Concept Of Cyber Security
Nazrul Islam Bhuiyan, PMP, CISA, OCE,CDCS, PRINCE2(P)
BSc & MSc Engg(CSE), M.Engg(ISS), MSc. Procurement & Supply Chain Mgt., PGDPMP
Project Management Specialist (PMS)
BISDP,IDRA, FID, Ministry of Finance
&
Joint Secretary (Academic)
Bangladesh Computer Society
Welcome to Bangladesh Computer Society

What is Cyber Security?
u Cyber security is the practice of defending computers, servers,
mobile devices, electronic systems, networks, and data from
malicious attacks.
u It's also known as information technology security or
electronic information security.
u The term applies in a variety of contexts, from business to
mobile computing, and can be divided into a few common
categories.

Key Concept Of Cyber Security?
The Cyber Security on a whole is a very broad term but is
based on three fundamental concepts known as “The CIA
Triad“.

Confidentiality:
It defines the rules that limits the access of information.
Confidentiality takes on the measures to restrict the
sensitive information from being accessed by cyber
attackers and hackers.
Integrity
This assures that the data is consistent, accurate and
trustworthy over its time period. It means that the
data within the transit should not be changed, altered,
deleted or illegally being accessed.

Availability
Availability in terms of all necessary components like
hardware, software, networks, devices and security
equipment should all be maintained and upgraded.
This will ensure the smooth functioning and access of Data
without any disruption. Also providing constant
communication between the components through providing
enough bandwidth.

Cyber security vs information security
u Cyber security focuses on protecting computer systems from
unauthorized access or being otherwise damaged or made
inaccessible.
u Information security is a broader category that looks to protect
all information assets, whether in hard copy or digital form.

Few Common Categories Of Cyber Security
u Network Security : prevents and protects against
unauthorized intrusion into corporate networks
u Application Security: makes apps more secure by finding
and fixing vulnerabilities in application code
u Information Security: protects the integrity and privacy
of data, both in storage and in transit.

Few Common Categories Of Cyber Security
u Operational Security: includes the processes and decisions for handling
and protecting data assets.
u Disaster Recovery And Business Continuity define how an organization
responds to a cyber-security incident or any other event that causes the
loss of operations or data. Disaster recovery policies dictate how the
organization restores its operations and information to return to the
same operating capacity as before the event.
u End-user Education : addresses the most unpredictable cyber-security
factor: people. Anyone can accidentally introduce a virus to an
otherwise secure system by failing to follow good security practices.

Types of cyber threats
u1. Cybercrime includes single actors or groups
targeting systems for financial gain or to cause
disruption.
u2. Cyber-attack often involves politically motivated
information gathering.
u3. Cyberterrorism is intended to undermine electronic
systems to cause panic or fear.

Most Common Types of Cyber Attacks

Cyber security checklist
u 1. Staff awareness training: Human error is the leading cause of data
breaches. Staff awareness training will show employees how security
threats affect them and help them apply best-practice advice to real-
world situations.
u 2. Application security: Web application vulnerabilities are a common
point of intrusion for cyber criminals. it is vital to focus on web
application security.

u 3. Network security: Network security is the process of protecting the
usability and integrity of your network and data.
u 4. Leadership commitment: Leadership commitment is key to cyber
resilience. Without it, it is tough to establish or enforce effective
processes. Top management must be prepared to invest in appropriate
cyber security resources, such as awareness training.
u 5. Password management: Almost half of the UK population uses
‘password’, ‘123456’ or ‘qwerty’ as their password. You should
implement a password management policy that provides guidance to
ensure staff create strong passwords and keep them secure.

Thank you