts that worldwide spending on cyber-security solutions will
reach a massive $133.7 billion by 2022. Governments across the globe have
responded to the rising cyber threat with guidance to help organizations
implement effective cyber-security practices.

17. TYPES OF CYBER THREATS
The threats countered by cyber-security are three-fold:
1. Cybercrime includes single actors or groups targeting
systems for financial gain or to cause disruption.
2. Cyber-attack often involves politically motivated
information gathering.
3. Cyber terrorism is intended to undermine electronic
systems to cause panic or fear.

18. HOW DO MALICIOUS ACTORS GAIN CONTROL OF COMPUTER SYSTEMS?
HERE ARE SOME COMMON METHODS USED TO THREATEN CYBER-
SECURITY:
Malware: Malware means malicious software. One of the most common cyber threats, malware is software
that a cybercriminal or hacker has created to disrupt or damage a legitimate user’s computer. Often spread
via an unsolicited email attachment or legitimate-looking download, malware may be used by
cybercriminals to make money or in politically motivated cyber-attacks.
There are a number of different types of malware, including:
 Virus: A self-replicating program that attaches itself to clean file and spreads throughout a computer
system, infecting files with malicious code.
 Trojans: A type of malware that is disguised as legitimate software. Cybercriminals trick users into
uploadingTrojans onto their computer where they cause damage or collect data.
 Spyware: A program that secretly records what a user does, so that cybercriminals can make use of this
information. For example, spyware could capture credit card details.
 Ransomware: Malware which locks down a user’s files and data, with the threat of erasing it unless a
ransom is paid.
 Adware:Advertising software which can be used to spread malware.
 Botnets: Networks of malware infected computers which cybercriminals use to perform tasks online
without the user’s permission.

19.  SQL injection: An SQL (structured language query) injection is a type of cyber-attack used to
take control of and steal data from a database. Cybercriminals exploit vulnerabilities in data-
driven applications to insert malicious code into a data based via a malicious SQL statement.
This gives them access to the sensitive information contained in the database.
 Phishing: Phishing is when cybercriminals target victims with emails that appear to be from a
legitimate company asking for sensitive information. Phishing attacks are often used to dupe
people into handing over credit card data and other personal information.
 Man-in-the-middle attack: A man-in-the-middle attack is a type of cyber threat where a
cybercriminal intercepts communication between two individuals in order to steal data. For
example, on an unsecure WiFi network, an attacker could intercept data being passed from the
victim’s device and the network.
 Denial-of-service attack: A denial-of-service attack is where cybercriminals prevent a computer
system from fulfilling legitimate requests by overwhelming the networks and servers with traffic.
This renders the system unusable, preventing an organization from carrying out vital functions.
 Latest cyber threats: What are the latest cyber threats that individuals and organizations need
to guard against? Here are some of the most recent cyber threats that the U.K., U.S., and
Australian governments have reported on.
 Dridex malware: In December 2019, the U.S. Department of Justice (DoJ) charged the leader of
an organized cyber-criminal group for their part in a global Dridex malware attack. This
malicious campaign affected the public, government, infrastructure and business worldwide.

20. Romance scams: In February 2020, the FBI warned U.S. citizens to be
aware of confidence fraud that cybercriminals commit using dating sites,
chat rooms and apps. Perpetrators take advantage of people seeking new
partners, duping victims into giving away personal data. The FBI
reports that romance cyber threats affected 114 victims in New Mexico
in 2019, with financial losses amounting to $1.6 million.
Emotet malware: In late 2019, The Australian Cyber Security
Centre warned national organizations about a widespread global cyber
threat from Emotet malware. Emotet is a sophisticated trojan that can
steal data and also load other malware. Emotet thrives on
unsophisticated password: a reminder of the importance of creating a
secure password to guard against cyber threats.
End-user protection: End-user protection or endpoint security is a crucial
aspect of cyber security. After all, it is often an individual (the end-user)
who accidentally uploads malware or another form of cyber threat to
their desktop, laptop or mobile device.

21. CYBER SAFETYTIPS - PROTECT YOURSELF AGAINST CYBER ATTACKS
How can businesses and individuals guard against cyber threats? Here are our top
cyber safety tips:
 Update your software and operating system: This means you benefit from the
latest security patches.
 Use anti-virus software: Security solutions like Kaspersky Total Security will
detect and removes threats. Keep your software updated for the best level of
protection.
 Use strong passwords: Ensure your passwords are not easily guessable.
 Do not open email attachments from unknown senders: These could be infected
with malware.
 Do not click on links in emails from unknown senders or unfamiliar websites: This
is a common way that malware is spread.
 Avoid using unsecure WiFi networks in public places: Unsecure networks leave
you vulnerable to man-in-the-middle attacks.

22. INFORMATION SECURITY VS. CYBER SECURITY
Because information technology has become the accepted corporate
buzz phrase that means, basically, "computers and related stuff," you
will sometimes see information security and cyber security used
interchangeably. Strictly speaking, cyber security is the broader
practice of defending IT assets from attack, and information security
is a specific discipline under the cyber security umbrella. Network
security and application security are sister practices to information
security, focusing on networks and app code, respectively.
Obviously, there's some overlap here. You can't secure data
transmitted across an insecure network or manipulated by a leaky
application. As well, there is plenty of information that isn't stored
electronically that also needs to be protected. Thus, the infosec pro's
remit is necessarily broad.

23. CYBER SECURITY INFORMATION SECURITY
It is the practice of protecting the data from outside the
resource on the internet.
It is all about protecting information from unauthorized
user, access and data modification or removal in order to
provide confidentiality, integrity, and availability.
It is about the ability to protect the use of cyberspace
from cyber attacks. It deals with protection of data from any form of threat.
Cyber security to protect anything in the cyber realm.
Information security is for information irrespective of the
realm.
Cyber security deals with danger against cyberspace.
Information security deals with the protection of data
from any form of threat.
Cyber security strikes against Cyber crimes, cyber frauds
and law enforcement.
Information security strives against unauthorized access,
disclosure modification and disruption.
On the other hand cyber security professionals with cyber
Information security professionals are the foundation of
data security and security professionals associated with it