2. CYBER + SECURITY = CYBER
SECURITY
ïCyber means relating
to or characteristic of
the culture of
computers,
information
technology, and
virtual reality.
ïSecurity means the
state of being free
from danger of
threats.
3. CYBER SECURITY
CYBER SECURITY REFERS TO A BODY OF
TECHNOLOGIES, PROCESSES AND PRACTICES
DESIGNED TO PROTECT NETWORKS, DEVICES,
PROGRAMS AND DATA FROM ATTACK, DAMAGE
OR UNAUTHORISED ACCESS.
5. APPLICATION SECURITY:
APPLICATION SECURITY ENCOMPASSES MEASURES OR COUNTER-
MEASURES THAT ARE TAKEN DURING THE DEVELOPMENT LIFE-
CYCLE TO PROTECT APPLICATIONS FROM THREATS THAT CAN
COME THROUGH FLAWS IN THE APPLICATION DESIGN,
DEVELOPMENT, DEPLOYMENT, UPGRADE OR MAINTENANCE.
SOME BASICS TECHNIQUES ARE:
ïINPUT PARAMETER VALIDATION
ïUSER/ROLL AUTHORIZATION
ïAUDITING AND LOGGING
6.
7. INFORMATION SECURITY:
INFORMATION SECURITY PROTECTS INFORMATION FROM
ANOTHORIZED ACCESS TO AVOID IDENTITY THEFT AND TO
PROTECT PRIVACY.M MAJOR TECHNICQUES USED TO COVER
ARE:
ïIDENTIFICATION OF USER
ïAUTHORIZATION OF USER
ïAUTHENTICATION OF USER
ïCYPTOGRAPHY
8. DISASTER RECOVERY PLANNING:
ïDISASTER RECOVERY PLANNING IS A PROCESS THAT
INCLUDES PERFORMING RISK ASSESSMENT,
ESTABLISHING PRIORITIES, DEVELOPING RECOVERY
STRATEGIES IN CASE OF A DISASTER. ANY BUSINESS
SHOULD HAVE A CONCRETE PLAN FOR DISASTER
RECOVERY TO RESUME NORMAL BUSINESS
OPERATIONS AS QUICKLY AS POSSIBLE AFTER A
DISASTER.
9. NETWORK SECURITY:
NETWORK SECURITY INCLUDES ACTIVITES TO PROTECT THE USABILITY
RELIABILITY INTEGRITY AND SAFETY OF THE NETWORK. EFFECTIVE
NETWORK SECURITY TARGETS A VARIETY OF THREATS AND STOP THEM
FROM ENTERING OR SPREADING ON THE NETWORK. NETWORK
SECURITY COMPONENTS INCLUDE
ïANTIVIRUS AND ANTI SPYWARE
ïFIREWALL, TO BLOCK UNAUTHORISED ACCESS TO YOUR NETWORK
ïINSTRUCTION, PREVENTION SYSTEM TO IDENTIFY FAST SPREADING
THREATS
10. RANSOMEWARE:
TYPE OF MALWARE THAT INVOLVE AN ATTACKER
LOCKING THE VICTIMS COMPUTER SYSTEM FILES
TYPICALLY THROUGH ENCRYPTION.
MALWARE:
ANY FILE OR PROGRAM USED TO HARM A
COMPUTER USER SUCH AS WORMS COMPUTER VIRUS.
SOCIAL ENGINEERING:
AN ATTACK THAT REALISE ON HUMAN INTERACTION
TO TRICK USER INTO BREAKING SECURITY PROCEDURES
IN ORDER TO GAIN SENSITIVE INFORMATION THAT IS
TYPICALLY PROTECTED.
11. BUSINESS PROTECTION:
USED AGAINST MALWARE,
RANSOMEWARE, SOCIAL ENGINEERING.
PROTECTION FOR DATA AND NETWORKS.
PREVENTION OF UNAUTHORISED USES.
PROTECTION FOR END-USERS.
IMPROVES RECOVERY TIME AFTER A
BREACH.
12. CYBER SECURITY VENDORS
IN THIS FIELD WE TYPICALLY USE END POINT NETWORK
AND ADVANCE THREAT PROTECTION SECURITY AS WELL AS
DATA LOSE PREVENTION.
THE THREE COMMONLY KNOWN CYBER SECURITY
VENDOR INCLUDE:
1.CISCO
2.MCAFEE
3.TREND MICRO