SlideShare a Scribd company logo

cyber security.pptx

Download as PPTX, PDF
T
Tapan Khilar

The document discusses cyber security and types of cyber attacks. It covers the key elements of cyber security including mobile security, end-user education, application security, network security, and information security. It describes common types of cyber attacks such as malware, ransomware, social engineering, phishing, and man-in-the-middle attacks. The document provides safety tips for users, including using antivirus software, practicing good password management, and being wary of suspicious links or requests for personal information.

1 of 44
HC/RO.Tapan Kumar Khilar
 Introduction  Elements of cyber security  Types of cyber attack  Safety tips
Introduction  Cyber security or information technology security are the techniques of protecting computers,networks, programs and data from unauthorized access or attack.  Network security includes activities to protect the usability, reliability, integrity and safety of the network.
Elements of cyber security  Mobile security  End-user education  Application security  Network security  Information security
Mobile security The term mobile security is a broad one that covers everything from protecting mobile devices from malware threats to reducing risks and securing mobile devices and their data in the case of theft, unauthorized access or accidental loss of the mobile device.
End-User Education  In information technology the term end user is used to distinguish the person for whom a hardware or software product is designed.  Our end-users are the first line of defense against cyber security attacks (like phishing scams).
Application security  Application security describes security measures at the application level that aim to prevent data or code within the app from being stolen or hijacked.  Application security may include hardware, software, and procedures that identify or minimize security vulnerabilities.
Network security  Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.  Network security is involved in organizations, enterprises, and other types of institutions.
Information security  Information systems security does not just deal with computer information, but also protecting data and information in all of its forms, such as telephone conversations.  COMPUSEC + COMSEC + TEMPEST = INFOSEC Where COMPUSEC is computer systems security, COMSEC is communications security, and TEMPEST is compromising emanations.
Types of cyber attack  Malware  Ransom ware  Mobile Security Threats  Social engineering  Fishing  Man-in-the-middle attack.
Malware A malware attack is a type of cyber attack in which malware or malicious software performs activities on the victim's computer system, usually without his/her knowledge. Nowadays, people use words like malware, spyware, and ransom ware a lot more than the word "virus." ... Computer viruses operate via similar means.
Ransomware Ransomware: a type of malware that involves an attacker locking the victim's computer system files typically through encryption and demanding a payment to decrypt and unlock them.
Mobile Security Threats  Data Leakage  Network Spoofing(Unsecured Wi-Fi)  Social engineering  Spyware  Improper Session Handling  Malicious Apps
Security Measures You Can Take  Install Some Security App on Your Device.  Create Strong Passwords and unlock patterns  Keep Software Up-to-Date.  Understand app permissions before accepting them.  Check Bank Statements and Mobile Charges.  Wipe data on your old phone before you donate, resell or recycle it.  Report stolen phones.  Watch out for pirated apps.
Social engineering  Social engineering is the practice of obtaining confidential information by manipulation of legitimate users.  A social engineer will commonly use the telephone or Internet to trick a person into revealing sensitive information or getting them to do something that is against typical policies.
Thereare two types of Social Engineeringattacks  Technical attacks  Non-technical attacks. “Technical attacks are those attacks that deceive the user into believing that the application in use is truly providing them with security which is not the factalways.” Example:- Phishing Common bait Vishing Spam mail Popup Window Interesting Software
Phishing Phishing is the process of crafting emails that appear to be from a trusted source and typically invite the recipient to either supply confidential information or click on amalicious link or attachment.
Fake Mail Online
TipsFor Identifying Phishing Attempts – Theemail asksyou to update account information – There are unfamiliar layouts/designs with no verificationimages – Theemail provides unfamiliar hyperlinks
Example
Common Bait • “Sweet Deals” – Free Stuff – Limited Time Offers – PackageDelivery • Help Me, Help You! – T echSupport
Vishing It is the practice of leveraging Voice over Internet Protocol (VoIP) technology to trick private personal and financial information from the public for the purpose of financial reward. This term is a combination of "voice" and phishing. Vishing exploits the public's trust in telephone services.  Spam Mails E-mails that offer friendships, diversion, gifts and various free pictures and information take advantage of the anonymity and camaraderie of the Internet to plant malicious code.  Popup Window The attacker's rogue program generates a pop up window, saying that the application connectivity was dropped due to network problems, and now the user needs to reenter his id and password to continue with his session.  Interesting Software In this case the victim is convinced to download and install a very useful program or application which might be 'window dressed' .
The non- technicalattacks Non-technical approach are perpetrated purely through deception; i.e. by taking advantage of the victim's human behavior weaknesses.  Pretexting / Impersonation  Dumpster Diving  Spying and Eavesdropping  Acting as a Technical Expert  Support Staff
 Pretexting / Impersonation: This is the act of creating and using an invented scenario (the pretext) to persuade a target to release information. It's more than a simple lie as it most often involves some prior research or set up and makes use of pieces of known information (e.g. date of birth, mother's maiden name, billing address etc.) to establish legitimacy in the mind.  Dumpster Diving: If the junk mail contains personal identification information, a 'dumpster diver' can use it in carrying out an identity theft. A hacker can retrieve confidential Information from the hard disk of a computer as there are numerous ways to retrieve information from disks, even if the user thinks the data has been 'deleted' from the disk.
 Spying and Eavesdropping: A clever spy can determine the id and password by observing a user typing it in (Shoulder Surfing). All that needs to be done is to be there behind the user and be able to see his fingers on the keyboard.  Acting as a Technical Expert: This is the case where an intruder pretends to be a support technician working on a network problem requests the user to let him access the workstation and 'fix' the problem.  Support Staff: Here a hacker may pose as a member of a facility support staff and do the trick. A man dressed like the cleaning crew, walks into the work area, carrying cleaning equipment. In the process of appearing to clean your desk area, he can snoop around and get valuable information - such as passwords, or a confidential file that you have forgotten to lock up.
Man-in-the-middle attack Man-in-the-middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.
 Use antivirus software.  Insert firewalls  Uninstall unnecessary software  Eight characters is not enough. Practice good password management.  Lock it up. Never leave your devices unattended. ...  Practice safe clicking.  Share less sensitive information.  Important software like browser, payment wallet apps should be updated regularly  Avoid opening links of lotteries, prizes, gifts, discounts  Never give your full name or address to strangers
Continued..  Cut Out The “Middle Man”.  Stay On Top Of Your Accounts.  Back It Up. ...  Beware Of Browsing.  While using third party computers or mobiles for browsing use the private/incognito mode  While using third party computers, use an on-screen keyboard while entering important details  While logging in to any site, check the URL (the one in the address bar), it should be exactly the same as the site you want to log in to .
cyber security.pptx
cyber security.pptx

Recommended

Mobile security
Mobile securityMobile security
Mobile security
Tapan Khilar
 
mobile security.pptx
mobile security.pptxmobile security.pptx
mobile security.pptx
Tapan Khilar
 
Social engineering
Social engineeringSocial engineering
Social engineeringAlexander Zhuravlev
 
Cape it unit 2 module 3 unedited students notes (compiled from internet)
Cape it unit 2 module 3 unedited students notes (compiled from internet)Cape it unit 2 module 3 unedited students notes (compiled from internet)
Cape it unit 2 module 3 unedited students notes (compiled from internet)Jevaughan Edie
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ncell
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
tunzida045
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
tunzida045
 
SAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdfSAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdf
ssusera0b94b
 

Recommended

Mobile security
Mobile securityMobile security
Mobile security
Tapan Khilar
 
mobile security.pptx
mobile security.pptxmobile security.pptx
mobile security.pptx
Tapan Khilar
 
Social engineering
Social engineeringSocial engineering
Social engineeringAlexander Zhuravlev
 
Cape it unit 2 module 3 unedited students notes (compiled from internet)
Cape it unit 2 module 3 unedited students notes (compiled from internet)Cape it unit 2 module 3 unedited students notes (compiled from internet)
Cape it unit 2 module 3 unedited students notes (compiled from internet)Jevaughan Edie
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ncell
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
tunzida045
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
tunzida045
 
SAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdfSAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdf
ssusera0b94b
 
Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdf
srtwgwfwwgw
 
Amir bouker
Amir bouker Amir bouker
Amir bouker
Amir Bouker
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
JoselitoJMebolos
 
Cyber Safety and cyber security. Safety measures towards computer networks a...
Cyber Safety and cyber security. Safety measures towards computer networks a...Cyber Safety and cyber security. Safety measures towards computer networks a...
Cyber Safety and cyber security. Safety measures towards computer networks a...
Ankita Shirke
 
Information security
Information securityInformation security
Information security
Laxmiprasad Bansod
 
Security awareness-checklist 2019
Security awareness-checklist 2019Security awareness-checklist 2019
Security awareness-checklist 2019
Mustafa Kuğu
 
Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...
Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...
Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...
Mverve1
 
Guarding the Digital Fortress.pdf
Guarding the Digital Fortress.pdfGuarding the Digital Fortress.pdf
Guarding the Digital Fortress.pdf
Mverve1
 
Computer security
Computer securityComputer security
Computer security
EktaVaswani2
 
social engineering attacks.docx
social engineering attacks.docxsocial engineering attacks.docx
social engineering attacks.docx
MehwishAnsari11
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdf
AnupmaMunshi
 
Cyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptCyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.ppt
Sukhdev48
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security
ritik shukla
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
zahid_ned
 
Computer Security 101 by Montaigne
Computer Security 101 by Montaigne Computer Security 101 by Montaigne
Computer Security 101 by Montaigne
MontaigneStudios
 
Cyber Security Company.docx
Cyber Security Company.docxCyber Security Company.docx
Cyber Security Company.docx
ArindamGhosal6
 
Cybercrime and security.pptx
Cybercrime and security.pptxCybercrime and security.pptx
Cybercrime and security.pptx
KarthikShivanand
 
First Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxFirst Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptx
CUInnovationTeam
 
THE IMPORTANCE OF CYBERSECURITY TO MANKIND
THE IMPORTANCE OF CYBERSECURITY TO MANKINDTHE IMPORTANCE OF CYBERSECURITY TO MANKIND
THE IMPORTANCE OF CYBERSECURITY TO MANKIND
ReinIgnacioUrolaza
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeDurban Chamber of Commerce and Industry
 
CYBER SECURITY AWARENESS.pptx
CYBER SECURITY AWARENESS.pptxCYBER SECURITY AWARENESS.pptx
CYBER SECURITY AWARENESS.pptx
Tapan Khilar
 
SNMP_ network monitoring.pptx
SNMP_ network monitoring.pptxSNMP_ network monitoring.pptx
SNMP_ network monitoring.pptx
Tapan Khilar
 

More Related Content

Similar to cyber security.pptx

Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdf
srtwgwfwwgw
 
Amir bouker
Amir bouker Amir bouker
Amir bouker
Amir Bouker
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
JoselitoJMebolos
 
Cyber Safety and cyber security. Safety measures towards computer networks a...
Cyber Safety and cyber security. Safety measures towards computer networks a...Cyber Safety and cyber security. Safety measures towards computer networks a...
Cyber Safety and cyber security. Safety measures towards computer networks a...
Ankita Shirke
 
Information security
Information securityInformation security
Information security
Laxmiprasad Bansod
 
Security awareness-checklist 2019
Security awareness-checklist 2019Security awareness-checklist 2019
Security awareness-checklist 2019
Mustafa Kuğu
 
Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...
Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...
Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...
Mverve1
 
Guarding the Digital Fortress.pdf
Guarding the Digital Fortress.pdfGuarding the Digital Fortress.pdf
Guarding the Digital Fortress.pdf
Mverve1
 
Computer security
Computer securityComputer security
Computer security
EktaVaswani2
 
social engineering attacks.docx
social engineering attacks.docxsocial engineering attacks.docx
social engineering attacks.docx
MehwishAnsari11
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdf
AnupmaMunshi
 
Cyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptCyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.ppt
Sukhdev48
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security
ritik shukla
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
zahid_ned
 
Computer Security 101 by Montaigne
Computer Security 101 by Montaigne Computer Security 101 by Montaigne
Computer Security 101 by Montaigne
MontaigneStudios
 
Cyber Security Company.docx
Cyber Security Company.docxCyber Security Company.docx
Cyber Security Company.docx
ArindamGhosal6
 
Cybercrime and security.pptx
Cybercrime and security.pptxCybercrime and security.pptx
Cybercrime and security.pptx
KarthikShivanand
 
First Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxFirst Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptx
CUInnovationTeam
 
THE IMPORTANCE OF CYBERSECURITY TO MANKIND
THE IMPORTANCE OF CYBERSECURITY TO MANKINDTHE IMPORTANCE OF CYBERSECURITY TO MANKIND
THE IMPORTANCE OF CYBERSECURITY TO MANKIND
ReinIgnacioUrolaza
 

Similar to cyber security.pptx (20)

Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdf
 
Amir bouker
Amir bouker Amir bouker
Amir bouker
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
 
Cyber Safety and cyber security. Safety measures towards computer networks a...
Cyber Safety and cyber security. Safety measures towards computer networks a...Cyber Safety and cyber security. Safety measures towards computer networks a...
Cyber Safety and cyber security. Safety measures towards computer networks a...
 
Information security
Information securityInformation security
Information security
 
Security awareness-checklist 2019
Security awareness-checklist 2019Security awareness-checklist 2019
Security awareness-checklist 2019
 
Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...
Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...
Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...
 
Guarding the Digital Fortress.pdf
Guarding the Digital Fortress.pdfGuarding the Digital Fortress.pdf
Guarding the Digital Fortress.pdf
 
Computer security
Computer securityComputer security
Computer security
 
social engineering attacks.docx
social engineering attacks.docxsocial engineering attacks.docx
social engineering attacks.docx
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdf
 
Cyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptCyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.ppt
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Computer Security 101 by Montaigne
Computer Security 101 by Montaigne Computer Security 101 by Montaigne
Computer Security 101 by Montaigne
 
Cyber Security Company.docx
Cyber Security Company.docxCyber Security Company.docx
Cyber Security Company.docx
 
Cybercrime and security.pptx
Cybercrime and security.pptxCybercrime and security.pptx
Cybercrime and security.pptx
 
First Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxFirst Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptx
 
THE IMPORTANCE OF CYBERSECURITY TO MANKIND
THE IMPORTANCE OF CYBERSECURITY TO MANKINDTHE IMPORTANCE OF CYBERSECURITY TO MANKIND
THE IMPORTANCE OF CYBERSECURITY TO MANKIND
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 

More from Tapan Khilar

CYBER SECURITY AWARENESS.pptx
CYBER SECURITY AWARENESS.pptxCYBER SECURITY AWARENESS.pptx
CYBER SECURITY AWARENESS.pptx
Tapan Khilar
 
SNMP_ network monitoring.pptx
SNMP_ network monitoring.pptxSNMP_ network monitoring.pptx
SNMP_ network monitoring.pptx
Tapan Khilar
 
cctv setup (2).pptx
cctv setup (2).pptxcctv setup (2).pptx
cctv setup (2).pptx
Tapan Khilar
 
FIBER OPTICS .ppt
FIBER OPTICS .pptFIBER OPTICS .ppt
FIBER OPTICS .ppt
Tapan Khilar
 
IDS VS IPS.pptx
IDS VS IPS.pptxIDS VS IPS.pptx
IDS VS IPS.pptx
Tapan Khilar
 
IT ACT 2000 _ AA 2008_TAPAN.pptx
IT ACT 2000 _ AA 2008_TAPAN.pptxIT ACT 2000 _ AA 2008_TAPAN.pptx
IT ACT 2000 _ AA 2008_TAPAN.pptx
Tapan Khilar
 
Acl cisco
Acl ciscoAcl cisco
Acl cisco
Tapan Khilar
 
Data security
Data securityData security
Data security
Tapan Khilar
 
Snmp network monitoring
Snmp network monitoringSnmp network monitoring
Snmp network monitoring
Tapan Khilar
 
Server operating system
Server operating systemServer operating system
Server operating system
Tapan Khilar
 
Operating systems
Operating systemsOperating systems
Operating systems
Tapan Khilar
 
Network switch
Network switchNetwork switch
Network switch
Tapan Khilar
 
Network devices
Network devicesNetwork devices
Network devices
Tapan Khilar
 
Memory and storage
Memory and storageMemory and storage
Memory and storage
Tapan Khilar
 
Ip addressing
Ip addressingIp addressing
Ip addressing
Tapan Khilar
 
Internet security
Internet securityInternet security
Internet security
Tapan Khilar
 
Input and output device
Input and output deviceInput and output device
Input and output device
Tapan Khilar
 
I series processor
I series processorI series processor
I series processor
Tapan Khilar
 
Computer networking
Computer networkingComputer networking
Computer networking
Tapan Khilar
 
Assemble your pc
Assemble your pcAssemble your pc
Assemble your pc
Tapan Khilar
 

More from Tapan Khilar (20)

CYBER SECURITY AWARENESS.pptx
CYBER SECURITY AWARENESS.pptxCYBER SECURITY AWARENESS.pptx
CYBER SECURITY AWARENESS.pptx
 
SNMP_ network monitoring.pptx
SNMP_ network monitoring.pptxSNMP_ network monitoring.pptx
SNMP_ network monitoring.pptx
 
cctv setup (2).pptx
cctv setup (2).pptxcctv setup (2).pptx
cctv setup (2).pptx
 
FIBER OPTICS .ppt
FIBER OPTICS .pptFIBER OPTICS .ppt
FIBER OPTICS .ppt
 
IDS VS IPS.pptx
IDS VS IPS.pptxIDS VS IPS.pptx
IDS VS IPS.pptx
 
IT ACT 2000 _ AA 2008_TAPAN.pptx
IT ACT 2000 _ AA 2008_TAPAN.pptxIT ACT 2000 _ AA 2008_TAPAN.pptx
IT ACT 2000 _ AA 2008_TAPAN.pptx
 
Acl cisco
Acl ciscoAcl cisco
Acl cisco
 
Data security
Data securityData security
Data security
 
Snmp network monitoring
Snmp network monitoringSnmp network monitoring
Snmp network monitoring
 
Server operating system
Server operating systemServer operating system
Server operating system
 
Operating systems
Operating systemsOperating systems
Operating systems
 
Network switch
Network switchNetwork switch
Network switch
 
Network devices
Network devicesNetwork devices
Network devices
 
Memory and storage
Memory and storageMemory and storage
Memory and storage
 
Ip addressing
Ip addressingIp addressing
Ip addressing
 
Internet security
Internet securityInternet security
Internet security
 
Input and output device
Input and output deviceInput and output device
Input and output device
 
I series processor
I series processorI series processor
I series processor
 
Computer networking
Computer networkingComputer networking
Computer networking
 
Assemble your pc
Assemble your pcAssemble your pc
Assemble your pc
 

Recently uploaded

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 

cyber security.pptx

  • 2.  Introduction  Elements of cyber security  Types of cyber attack  Safety tips
  • 3. Introduction  Cyber security or information technology security are the techniques of protecting computers,networks, programs and data from unauthorized access or attack.  Network security includes activities to protect the usability, reliability, integrity and safety of the network.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8. Elements of cyber security  Mobile security  End-user education  Application security  Network security  Information security
  • 9.
  • 10. Mobile security The term mobile security is a broad one that covers everything from protecting mobile devices from malware threats to reducing risks and securing mobile devices and their data in the case of theft, unauthorized access or accidental loss of the mobile device.
  • 11. End-User Education  In information technology the term end user is used to distinguish the person for whom a hardware or software product is designed.  Our end-users are the first line of defense against cyber security attacks (like phishing scams).
  • 12. Application security  Application security describes security measures at the application level that aim to prevent data or code within the app from being stolen or hijacked.  Application security may include hardware, software, and procedures that identify or minimize security vulnerabilities.
  • 13. Network security  Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.  Network security is involved in organizations, enterprises, and other types of institutions.
  • 14. Information security  Information systems security does not just deal with computer information, but also protecting data and information in all of its forms, such as telephone conversations.  COMPUSEC + COMSEC + TEMPEST = INFOSEC Where COMPUSEC is computer systems security, COMSEC is communications security, and TEMPEST is compromising emanations.
  • 15. Types of cyber attack  Malware  Ransom ware  Mobile Security Threats  Social engineering  Fishing  Man-in-the-middle attack.
  • 16. Malware A malware attack is a type of cyber attack in which malware or malicious software performs activities on the victim's computer system, usually without his/her knowledge. Nowadays, people use words like malware, spyware, and ransom ware a lot more than the word "virus." ... Computer viruses operate via similar means.
  • 17. Ransomware Ransomware: a type of malware that involves an attacker locking the victim's computer system files typically through encryption and demanding a payment to decrypt and unlock them.
  • 18.
  • 19. Mobile Security Threats  Data Leakage  Network Spoofing(Unsecured Wi-Fi)  Social engineering  Spyware  Improper Session Handling  Malicious Apps
  • 20.
  • 21.
  • 22. Security Measures You Can Take  Install Some Security App on Your Device.  Create Strong Passwords and unlock patterns  Keep Software Up-to-Date.  Understand app permissions before accepting them.  Check Bank Statements and Mobile Charges.  Wipe data on your old phone before you donate, resell or recycle it.  Report stolen phones.  Watch out for pirated apps.
  • 23. Social engineering  Social engineering is the practice of obtaining confidential information by manipulation of legitimate users.  A social engineer will commonly use the telephone or Internet to trick a person into revealing sensitive information or getting them to do something that is against typical policies.
  • 24. Thereare two types of Social Engineeringattacks  Technical attacks  Non-technical attacks. “Technical attacks are those attacks that deceive the user into believing that the application in use is truly providing them with security which is not the factalways.” Example:- Phishing Common bait Vishing Spam mail Popup Window Interesting Software
  • 25. Phishing Phishing is the process of crafting emails that appear to be from a trusted source and typically invite the recipient to either supply confidential information or click on amalicious link or attachment.
  • 27. TipsFor Identifying Phishing Attempts – Theemail asksyou to update account information – There are unfamiliar layouts/designs with no verificationimages – Theemail provides unfamiliar hyperlinks
  • 29.
  • 30.
  • 31. Common Bait • “Sweet Deals” – Free Stuff – Limited Time Offers – PackageDelivery • Help Me, Help You! – T echSupport
  • 32.
  • 33.
  • 34. Vishing It is the practice of leveraging Voice over Internet Protocol (VoIP) technology to trick private personal and financial information from the public for the purpose of financial reward. This term is a combination of "voice" and phishing. Vishing exploits the public's trust in telephone services.  Spam Mails E-mails that offer friendships, diversion, gifts and various free pictures and information take advantage of the anonymity and camaraderie of the Internet to plant malicious code.  Popup Window The attacker's rogue program generates a pop up window, saying that the application connectivity was dropped due to network problems, and now the user needs to reenter his id and password to continue with his session.  Interesting Software In this case the victim is convinced to download and install a very useful program or application which might be 'window dressed' .
  • 35.
  • 36.
  • 37. The non- technicalattacks Non-technical approach are perpetrated purely through deception; i.e. by taking advantage of the victim's human behavior weaknesses.  Pretexting / Impersonation  Dumpster Diving  Spying and Eavesdropping  Acting as a Technical Expert  Support Staff
  • 38.  Pretexting / Impersonation: This is the act of creating and using an invented scenario (the pretext) to persuade a target to release information. It's more than a simple lie as it most often involves some prior research or set up and makes use of pieces of known information (e.g. date of birth, mother's maiden name, billing address etc.) to establish legitimacy in the mind.  Dumpster Diving: If the junk mail contains personal identification information, a 'dumpster diver' can use it in carrying out an identity theft. A hacker can retrieve confidential Information from the hard disk of a computer as there are numerous ways to retrieve information from disks, even if the user thinks the data has been 'deleted' from the disk.
  • 39.  Spying and Eavesdropping: A clever spy can determine the id and password by observing a user typing it in (Shoulder Surfing). All that needs to be done is to be there behind the user and be able to see his fingers on the keyboard.  Acting as a Technical Expert: This is the case where an intruder pretends to be a support technician working on a network problem requests the user to let him access the workstation and 'fix' the problem.  Support Staff: Here a hacker may pose as a member of a facility support staff and do the trick. A man dressed like the cleaning crew, walks into the work area, carrying cleaning equipment. In the process of appearing to clean your desk area, he can snoop around and get valuable information - such as passwords, or a confidential file that you have forgotten to lock up.
  • 40. Man-in-the-middle attack Man-in-the-middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.
  • 41.  Use antivirus software.  Insert firewalls  Uninstall unnecessary software  Eight characters is not enough. Practice good password management.  Lock it up. Never leave your devices unattended. ...  Practice safe clicking.  Share less sensitive information.  Important software like browser, payment wallet apps should be updated regularly  Avoid opening links of lotteries, prizes, gifts, discounts  Never give your full name or address to strangers
  • 42. Continued..  Cut Out The “Middle Man”.  Stay On Top Of Your Accounts.  Back It Up. ...  Beware Of Browsing.  While using third party computers or mobiles for browsing use the private/incognito mode  While using third party computers, use an on-screen keyboard while entering important details  While logging in to any site, check the URL (the one in the address bar), it should be exactly the same as the site you want to log in to .

Editor's Notes

  1. Build your cybersecurity strategy around educating your end-users. Implement a cybersecurity policy and procedure document. Have cybersecurity tools in place to help prevent the potential for compromise.