Uploaded bytumainjoseph
PPTX, PDF188 views

ASSIGNMENT CYBER SECURITY ppt.pptx

Cyber security is important to protect networks, computers, programs and data from unauthorized access. The document discusses the costs of cyber security to businesses and the global economy. Larger businesses and those with more sensitive data require more spending on security products, services, audits and personnel. Cyber attacks globally cost over $3.5 billion annually in the US alone. The Cyber Security Index ranks African countries' cyber security commitments and readiness. Tanzania has improved to the 5th position in the "maturing stage" category due to strengthened legal frameworks.

Embed presentation

Download to read offline
QN. 01 Review cyber-security and its cost to the world economy.
PART 1. INTRODUCTION  Cyber security Is the body of technologies, processes, and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.
SECURITY FUNDAMENTALS. Confidentiality  Is about preventing the disclosure of data to unauthorized parties. Its Standard measures to establish confidentiality include:  Data encryption  Two-factor authentication  Biometric verification  Security tokens
Integrity:  Refers to protecting information from being modified by unauthorized parties. Standard measures to guarantee integrity include: Cryptographic checksums, Using file permissions Uninterrupted power supplies, Data backups
Availability  Is making sure that authorized parties are able to access the information when needed.  Standard measures to guarantee availability include:  Backing up data to external drives  Implementing firewalls  Having backup power supplies  Data redundancy
Why is cyber security important?  This is due to Cyber-attacks which can be extremely expensive for businesses to endure.  Cyber-attacks can be classified into the following categories:  Web-based attacks  System-based attacks
 Web-based attacks 1. Injection attacks  It is the attack in which some data will be injected into a web application to manipulate the application and fetch the required information.  Example- SQL Injection, code Injection, log Injection, XML Injection etc
Web-based attacks cont…. 2. Phishing  Phishing is a type of attack which attempts to steal sensitive information like user login credentials and credit card number. It occurs when an attacker is masquerading as a trustworthy entity in electronic communication
Web-based attacks cont.…. 3. Denial of Service.  It is an attack which meant to make a server or network resource unavailable to the users. It accomplishes this by flooding the target with traffic or sending information that triggers a crash.  It uses the single system and single internet connection to attack a server
Web-based attacks cont…. 4. Man in the middle attacks.  It is a type of attack that allows an attacker to intercepts the connection between client and server and acts as a bridge between them. Due to this, an attacker will be able to read, insert and modify the data in the intercepted connection.
System-based attacks 1. Virus  It is a type of malicious software program that spread throughout the computer files without the knowledge of a user.
System-based attacks cont… 2. Worm.  It is a type of malware whose primary function is to replicate itself to spread to uninfected computers.  It works same as the computer virus. Worms often originate from email attachments that appear to be from trusted senders.
System-based attacks cont… 3. Trojan horse.  It is a malicious program that occurs unexpected changes to computer setting and unusual activity, even when the computer should be idle.  It misleads the user of its true intent.  It appears to be a normal application but when opened/executed some malicious code will run in the background.
System-based attacks cont… 4. Backdoors.  It is a method that bypasses the normal authentication process.  A developer may create a backdoor so that an application or operating system can be accessed for troubleshooting or other purposes.
System-based attacks cont… 5. Bots  A bot (short for "robot") is an automated process that interacts with other network services.  Some bots program run automatically, while others only execute commands when they receive specific input.  Common examples of bots program are the crawler, chatroom bots, and malicious bots.
PART 2. The above mentioned cyber- security attacks cost the world economy as follows. 1.Size of company  The more employees you have the more opportunities for a cyber-attack to occur (more computers, workstations, and devices are vulnerable to attacks).  Larger organizations tend to require more in their cyber security spending than smaller businesses.  Example, Large enterprises like Microsoft spend $1 billion to drive cybersecurity initiatives  The financial industry spends 10% of its information Technology (IT) budget average on cybersecurity.  Cyber-crime cost businesses in the United States more than $3.5 billion in internet-related cyber crimes and damages according to a 2019 FBI report.
Cyber security cost factors Cont.… 2. Type of data Businesses that collect more sensitive data will need additional security layers to ensure they are compliant with industry-standard legal compliance.  More money will be required to protect data that comes under compliance  For example, you need a bigger budget if your data falls under Health Insurance Portability and Accountability act (HIPAA) or Businesses in commerce, Payment Card Industry (PCI) to ensure privacy and prevent breaches  General business may need to allocate 0.2% to 0.9% of its annual revenues to drive cybersecurity initiatives.
Cyber security cost factors Cont.… 3. Products and Services  The more protection you have in the form of products and services, the higher the cost. Example Firewalls range in prices between $400 and $6,000.  Businesses that choose both cyber security products and services should expect to pay more than if they just select products. For example, a bank may need 24/7 monitoring to identify and track threats.  Example , The volume of cyber security services you use, like antivirus, will determine your cost. According to Kaspersky, such a setup can cost a business $54,300 on average per year. In addition, companies also need to pay one-time costs of around $3,000.  Using cloud-based security solutions can incur $33,500 annually on cybersecurity
Cyber security cost factors Cont.… 4. Self-Install vs. Professional Install  Cyber security companies can sell security products to set up yourselves, or to contact a security vendor to help install the product (usually for additional setup fees).  A dedicated chief information security officer (CISO) can increase prices/cost  An average firewall configuration costs between $450 and $2,500.  Expected cost for a vulnerability assessment: $1,500 – $6,000 for a network with 1-3 servers and $5,000 – $10,000 for a network with 5-8 servers.
Cyber security cost factors Cont.… 5. Professional Audits  Organizations can periodically conduct third-party audits to ensure they are updated with the latest security and compliance standards.  this involve hire personnel or rely on cybersecurity provider for added costs.  Audit reveal that, the latest forecast is for global ransomware damage costs to reach $20 billion by 2021 .
QN. 02 Explain Cyber security index, ranking of African Countries and position of Tanzania.
THE CYBER SECURITY INDEX  Is a sentiment-based measure of the risk to the corporate, industrial, and governmental information infrastructure from a spectrum of cybersecurity threats.  To raise awareness of the importance and different dimensions of the issues has classified African’s Member States into three categories:- i. Leading stage: refers to the 6 countries (i.e., GCI score in the 50th percentile and higher) that demonstrate high commitment. ii. Maturing stage: refers to the 11 countries (i.e., GCI score between the 20th and 49th percentile) that have developed complex commitments, and engage in cybersecurity programs and initiatives. iii. Initiating stage: refers to the 27 countries (i.e., GCI score less than the 20th percentile) that have started to make commitments in cybersecurity.
TANZANIA POSITION IN CYBERSECURITY INDEX  Cyber security has improved dramatically in Tanzania over the last three years apparently due to a conducive legal and regulatory framework, according to the 2018 Global Cyber Security Index. Tanzania is now one of the 11 leading African countries; ranking 5th in the maturing stage; up from being 12th in 2017.  The table below show the Global Cyber Security Index for Africa states ;-
To wind up , Better accounting for cybersecurity will be essential for the digital world into which we are moving to ensure return of technological investment THE END

More Related Content

PPTX
Tax Planning
bykaromah95
 
PPTX
Demokrasi dan Pentingnya Pendidikan Demokrasi
byJenn Anastasya
 
PPTX
KEWIRAUSAHAAN BAB RESIKO
byadwikumaidityantoro
 
PDF
Observasi data dan informasi penyakit berdasarkan analisi puskesmas sukakarya
byAniNurdiapansah
 
PPTX
Modul 7 sub modul 1
byunitpublikasi
 
DOCX
Aristotelas konsep negara
byMuhammad Idris
 
DOCX
Informed consent.2222
byYabniel Lit Jingga
 
PPTX
TRIAS POLITICA.pptx
byWahyuSaputra376866
 
Tax Planning
bykaromah95
 
Demokrasi dan Pentingnya Pendidikan Demokrasi
byJenn Anastasya
 
KEWIRAUSAHAAN BAB RESIKO
byadwikumaidityantoro
 
Observasi data dan informasi penyakit berdasarkan analisi puskesmas sukakarya
byAniNurdiapansah
 
Modul 7 sub modul 1
byunitpublikasi
 
Aristotelas konsep negara
byMuhammad Idris
 
Informed consent.2222
byYabniel Lit Jingga
 
TRIAS POLITICA.pptx
byWahyuSaputra376866
 

Similar to ASSIGNMENT CYBER SECURITY ppt.pptx

PPTX
Cyber.pptx
byMahalakshmiShetty3
 
PPTX
Ninth Annual Cost of Cybercrime Study in Financial Services – 2019 Report
byaccenture
 
PPTX
What is Information Security and why you should care ...
byJames Mulhern
 
DOCX
Task 3
byBIBEKCHAUDHARYBScHon
 
PDF
Cyber Security.pdf
bypreethajoseph5
 
PPTX
CyberSecurity and Importance of cybersecurity
byHome
 
PPT
Computer Security
byVaibhavi Patel
 
PPT
Computer Security
byVaibhavi Patel
 
PDF
Cost of Cybercrime Study in Financial Services: 2019 Report
byaccenture
 
PPTX
The Evolution of Cybercrime
byStephen Cobb
 
PDF
Meeting 15. network security
bySyaiful Ahdan
 
PDF
20101012 isa larry_clinton
byCIONET
 
PPTX
Network security
byEshrak Rahman
 
PPTX
M01-L01 - Introduction to Cybersecurity Analytics_Updated.pptx
byMinhaoCheng2
 
PDF
Dell Technologies Cyber Security playbook
byMargarete McGrath
 
PDF
cyber security
byNaveed Ahmed Siddiqui
 
PPTX
Cyber Security – Challenges [Autosaved].pptx
byRambilashTudu
 
PPT
Intro
byJustineJohn3
 
PPT
Network Security
byVipul Mosaic
 
PDF
What Are Cyber Attacks All About? | Cyberroot Risk Advisory
byCR Group
 
Cyber.pptx
byMahalakshmiShetty3
 
Ninth Annual Cost of Cybercrime Study in Financial Services – 2019 Report
byaccenture
 
What is Information Security and why you should care ...
byJames Mulhern
 
Task 3
byBIBEKCHAUDHARYBScHon
 
Cyber Security.pdf
bypreethajoseph5
 
CyberSecurity and Importance of cybersecurity
byHome
 
Computer Security
byVaibhavi Patel
 
Computer Security
byVaibhavi Patel
 
Cost of Cybercrime Study in Financial Services: 2019 Report
byaccenture
 
The Evolution of Cybercrime
byStephen Cobb
 
Meeting 15. network security
bySyaiful Ahdan
 
20101012 isa larry_clinton
byCIONET
 
Network security
byEshrak Rahman
 
M01-L01 - Introduction to Cybersecurity Analytics_Updated.pptx
byMinhaoCheng2
 
Dell Technologies Cyber Security playbook
byMargarete McGrath
 
cyber security
byNaveed Ahmed Siddiqui
 
Cyber Security – Challenges [Autosaved].pptx
byRambilashTudu
 
Intro
byJustineJohn3
 
Network Security
byVipul Mosaic
 
What Are Cyber Attacks All About? | Cyberroot Risk Advisory
byCR Group
 

ASSIGNMENT CYBER SECURITY ppt.pptx

  • 1.
    QN. 01 Review cyber-securityand its cost to the world economy.
  • 2.
    PART 1. INTRODUCTION Cyber security Is the body of technologies, processes, and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.
  • 3.
    SECURITY FUNDAMENTALS. Confidentiality  Isabout preventing the disclosure of data to unauthorized parties. Its Standard measures to establish confidentiality include:  Data encryption  Two-factor authentication  Biometric verification  Security tokens
  • 4.
    Integrity:  Refers toprotecting information from being modified by unauthorized parties. Standard measures to guarantee integrity include: Cryptographic checksums, Using file permissions Uninterrupted power supplies, Data backups
  • 5.
    Availability  Is makingsure that authorized parties are able to access the information when needed.  Standard measures to guarantee availability include:  Backing up data to external drives  Implementing firewalls  Having backup power supplies  Data redundancy
  • 6.
    Why is cybersecurity important?  This is due to Cyber-attacks which can be extremely expensive for businesses to endure.  Cyber-attacks can be classified into the following categories:  Web-based attacks  System-based attacks
  • 7.
     Web-based attacks 1.Injection attacks  It is the attack in which some data will be injected into a web application to manipulate the application and fetch the required information.  Example- SQL Injection, code Injection, log Injection, XML Injection etc
  • 8.
    Web-based attacks cont…. 2.Phishing  Phishing is a type of attack which attempts to steal sensitive information like user login credentials and credit card number. It occurs when an attacker is masquerading as a trustworthy entity in electronic communication
  • 9.
    Web-based attacks cont.…. 3.Denial of Service.  It is an attack which meant to make a server or network resource unavailable to the users. It accomplishes this by flooding the target with traffic or sending information that triggers a crash.  It uses the single system and single internet connection to attack a server
  • 10.
    Web-based attacks cont…. 4.Man in the middle attacks.  It is a type of attack that allows an attacker to intercepts the connection between client and server and acts as a bridge between them. Due to this, an attacker will be able to read, insert and modify the data in the intercepted connection.
  • 11.
    System-based attacks 1. Virus It is a type of malicious software program that spread throughout the computer files without the knowledge of a user.
  • 12.
    System-based attacks cont… 2. Worm. It is a type of malware whose primary function is to replicate itself to spread to uninfected computers.  It works same as the computer virus. Worms often originate from email attachments that appear to be from trusted senders.
  • 13.
    System-based attacks cont… 3. Trojanhorse.  It is a malicious program that occurs unexpected changes to computer setting and unusual activity, even when the computer should be idle.  It misleads the user of its true intent.  It appears to be a normal application but when opened/executed some malicious code will run in the background.
  • 14.
    System-based attacks cont… 4. Backdoors. It is a method that bypasses the normal authentication process.  A developer may create a backdoor so that an application or operating system can be accessed for troubleshooting or other purposes.
  • 15.
    System-based attacks cont… 5. Bots A bot (short for "robot") is an automated process that interacts with other network services.  Some bots program run automatically, while others only execute commands when they receive specific input.  Common examples of bots program are the crawler, chatroom bots, and malicious bots.
  • 16.
    PART 2. Theabove mentioned cyber- security attacks cost the world economy as follows. 1.Size of company  The more employees you have the more opportunities for a cyber-attack to occur (more computers, workstations, and devices are vulnerable to attacks).  Larger organizations tend to require more in their cyber security spending than smaller businesses.  Example, Large enterprises like Microsoft spend $1 billion to drive cybersecurity initiatives  The financial industry spends 10% of its information Technology (IT) budget average on cybersecurity.  Cyber-crime cost businesses in the United States more than $3.5 billion in internet-related cyber crimes and damages according to a 2019 FBI report.
  • 17.
    Cyber security costfactors Cont.… 2. Type of data Businesses that collect more sensitive data will need additional security layers to ensure they are compliant with industry-standard legal compliance.  More money will be required to protect data that comes under compliance  For example, you need a bigger budget if your data falls under Health Insurance Portability and Accountability act (HIPAA) or Businesses in commerce, Payment Card Industry (PCI) to ensure privacy and prevent breaches  General business may need to allocate 0.2% to 0.9% of its annual revenues to drive cybersecurity initiatives.
  • 18.
    Cyber security costfactors Cont.… 3. Products and Services  The more protection you have in the form of products and services, the higher the cost. Example Firewalls range in prices between $400 and $6,000.  Businesses that choose both cyber security products and services should expect to pay more than if they just select products. For example, a bank may need 24/7 monitoring to identify and track threats.  Example , The volume of cyber security services you use, like antivirus, will determine your cost. According to Kaspersky, such a setup can cost a business $54,300 on average per year. In addition, companies also need to pay one-time costs of around $3,000.  Using cloud-based security solutions can incur $33,500 annually on cybersecurity
  • 19.
    Cyber security costfactors Cont.… 4. Self-Install vs. Professional Install  Cyber security companies can sell security products to set up yourselves, or to contact a security vendor to help install the product (usually for additional setup fees).  A dedicated chief information security officer (CISO) can increase prices/cost  An average firewall configuration costs between $450 and $2,500.  Expected cost for a vulnerability assessment: $1,500 – $6,000 for a network with 1-3 servers and $5,000 – $10,000 for a network with 5-8 servers.
  • 20.
    Cyber security costfactors Cont.… 5. Professional Audits  Organizations can periodically conduct third-party audits to ensure they are updated with the latest security and compliance standards.  this involve hire personnel or rely on cybersecurity provider for added costs.  Audit reveal that, the latest forecast is for global ransomware damage costs to reach $20 billion by 2021 .
  • 21.
    QN. 02 Explain Cybersecurity index, ranking of African Countries and position of Tanzania.
  • 22.
    THE CYBER SECURITYINDEX  Is a sentiment-based measure of the risk to the corporate, industrial, and governmental information infrastructure from a spectrum of cybersecurity threats.  To raise awareness of the importance and different dimensions of the issues has classified African’s Member States into three categories:- i. Leading stage: refers to the 6 countries (i.e., GCI score in the 50th percentile and higher) that demonstrate high commitment. ii. Maturing stage: refers to the 11 countries (i.e., GCI score between the 20th and 49th percentile) that have developed complex commitments, and engage in cybersecurity programs and initiatives. iii. Initiating stage: refers to the 27 countries (i.e., GCI score less than the 20th percentile) that have started to make commitments in cybersecurity.
  • 23.
    TANZANIA POSITION IN CYBERSECURITYINDEX  Cyber security has improved dramatically in Tanzania over the last three years apparently due to a conducive legal and regulatory framework, according to the 2018 Global Cyber Security Index. Tanzania is now one of the 11 leading African countries; ranking 5th in the maturing stage; up from being 12th in 2017.  The table below show the Global Cyber Security Index for Africa states ;-
  • 25.
    To wind up, Better accounting for cybersecurity will be essential for the digital world into which we are moving to ensure return of technological investment THE END