SlideShare a Scribd company logo

Challenges 14 security (1).pdf

D
dhayadhayananth1

Cyber security involves protecting systems, networks, programs and data from digital attacks. The main types of cyber security are network security, cloud security, endpoint security, mobile security, IoT security, application security and zero-trust models. Common cyber attacks include supply chain attacks, ransomware attacks, phishing attacks and malware. Identity and access management (IAM) is important for controlling user access and securely storing identity data. Hacking involves unauthorized system access and comes in black hat, gray hat and white hat varieties. Common devices vulnerable to hacking are smart devices, webcams, routers and email. Prevention methods include software updates, unique passwords, HTTPS encryption and avoiding suspicious links/ads.

Technology
1 of 5
Download to read offline
Topic - Cyber security It is the practice of the protecting the system ,device,networks and programs from digital attacks .These cyber attacks are usually aimed at the accessing ,changing or destroyed sensitive information Extorting money from user or interrupting normal business process in cyber security Types of Cyber security ● Network Security: Most of the attacks occur over the network and network security solutions are designed to identify and block these attacks . ● These solution include data and access controls such as a data loss prevention IAM,NGFW,application controls to enforce safe web use policies ● Cloud security: In the organization increasingly adopt cloud computing ,securing the cloud becomes a major priority ,A under to cyber security in the cloud security strategy include solution ,controls ,policies and service that help to protect organization entire cloud deployment ● Endpoint security; The Zero-Trust security is the model of the creating micro-segment around data wherever it may be .One way to do that with a mobile workforce is the using endpoint security .With endpoint security ,companies can secure end-user device such as desktop and laptop with data and network security controls advanced threat prevention such as anti-phishing and anti-ransomware etc. ● Mobile security;In the under cyber security ,Mobile device in the such as tablet and smartphones access to corporate data ,exposing business to threat from malicious app,zero-day ,phishing ,and I'M attacks ● IoTSecurity: It is protect these device with discovery and classification of the connected device ● auto -segmentation to control network activities and using IPS as a virtual patch to prevent exploits against vulnerable devices. ● Application security : Application security also prevents bot attacks and stops any malicious interaction with applications and APIs ● Zero-Trust: The traditional security model is perimeter-focused, building walls around an organization’s valuable assets like a castle. Cyber security attacks
● Supply chain attack : Protecting against supply chain attacks requires a zero trust approach to cyber security .While partnership and vendor relationships are good for business ,third-party user and software should be good for business ,third-party users and software should have access limited to the minimum necessary to do their jobs and should be continually monitoring. ● Ransomware attack: While ransomware has been around for decades, it only became the dominant form of malware within the last few years. The WannaCry ransomware outbreak demonstrated the viability and profitability of ransomware attacks, driving a sudden surge in ransomware campaigns. ● Phishing attack:Phishing attacks have long been the most common and effective means by which Cyber security criminals gain access to corporate environments. It is often much easier to trick a user into clicking a link or opening an attachment than it is to identify and exploit a vulnerability within an organization’s defenses. ● Malware:Modern malware is swift, stealthy, and sophisticated. The detection techniques used by legacy security solutions (such as signature-based detection) are no longer effective, and, often, by the time Cyber security analysts have detected and responded to a threat, the damage is already done. TOPIC 2 - IAM - Identity and access management In The framework of business process ,policies and technologies that facilitates the management of the electronic or digital.with an IAM framework in place,information technology IT managers can control user access to critical information within their organization . System used for the IAM include single-sign-on system ,MFA and privileged access management .These technologies also provided the ability the ability to securely store identity and profile data as well as data governance function to ensure that only that necessary and relevant is shared On a fundamental level ,IAM encompasses the following component ● How individuals are identified in a system ● How role is identified in a system ● How they are assigned to individuals ● Adding ,removing,and updating individuals and their roles in a system ● Assigning levels of access to individuals or group of individuals and protecting the sensitive data
● Within the system and securing the system itself Why is IAM important IT departments are under increased regulatory and organizational pressure to protect access to corporate resources. IAM including biometrics, behavior analytics and AI -- is well suited to the rigors of the new security landscape. For example, IAMs tight control of resource access in highly distributed and dynamic environments aligns with the industry's transition from firewalls to zero-trust models and with the security requirements of IoT. For more information on the future of IoT security, Basic components of IAM Access is the ability of an individual user to perform a specific task, such as view, create or modify a file. Roles are defined according to job, authority and responsibility within the enterprise. capture and record user login information, manage the enterprise database of user identities, and orchestrate the assignment and removal of access privileges. That means systems used for IAM should provide a centralized directory service with oversight and visibility into all aspects of the company user base. TOPIC 3- Hacking The hacking act of compromising digital devices and networks through unauthorized access to an account or computer system. Hacking is not always a malicious act, but it is most commonly associated with illegal activity and data theft by cyber criminals. Types of Hackers ● Black Hat Hackers : Black hat hackers are the "bad guys" of the hacking scene. They go out of their way to discover vulnerabilities in computer systems and software to exploit them for financial gain or for more malicious purposes, such as to gain reputation, carry out corporate espionage, or as part of a nation-state hacking campaign. ● Gray Hat Hackers:Grey hat hackers sit somewhere between the good and the bad guys. Unlike black hat hackers, they attempt to violate standards and principles but without intending to do harm or gain financially. ● White Hat hackers : White hat hackers can be seen as the “good guys” who attempt to prevent the success of black hat hackers through proactive hacking. They use their
technical skills to break into systems to assess and test the level of network security, also known as ethical hacking. This helps expose vulnerabilities in systems before black hat hackers can detect and exploit them. Device Most Vulnerable in Hacking ● Smart Device :Smart devices, such as smartphones, are lucrative targets for hackers. Android devices, in particular, have a more open-source and inconsistent software development process than Apple devices, which puts them at risk of data theft or corruption. ● Webcam:Webcams built into computers are a common hacking target, mainly because hacking them is a simple process. Hackers typically gain access to a computer using a Remote Access Trojan (RAT) in rootkit malware ● Router:Hacking routers enables an attacker to gain access to data sent and received across them and networks that are accessed on them. ● Email: Email is one of the most common targets of cyberattacks. It is used to spread malware and ransomware and as a tactic for phishing attacks, which enable attackers to target victims with malicious attachments or links. Prevention to hacking ● Software Update : Hackers are hacking constantly on the lookout for vulnerabilities or holes in security that have not been seen or patched. ● Use Unique Password for different account :Weak passwords or account credentials and poor password practices are the most common cause of data breaches and cyberattacks. ● HTTPS encryption: Spoofed websites are another common vehicle for data theft, when hackers create a scam website that looks legitimate but will actually steal the credentials that users enter. ● Avoid Clicking ADs :Advertisements like pop-up ads are also widely used by hackers. When clicked, they lead the user to inadvertently download malware or spyware onto their device.
Challenges 14 security (1).pdf

Recommended

Cysecc.pptx
Cysecc.pptxCysecc.pptx
Cysecc.pptx
jondon17
 
Module 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxModule 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptx
Skippedltd
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe Guards
Sitamarhi Institute of Technology
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdf
Sitamarhi Institute of Technology
 
Top Companies Providing Cyber Security in Europe
Top Companies Providing Cyber Security in EuropeTop Companies Providing Cyber Security in Europe
Top Companies Providing Cyber Security in Europe
roxanaaleena
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdf
Careerera
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
Sweta Kumari Barnwal
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
Sweta Kumari Barnwal
 

Recommended

Cysecc.pptx
Cysecc.pptxCysecc.pptx
Cysecc.pptx
jondon17
 
Module 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxModule 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptx
Skippedltd
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe Guards
Sitamarhi Institute of Technology
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdf
Sitamarhi Institute of Technology
 
Top Companies Providing Cyber Security in Europe
Top Companies Providing Cyber Security in EuropeTop Companies Providing Cyber Security in Europe
Top Companies Providing Cyber Security in Europe
roxanaaleena
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdf
Careerera
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
Sweta Kumari Barnwal
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
Sweta Kumari Barnwal
 
Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdf
srtwgwfwwgw
 
module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security Concepts
Sitamarhi Institute of Technology
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
Sitamarhi Institute of Technology
 
Mim Attack Essay
Mim Attack EssayMim Attack Essay
Mim Attack Essay
Haley Johnson
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
MBRoman1
 
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxChap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
SharmilaMore5
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
AbhishekDas794104
 
M1_Introduction_IPS.pptx
M1_Introduction_IPS.pptxM1_Introduction_IPS.pptx
M1_Introduction_IPS.pptx
imanuelantoniussohir
 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...
null - The Open Security Community
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
ANIKETKUMARSHARMA3
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Illumeo
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptx
muskaangoel15
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
AkshayKhade21
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
jondon17
 
Security Threats in E-Commerce
Security Threats in E-CommerceSecurity Threats in E-Commerce
Security Threats in E-Commerce
Dattatreya Reddy Peram
 
Top 5 Network Security Risks in 2023 - Bahaa Al Zubaidi .pdf
Top 5 Network Security Risks in 2023 - Bahaa Al Zubaidi .pdfTop 5 Network Security Risks in 2023 - Bahaa Al Zubaidi .pdf
Top 5 Network Security Risks in 2023 - Bahaa Al Zubaidi .pdf
Bahaa Al Zubaidi
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
PradeeshSAI
 
what is cybersecurity.pdf
what is cybersecurity.pdfwhat is cybersecurity.pdf
what is cybersecurity.pdf
publicchats
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
UthsoNandy
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 

More Related Content

Similar to Challenges 14 security (1).pdf

Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdf
srtwgwfwwgw
 
module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security Concepts
Sitamarhi Institute of Technology
 
Mim Attack Essay
Mim Attack EssayMim Attack Essay
Mim Attack Essay
Haley Johnson
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
MBRoman1
 
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxChap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
SharmilaMore5
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
AbhishekDas794104
 
M1_Introduction_IPS.pptx
M1_Introduction_IPS.pptxM1_Introduction_IPS.pptx
M1_Introduction_IPS.pptx
imanuelantoniussohir
 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...
null - The Open Security Community
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
ANIKETKUMARSHARMA3
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Illumeo
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptx
muskaangoel15
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
AkshayKhade21
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
jondon17
 
Security Threats in E-Commerce
Security Threats in E-CommerceSecurity Threats in E-Commerce
Security Threats in E-Commerce
Dattatreya Reddy Peram
 
Top 5 Network Security Risks in 2023 - Bahaa Al Zubaidi .pdf
Top 5 Network Security Risks in 2023 - Bahaa Al Zubaidi .pdfTop 5 Network Security Risks in 2023 - Bahaa Al Zubaidi .pdf
Top 5 Network Security Risks in 2023 - Bahaa Al Zubaidi .pdf
Bahaa Al Zubaidi
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
PradeeshSAI
 
what is cybersecurity.pdf
what is cybersecurity.pdfwhat is cybersecurity.pdf
what is cybersecurity.pdf
publicchats
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
UthsoNandy
 

Similar to Challenges 14 security (1).pdf (20)

Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdf
 
module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security Concepts
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
 
Mim Attack Essay
Mim Attack EssayMim Attack Essay
Mim Attack Essay
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxChap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
M1_Introduction_IPS.pptx
M1_Introduction_IPS.pptxM1_Introduction_IPS.pptx
M1_Introduction_IPS.pptx
 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptx
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
 
Security Threats in E-Commerce
Security Threats in E-CommerceSecurity Threats in E-Commerce
Security Threats in E-Commerce
 
Top 5 Network Security Risks in 2023 - Bahaa Al Zubaidi .pdf
Top 5 Network Security Risks in 2023 - Bahaa Al Zubaidi .pdfTop 5 Network Security Risks in 2023 - Bahaa Al Zubaidi .pdf
Top 5 Network Security Risks in 2023 - Bahaa Al Zubaidi .pdf
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
 
what is cybersecurity.pdf
what is cybersecurity.pdfwhat is cybersecurity.pdf
what is cybersecurity.pdf
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
 

Recently uploaded

Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 

Recently uploaded (20)

Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 

Challenges 14 security (1).pdf

  • 1. Topic - Cyber security It is the practice of the protecting the system ,device,networks and programs from digital attacks .These cyber attacks are usually aimed at the accessing ,changing or destroyed sensitive information Extorting money from user or interrupting normal business process in cyber security Types of Cyber security ● Network Security: Most of the attacks occur over the network and network security solutions are designed to identify and block these attacks . ● These solution include data and access controls such as a data loss prevention IAM,NGFW,application controls to enforce safe web use policies ● Cloud security: In the organization increasingly adopt cloud computing ,securing the cloud becomes a major priority ,A under to cyber security in the cloud security strategy include solution ,controls ,policies and service that help to protect organization entire cloud deployment ● Endpoint security; The Zero-Trust security is the model of the creating micro-segment around data wherever it may be .One way to do that with a mobile workforce is the using endpoint security .With endpoint security ,companies can secure end-user device such as desktop and laptop with data and network security controls advanced threat prevention such as anti-phishing and anti-ransomware etc. ● Mobile security;In the under cyber security ,Mobile device in the such as tablet and smartphones access to corporate data ,exposing business to threat from malicious app,zero-day ,phishing ,and I'M attacks ● IoTSecurity: It is protect these device with discovery and classification of the connected device ● auto -segmentation to control network activities and using IPS as a virtual patch to prevent exploits against vulnerable devices. ● Application security : Application security also prevents bot attacks and stops any malicious interaction with applications and APIs ● Zero-Trust: The traditional security model is perimeter-focused, building walls around an organization’s valuable assets like a castle. Cyber security attacks
  • 2. ● Supply chain attack : Protecting against supply chain attacks requires a zero trust approach to cyber security .While partnership and vendor relationships are good for business ,third-party user and software should be good for business ,third-party users and software should have access limited to the minimum necessary to do their jobs and should be continually monitoring. ● Ransomware attack: While ransomware has been around for decades, it only became the dominant form of malware within the last few years. The WannaCry ransomware outbreak demonstrated the viability and profitability of ransomware attacks, driving a sudden surge in ransomware campaigns. ● Phishing attack:Phishing attacks have long been the most common and effective means by which Cyber security criminals gain access to corporate environments. It is often much easier to trick a user into clicking a link or opening an attachment than it is to identify and exploit a vulnerability within an organization’s defenses. ● Malware:Modern malware is swift, stealthy, and sophisticated. The detection techniques used by legacy security solutions (such as signature-based detection) are no longer effective, and, often, by the time Cyber security analysts have detected and responded to a threat, the damage is already done. TOPIC 2 - IAM - Identity and access management In The framework of business process ,policies and technologies that facilitates the management of the electronic or digital.with an IAM framework in place,information technology IT managers can control user access to critical information within their organization . System used for the IAM include single-sign-on system ,MFA and privileged access management .These technologies also provided the ability the ability to securely store identity and profile data as well as data governance function to ensure that only that necessary and relevant is shared On a fundamental level ,IAM encompasses the following component ● How individuals are identified in a system ● How role is identified in a system ● How they are assigned to individuals ● Adding ,removing,and updating individuals and their roles in a system ● Assigning levels of access to individuals or group of individuals and protecting the sensitive data
  • 3. ● Within the system and securing the system itself Why is IAM important IT departments are under increased regulatory and organizational pressure to protect access to corporate resources. IAM including biometrics, behavior analytics and AI -- is well suited to the rigors of the new security landscape. For example, IAMs tight control of resource access in highly distributed and dynamic environments aligns with the industry's transition from firewalls to zero-trust models and with the security requirements of IoT. For more information on the future of IoT security, Basic components of IAM Access is the ability of an individual user to perform a specific task, such as view, create or modify a file. Roles are defined according to job, authority and responsibility within the enterprise. capture and record user login information, manage the enterprise database of user identities, and orchestrate the assignment and removal of access privileges. That means systems used for IAM should provide a centralized directory service with oversight and visibility into all aspects of the company user base. TOPIC 3- Hacking The hacking act of compromising digital devices and networks through unauthorized access to an account or computer system. Hacking is not always a malicious act, but it is most commonly associated with illegal activity and data theft by cyber criminals. Types of Hackers ● Black Hat Hackers : Black hat hackers are the "bad guys" of the hacking scene. They go out of their way to discover vulnerabilities in computer systems and software to exploit them for financial gain or for more malicious purposes, such as to gain reputation, carry out corporate espionage, or as part of a nation-state hacking campaign. ● Gray Hat Hackers:Grey hat hackers sit somewhere between the good and the bad guys. Unlike black hat hackers, they attempt to violate standards and principles but without intending to do harm or gain financially. ● White Hat hackers : White hat hackers can be seen as the “good guys” who attempt to prevent the success of black hat hackers through proactive hacking. They use their
  • 4. technical skills to break into systems to assess and test the level of network security, also known as ethical hacking. This helps expose vulnerabilities in systems before black hat hackers can detect and exploit them. Device Most Vulnerable in Hacking ● Smart Device :Smart devices, such as smartphones, are lucrative targets for hackers. Android devices, in particular, have a more open-source and inconsistent software development process than Apple devices, which puts them at risk of data theft or corruption. ● Webcam:Webcams built into computers are a common hacking target, mainly because hacking them is a simple process. Hackers typically gain access to a computer using a Remote Access Trojan (RAT) in rootkit malware ● Router:Hacking routers enables an attacker to gain access to data sent and received across them and networks that are accessed on them. ● Email: Email is one of the most common targets of cyberattacks. It is used to spread malware and ransomware and as a tactic for phishing attacks, which enable attackers to target victims with malicious attachments or links. Prevention to hacking ● Software Update : Hackers are hacking constantly on the lookout for vulnerabilities or holes in security that have not been seen or patched. ● Use Unique Password for different account :Weak passwords or account credentials and poor password practices are the most common cause of data breaches and cyberattacks. ● HTTPS encryption: Spoofed websites are another common vehicle for data theft, when hackers create a scam website that looks legitimate but will actually steal the credentials that users enter. ● Avoid Clicking ADs :Advertisements like pop-up ads are also widely used by hackers. When clicked, they lead the user to inadvertently download malware or spyware onto their device.