SlideShare a Scribd company logo

cybersecurity-180303131014.pdf

Y
yashgupta810747

Cybersecurity is important to protect online information and systems from cyber threats. It encompasses physical, technical, and environmental security as well as regulations and third parties. As technology and internet usage increases, cyber threats are also rising. Cybersecurity objectives include confidentiality, integrity, and availability to ensure authorized access and authenticity of information and systems. Common cyber threats include viruses, hackers, malware, trojans, and password cracking. Government agencies work to secure cyberspace from these threats and secure critical infrastructure.

Engineering
1 of 48
Download to read offline
Cyber security Presentation On
What is Cybersecurity? ♦ The term cyber security is used to refer to the security offered through on-line services to protect your online information. ♦ Cyber Security and Information Security differs only in its response and Reduction/Prevention. ♦ Cyber security encompasses all aspects of security viz., Physical, Technical, Environmental, Regulations and Compliance including Third Parties involved in delivering an objective ♦ With an increasing amount of people getting connected to Internet, the security threats that cause massive harm are increasing also
Why Cybersecurity Is Important ? • Our world today is ruled by technology and we can’t do without it at all. From booking our flight tickets, to catching up with an old friend, technology plays an important role in it. • However, the same technology may expose you when it’s vulnerable and could lead to loss of essential data. Cyber security, alongside physical commercial security has thus, slowly and steadily, become one of the most important topics in the business industry to be talked about. • Cyber security is necessary since it helps in securing data from threats such as data theft or misuse, also safeguards your system from viruses.
Why Cybersecurity is Important? ♦ Cyber security becomes important as Business are being carried now on Network of Networks. Computer networks have always been the target of criminals, and it is likely that the danger of cyber security breaches will only increase in the future as these networks expand, but there are sensible precautions that organizations can take to minimize losses from those who seek to do harm.
Cyber Security Objectives
Confidentiality ♦ the property that information is not made available or disclosed to unauthorized individuals, entities, or processes
Confidentiality ♦ Confidentiality refers to protecting information from being accessed by unauthorized parties. In other words, only the people who are authorized to do so can gain access to sensitive data. ♦ A failure to maintain confidentiality means that someone who shouldn't have access has managed to get it, through intentional behavior or by accident. Such a failure of confidentiality, commonly known as a breach
Integrity the property of safeguarding the accuracy and completeness of assets
Integrity ♦ Integrity refers to ensuring the authenticity of information—that information is not altered, and that the source of the information is genuine. ♦ Imagine that you have a website and you sell products on that site. Now imagine that an attacker can shop on your web site and maliciously alter the prices of your products, so that they can buy anything for whatever price they choose. That would be a failure of integrity, because your information—in this case, the price of a product—has been altered and you didn't authorize this alteration
Availability ♦ The property of being accessible and usable upon demand by an authorized entity
Availability ♦ Availability means that information is accessible by authorized users. ♦ Information and other critical assets are accessible to customers and the business when needed. Note, information is unavailable not only when it is lost or destroyed, but also when access to the information is denied or delayed
Cyberspace as a Battleground? Each day, there is an increase in the number of threats against our nation's critical infrastructures. These threats come in the form of computer intrusion (hacking), denial of service attacks, and virus deployment. In India DEITY-Dept., of Electronics & Information Technology operating under MCIT-Ministry of Communication & Information Technology is responsible for Cyberspace security other than delivering Govt., services online and promoting the IT Sector. The National Information Board (NIB) a policy making body for cyber security operates independently and is chaired by National Security Advisor (NSA) CERT-In performs emergency cyber security functions and releases annual reports on security incidents
Cyber attack ♦ A malicious attempt, using digital technologies, to cause personal or property loss or damage, and/or steal or alter confidential personal or organizational data
Major security problems ♦ Virus ♦ Hacker ♦ Malware ♦ Trojan horses ♦ Password cracking
Viruses and worms ♦ Virus – malware attached to a carrier such as an email message or a word processing document ♦ A Virus is a “program that is loaded onto your computer without your knowledge and runs against your wishes ♦ Worm – malware can autonomously spread itself without a carrier, using information about connected computers
Solution ♦ Install a security suite that protects the computer against threats such as viruses and worms.
Hackers ♦ In common a hacker is a person who breaks into computers, usually by gaining access to administrative controls.
Types of Hackers ♦ White Hat Hacker ♦ Grey Hat Hacker ♦ Black Hat Hacker
Whit Hat Hackers ♦ The term "white hat" in Internet slang refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems.
Grey Hat Hackers ♦ The term "grey hat", "greyhat" or "gray hat" refers to a computer hacker or computer security expert who may sometimes violate laws or typical ethical standards, but does not have the malicious intent typical of a black hat hacker.
Black Hat Hackers ♦ A black hat hacker (or black-hat hacker) is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain".
How To prevent hacking ♦ It may be impossible to prevent computer hacking, however effective security controls including strong passwords, and the use of firewalls can helps.
Malware ♦ The word "malware" comes from the term "MALicious softWARE." ♦ Software that has some malicious intent and which is installed on a user’s computer without that user’s consent. ♦ Key loggers – Software installed on a computer that captures key strokes and sends these to a remote system. Used to try and get personal information to gain access to sites such as banks
Malware Cont. ♦ Ransomware– Software that runs on a user’s computer and demands that the user pays some other organization. If they don’t, the information on their computer will be destroyed. ♦ Malware can usually spread itself from one computer to another either as a virus or as a worm
To Stop Malware ♦ Download an anti-malware program that also helps prevent infections. ♦ Do not download from unknown sources ♦ Activate Network Threat Protection, Firewall, Antivirus.
Trojan Horses ♦ Trojan horses are email viruses that can duplicate themselves, steal information, or harm the computer system. ♦ These viruses are the most serious threats to computers
How to Avoid Trojans ♦ Security suites, such as Avast Internet Security, will prevent you from downloading Trojan Horses. ♦ Do not click unknown links.
Password Cracking ♦ Password attacks are attacks by hackers that are able to determine passwords or find passwords to different protected electronic areas and social network sites.
Securing Password ♦ Use always Strong password. Never use same password for two different sites.
Insider attacks ♦ Attacks to an organization carried out by someone who is inside that organization either by himself or with connivance of an outsider. ♦ • Difficult to counter using technical methods as the insider may have valid credentials to access the system
External attacks ♦ Attacks to an organisation carried out by an external agent ♦ Requires either valid credentials or the exploitation of some vulnerability to gain access to the systems
Malicious and accidental damage ♦ Cybersecurity is most concerned with – Cyber attacks ♦ Cyber-accidents – Accidental events that can cause loss or damage to to an individual, business or public body. ♦ Many of the same technologies used to protect against external attack also protect against cyber-accidents. ♦ However, sometimes protecting against cyber attacks increases the probability of cyber-accidents.
Analysis of Information Security Threats • WHO – 98% from external agents – 4% from implicated internal employees – < 1% by Business Partners & – 58% of all data thefts linked to activist groups • WHO – 98% from external agents – 4% from implicated internal employees – < 1% by Business Partners & – 58% of all data thefts linked to activist groups
Latest Trends – Information Security Threats Hacktivism - Hack + Activism = Hacktivism - the use of legal and/or illegal digital tools in pursuit of a political / personal objective - Tools and Attacks are used for - Web-site defacements - Redirects - Denial Of Service Attacks - Identity Theft - E-mail Bombing - Web-Site Mirroring - Doxing – To gather information using sourced on the internet
Web Site Defacement ♦ Web Site Defacements – Hacking and altering the website of a company’s website.
Identity Fraud / Identity Theft ♦ Stealing someone's identity in which someone pretends to be someone else by assuming that person's identity
Doxing ♦ Process of Gathering and releasing Personally Identifiable information
Denial Of Service Attack • Attempt to make a machine or network resource unavailable to its intended users • typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers.
Key Techniques Used ♦ Phishing - attempt to acquire sensitive information, like bank account information or an account password, by posing as a legitimate entity in an electronic communication  You get an email that looks like it comes from your bank, credit card company, etc.  Asking you to “update their records” may be due to potential fraud, other reasons  Provides a hyperlink to a web page where you enter your personal information  The link takes you to a thief’s website that is disguised to look like the company’s.
Key Technique Used • Step 1 - Preparation – Setup fake website • Step 2 - Luring the users – Send Email with fake link • Step 3 - Steal the details – User gives away id/password • Step 4 - Use the details – Commit fraud Real Web Site Real Web Site Phisher Phisher Victim Victim Phishing email User’s response (id/password) Use of stolen (id/password) information Phishing How-to
Most common security mistakes • Poor password management • Not locking the computer while unattended • Opening email attachments from unknown addressees • Not running anti-virus programs • Sharing information (and machines) • Not reporting security violations • Unattended Paper Documents • Unprotected Electronic Data (while at rest and in motion).E.g: Emails, USB’s, CD’s, etc.. • Improper Information Handling • Passing of information over Phone.
Information Security Responsibilities • Engage Information Security teams to support the line of business, enabling secure solutions for new processes and technology • Work with Information Security teams RISO, RISI to drive line of business-specific information security metrics reporting • Support Regional Information Security teams in mitigating security risks from Internal Audit report findings • Follow business continuity plans given by bank, in case of any disaster/ emergency. • Report Security Violations and security incidents • Adhere to Bank’s Information Security Policy and guidelines • Maintain and update Asset register of your office/dept • Extend support to RISO during Risk Assessment and Business Impact Analysis of your office/dept
• Implement and act in accordance with the organization’s information security policies and procedures • Protect assets from unauthorized access, disclosure, modification, destruction, or interference • Execute defined security processes or activities • Report security events, potential events, or other security risks by following approved processes • Do not use systems or access information without authorization • Adheres to controls put in place to protect assets
Standards & Regulations  ISO 27001 (Information Security Management System)  ISO 22301 (Business Continuity Management System)  PCI- DSS (Payment Card Industry - Data Security Standard)  IT Act 2000 & ITAA 2008 (Information Technology Act, India)  RBI Guidelines (Reserve Bank of India)
Cyber Security Is Everyone’s Responsibility Robert Statica – Cybersecurity
India stands 10th in the cyber crime in the world
Conclusion ♦ I hope that my presentation will be helpful for my audience to improve their knowledge about cyber security and to overcome several security loopholes on their computer operation. Also it helps to spread awareness among normal people about emerging security threats. Simple and practical prevention methods are explained in the Seminar to protect the information assets.
cybersecurity-180303131014.pdf

Recommended

Introduction of ethical hacking.........
Introduction of ethical hacking.........Introduction of ethical hacking.........
Introduction of ethical hacking.........
AalyanAbid
 
Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdf
srtwgwfwwgw
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docx
TanushreeChakraborty27
 
Cyber Security Company.docx
Cyber Security Company.docxCyber Security Company.docx
Cyber Security Company.docx
ArindamGhosal6
 
CYBER SECURITY
CYBER SECURITY CYBER SECURITY
CYBER SECURITY
Ashish prashar
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
JoselitoJMebolos
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
tunzida045
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
tunzida045
 

Recommended

Introduction of ethical hacking.........
Introduction of ethical hacking.........Introduction of ethical hacking.........
Introduction of ethical hacking.........
AalyanAbid
 
Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdf
srtwgwfwwgw
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docx
TanushreeChakraborty27
 
Cyber Security Company.docx
Cyber Security Company.docxCyber Security Company.docx
Cyber Security Company.docx
ArindamGhosal6
 
CYBER SECURITY
CYBER SECURITY CYBER SECURITY
CYBER SECURITY
Ashish prashar
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
JoselitoJMebolos
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
tunzida045
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
tunzida045
 
Introduction to Cyber Security-- L01.pptx
Introduction to Cyber Security-- L01.pptxIntroduction to Cyber Security-- L01.pptx
Introduction to Cyber Security-- L01.pptx
somi12
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Chetanmalviya8
 
SAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdfSAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdf
ssusera0b94b
 
Security issue in e commerce
Security issue in e commerceSecurity issue in e commerce
Security issue in e commerce
Bosco Technical Training Society, Don Bosco Technical School (Aff. GGSIP University, New Delhi)
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
Sweta Kumari Barnwal
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
SonakshiMundra
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
jondon17
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
Sweta Kumari Barnwal
 
CYBERSECURITY | Why it is important?
CYBERSECURITY | Why it is important?CYBERSECURITY | Why it is important?
CYBERSECURITY | Why it is important?
RONIKMEHRA
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
56ushodayareddy
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
MBRoman1
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
Roshni814224
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity Training
WindstoneHealth
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
ANIKETKUMARSHARMA3
 
Information &amp; cyber security, Winter training ,bsnl. online
Information &amp; cyber security, Winter training ,bsnl. onlineInformation &amp; cyber security, Winter training ,bsnl. online
Information &amp; cyber security, Winter training ,bsnl. online
SumanPramanik7
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
SumanPramanik7
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdf
AnupmaMunshi
 
Cyber Crime And Cyber Safety Project.pptx
Cyber Crime And Cyber Safety Project.pptxCyber Crime And Cyber Safety Project.pptx
Cyber Crime And Cyber Safety Project.pptx
RavinderSingh172970
 
Cybersecurity : Tips and Tools to Properly Protect Your Digital Assets
Cybersecurity : Tips and Tools to Properly Protect Your Digital AssetsCybersecurity : Tips and Tools to Properly Protect Your Digital Assets
Cybersecurity : Tips and Tools to Properly Protect Your Digital Assets
Samuel862293
 
basic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdfbasic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdf
NidhalKahouli2
 
2. Operations Strategy in a Global Environment.ppt
2. Operations Strategy in a Global Environment.ppt2. Operations Strategy in a Global Environment.ppt
2. Operations Strategy in a Global Environment.ppt
PuktoonEngr
 

More Related Content

Similar to cybersecurity-180303131014.pdf

Introduction to Cyber Security-- L01.pptx
Introduction to Cyber Security-- L01.pptxIntroduction to Cyber Security-- L01.pptx
Introduction to Cyber Security-- L01.pptx
somi12
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Chetanmalviya8
 
SAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdfSAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdf
ssusera0b94b
 
Security issue in e commerce
Security issue in e commerceSecurity issue in e commerce
Security issue in e commerce
Bosco Technical Training Society, Don Bosco Technical School (Aff. GGSIP University, New Delhi)
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
Sweta Kumari Barnwal
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
SonakshiMundra
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
jondon17
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
Sweta Kumari Barnwal
 
CYBERSECURITY | Why it is important?
CYBERSECURITY | Why it is important?CYBERSECURITY | Why it is important?
CYBERSECURITY | Why it is important?
RONIKMEHRA
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
56ushodayareddy
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
MBRoman1
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
Roshni814224
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity Training
WindstoneHealth
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
ANIKETKUMARSHARMA3
 
Information &amp; cyber security, Winter training ,bsnl. online
Information &amp; cyber security, Winter training ,bsnl. onlineInformation &amp; cyber security, Winter training ,bsnl. online
Information &amp; cyber security, Winter training ,bsnl. online
SumanPramanik7
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
SumanPramanik7
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdf
AnupmaMunshi
 
Cyber Crime And Cyber Safety Project.pptx
Cyber Crime And Cyber Safety Project.pptxCyber Crime And Cyber Safety Project.pptx
Cyber Crime And Cyber Safety Project.pptx
RavinderSingh172970
 
Cybersecurity : Tips and Tools to Properly Protect Your Digital Assets
Cybersecurity : Tips and Tools to Properly Protect Your Digital AssetsCybersecurity : Tips and Tools to Properly Protect Your Digital Assets
Cybersecurity : Tips and Tools to Properly Protect Your Digital Assets
Samuel862293
 

Similar to cybersecurity-180303131014.pdf (20)

Introduction to Cyber Security-- L01.pptx
Introduction to Cyber Security-- L01.pptxIntroduction to Cyber Security-- L01.pptx
Introduction to Cyber Security-- L01.pptx
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
SAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdfSAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdf
 
Security issue in e commerce
Security issue in e commerceSecurity issue in e commerce
Security issue in e commerce
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 
CYBERSECURITY | Why it is important?
CYBERSECURITY | Why it is important?CYBERSECURITY | Why it is important?
CYBERSECURITY | Why it is important?
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity Training
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Information &amp; cyber security, Winter training ,bsnl. online
Information &amp; cyber security, Winter training ,bsnl. onlineInformation &amp; cyber security, Winter training ,bsnl. online
Information &amp; cyber security, Winter training ,bsnl. online
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdf
 
Cyber Crime And Cyber Safety Project.pptx
Cyber Crime And Cyber Safety Project.pptxCyber Crime And Cyber Safety Project.pptx
Cyber Crime And Cyber Safety Project.pptx
 
Cybersecurity : Tips and Tools to Properly Protect Your Digital Assets
Cybersecurity : Tips and Tools to Properly Protect Your Digital AssetsCybersecurity : Tips and Tools to Properly Protect Your Digital Assets
Cybersecurity : Tips and Tools to Properly Protect Your Digital Assets
 

Recently uploaded

basic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdfbasic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdf
NidhalKahouli2
 
2. Operations Strategy in a Global Environment.ppt
2. Operations Strategy in a Global Environment.ppt2. Operations Strategy in a Global Environment.ppt
2. Operations Strategy in a Global Environment.ppt
PuktoonEngr
 
Recycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part IIIRecycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part III
Aditya Rajan Patra
 
132/33KV substation case study Presentation
132/33KV substation case study Presentation132/33KV substation case study Presentation
132/33KV substation case study Presentation
kandramariana6
 
International Conference on NLP, Artificial Intelligence, Machine Learning an...
International Conference on NLP, Artificial Intelligence, Machine Learning an...International Conference on NLP, Artificial Intelligence, Machine Learning an...
International Conference on NLP, Artificial Intelligence, Machine Learning an...
gerogepatton
 
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
awadeshbabu
 
sieving analysis and results interpretation
sieving analysis and results interpretationsieving analysis and results interpretation
sieving analysis and results interpretation
ssuser36d3051
 
Manufacturing Process of molasses based distillery ppt.pptx
Manufacturing Process of molasses based distillery ppt.pptxManufacturing Process of molasses based distillery ppt.pptx
Manufacturing Process of molasses based distillery ppt.pptx
Madan Karki
 
ML Based Model for NIDS MSc Updated Presentation.v2.pptx
ML Based Model for NIDS MSc Updated Presentation.v2.pptxML Based Model for NIDS MSc Updated Presentation.v2.pptx
ML Based Model for NIDS MSc Updated Presentation.v2.pptx
JamalHussainArman
 
Question paper of renewable energy sources
Question paper of renewable energy sourcesQuestion paper of renewable energy sources
Question paper of renewable energy sources
mahammadsalmanmech
 
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELDEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
gerogepatton
 
Heat Resistant Concrete Presentation ppt
Heat Resistant Concrete Presentation pptHeat Resistant Concrete Presentation ppt
Heat Resistant Concrete Presentation ppt
mamunhossenbd75
 
Low power architecture of logic gates using adiabatic techniques
Low power architecture of logic gates using adiabatic techniquesLow power architecture of logic gates using adiabatic techniques
Low power architecture of logic gates using adiabatic techniques
nooriasukmaningtyas
 
ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...
ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...
ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...
Mukeshwaran Balu
 
bank management system in java and mysql report1.pdf
bank management system in java and mysql report1.pdfbank management system in java and mysql report1.pdf
bank management system in java and mysql report1.pdf
Divyam548318
 
6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)
ClaraZara1
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
gestioneergodomus
 
Understanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine LearningUnderstanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine Learning
SUTEJAS
 
Technical Drawings introduction to drawing of prisms
Technical Drawings introduction to drawing of prismsTechnical Drawings introduction to drawing of prisms
Technical Drawings introduction to drawing of prisms
heavyhaig
 
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTCHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
jpsjournal1
 

Recently uploaded (20)

basic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdfbasic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdf
 
2. Operations Strategy in a Global Environment.ppt
2. Operations Strategy in a Global Environment.ppt2. Operations Strategy in a Global Environment.ppt
2. Operations Strategy in a Global Environment.ppt
 
Recycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part IIIRecycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part III
 
132/33KV substation case study Presentation
132/33KV substation case study Presentation132/33KV substation case study Presentation
132/33KV substation case study Presentation
 
International Conference on NLP, Artificial Intelligence, Machine Learning an...
International Conference on NLP, Artificial Intelligence, Machine Learning an...International Conference on NLP, Artificial Intelligence, Machine Learning an...
International Conference on NLP, Artificial Intelligence, Machine Learning an...
 
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
 
sieving analysis and results interpretation
sieving analysis and results interpretationsieving analysis and results interpretation
sieving analysis and results interpretation
 
Manufacturing Process of molasses based distillery ppt.pptx
Manufacturing Process of molasses based distillery ppt.pptxManufacturing Process of molasses based distillery ppt.pptx
Manufacturing Process of molasses based distillery ppt.pptx
 
ML Based Model for NIDS MSc Updated Presentation.v2.pptx
ML Based Model for NIDS MSc Updated Presentation.v2.pptxML Based Model for NIDS MSc Updated Presentation.v2.pptx
ML Based Model for NIDS MSc Updated Presentation.v2.pptx
 
Question paper of renewable energy sources
Question paper of renewable energy sourcesQuestion paper of renewable energy sources
Question paper of renewable energy sources
 
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELDEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
 
Heat Resistant Concrete Presentation ppt
Heat Resistant Concrete Presentation pptHeat Resistant Concrete Presentation ppt
Heat Resistant Concrete Presentation ppt
 
Low power architecture of logic gates using adiabatic techniques
Low power architecture of logic gates using adiabatic techniquesLow power architecture of logic gates using adiabatic techniques
Low power architecture of logic gates using adiabatic techniques
 
ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...
ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...
ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...
 
bank management system in java and mysql report1.pdf
bank management system in java and mysql report1.pdfbank management system in java and mysql report1.pdf
bank management system in java and mysql report1.pdf
 
6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
 
Understanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine LearningUnderstanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine Learning
 
Technical Drawings introduction to drawing of prisms
Technical Drawings introduction to drawing of prismsTechnical Drawings introduction to drawing of prisms
Technical Drawings introduction to drawing of prisms
 
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTCHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
 

cybersecurity-180303131014.pdf

  • 2. What is Cybersecurity? ♦ The term cyber security is used to refer to the security offered through on-line services to protect your online information. ♦ Cyber Security and Information Security differs only in its response and Reduction/Prevention. ♦ Cyber security encompasses all aspects of security viz., Physical, Technical, Environmental, Regulations and Compliance including Third Parties involved in delivering an objective ♦ With an increasing amount of people getting connected to Internet, the security threats that cause massive harm are increasing also
  • 3. Why Cybersecurity Is Important ? • Our world today is ruled by technology and we can’t do without it at all. From booking our flight tickets, to catching up with an old friend, technology plays an important role in it. • However, the same technology may expose you when it’s vulnerable and could lead to loss of essential data. Cyber security, alongside physical commercial security has thus, slowly and steadily, become one of the most important topics in the business industry to be talked about. • Cyber security is necessary since it helps in securing data from threats such as data theft or misuse, also safeguards your system from viruses.
  • 4. Why Cybersecurity is Important? ♦ Cyber security becomes important as Business are being carried now on Network of Networks. Computer networks have always been the target of criminals, and it is likely that the danger of cyber security breaches will only increase in the future as these networks expand, but there are sensible precautions that organizations can take to minimize losses from those who seek to do harm.
  • 6. Confidentiality ♦ the property that information is not made available or disclosed to unauthorized individuals, entities, or processes
  • 7. Confidentiality ♦ Confidentiality refers to protecting information from being accessed by unauthorized parties. In other words, only the people who are authorized to do so can gain access to sensitive data. ♦ A failure to maintain confidentiality means that someone who shouldn't have access has managed to get it, through intentional behavior or by accident. Such a failure of confidentiality, commonly known as a breach
  • 8. Integrity the property of safeguarding the accuracy and completeness of assets
  • 9. Integrity ♦ Integrity refers to ensuring the authenticity of information—that information is not altered, and that the source of the information is genuine. ♦ Imagine that you have a website and you sell products on that site. Now imagine that an attacker can shop on your web site and maliciously alter the prices of your products, so that they can buy anything for whatever price they choose. That would be a failure of integrity, because your information—in this case, the price of a product—has been altered and you didn't authorize this alteration
  • 10. Availability ♦ The property of being accessible and usable upon demand by an authorized entity
  • 11. Availability ♦ Availability means that information is accessible by authorized users. ♦ Information and other critical assets are accessible to customers and the business when needed. Note, information is unavailable not only when it is lost or destroyed, but also when access to the information is denied or delayed
  • 12. Cyberspace as a Battleground? Each day, there is an increase in the number of threats against our nation's critical infrastructures. These threats come in the form of computer intrusion (hacking), denial of service attacks, and virus deployment. In India DEITY-Dept., of Electronics & Information Technology operating under MCIT-Ministry of Communication & Information Technology is responsible for Cyberspace security other than delivering Govt., services online and promoting the IT Sector. The National Information Board (NIB) a policy making body for cyber security operates independently and is chaired by National Security Advisor (NSA) CERT-In performs emergency cyber security functions and releases annual reports on security incidents
  • 13. Cyber attack ♦ A malicious attempt, using digital technologies, to cause personal or property loss or damage, and/or steal or alter confidential personal or organizational data
  • 14. Major security problems ♦ Virus ♦ Hacker ♦ Malware ♦ Trojan horses ♦ Password cracking
  • 15. Viruses and worms ♦ Virus – malware attached to a carrier such as an email message or a word processing document ♦ A Virus is a “program that is loaded onto your computer without your knowledge and runs against your wishes ♦ Worm – malware can autonomously spread itself without a carrier, using information about connected computers
  • 16. Solution ♦ Install a security suite that protects the computer against threats such as viruses and worms.
  • 17. Hackers ♦ In common a hacker is a person who breaks into computers, usually by gaining access to administrative controls.
  • 18. Types of Hackers ♦ White Hat Hacker ♦ Grey Hat Hacker ♦ Black Hat Hacker
  • 19. Whit Hat Hackers ♦ The term "white hat" in Internet slang refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems.
  • 20. Grey Hat Hackers ♦ The term "grey hat", "greyhat" or "gray hat" refers to a computer hacker or computer security expert who may sometimes violate laws or typical ethical standards, but does not have the malicious intent typical of a black hat hacker.
  • 21. Black Hat Hackers ♦ A black hat hacker (or black-hat hacker) is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain".
  • 22. How To prevent hacking ♦ It may be impossible to prevent computer hacking, however effective security controls including strong passwords, and the use of firewalls can helps.
  • 23. Malware ♦ The word "malware" comes from the term "MALicious softWARE." ♦ Software that has some malicious intent and which is installed on a user’s computer without that user’s consent. ♦ Key loggers – Software installed on a computer that captures key strokes and sends these to a remote system. Used to try and get personal information to gain access to sites such as banks
  • 24. Malware Cont. ♦ Ransomware– Software that runs on a user’s computer and demands that the user pays some other organization. If they don’t, the information on their computer will be destroyed. ♦ Malware can usually spread itself from one computer to another either as a virus or as a worm
  • 25. To Stop Malware ♦ Download an anti-malware program that also helps prevent infections. ♦ Do not download from unknown sources ♦ Activate Network Threat Protection, Firewall, Antivirus.
  • 26. Trojan Horses ♦ Trojan horses are email viruses that can duplicate themselves, steal information, or harm the computer system. ♦ These viruses are the most serious threats to computers
  • 27. How to Avoid Trojans ♦ Security suites, such as Avast Internet Security, will prevent you from downloading Trojan Horses. ♦ Do not click unknown links.
  • 28. Password Cracking ♦ Password attacks are attacks by hackers that are able to determine passwords or find passwords to different protected electronic areas and social network sites.
  • 29. Securing Password ♦ Use always Strong password. Never use same password for two different sites.
  • 30. Insider attacks ♦ Attacks to an organization carried out by someone who is inside that organization either by himself or with connivance of an outsider. ♦ • Difficult to counter using technical methods as the insider may have valid credentials to access the system
  • 31. External attacks ♦ Attacks to an organisation carried out by an external agent ♦ Requires either valid credentials or the exploitation of some vulnerability to gain access to the systems
  • 32. Malicious and accidental damage ♦ Cybersecurity is most concerned with – Cyber attacks ♦ Cyber-accidents – Accidental events that can cause loss or damage to to an individual, business or public body. ♦ Many of the same technologies used to protect against external attack also protect against cyber-accidents. ♦ However, sometimes protecting against cyber attacks increases the probability of cyber-accidents.
  • 33. Analysis of Information Security Threats • WHO – 98% from external agents – 4% from implicated internal employees – < 1% by Business Partners & – 58% of all data thefts linked to activist groups • WHO – 98% from external agents – 4% from implicated internal employees – < 1% by Business Partners & – 58% of all data thefts linked to activist groups
  • 34. Latest Trends – Information Security Threats Hacktivism - Hack + Activism = Hacktivism - the use of legal and/or illegal digital tools in pursuit of a political / personal objective - Tools and Attacks are used for - Web-site defacements - Redirects - Denial Of Service Attacks - Identity Theft - E-mail Bombing - Web-Site Mirroring - Doxing – To gather information using sourced on the internet
  • 35. Web Site Defacement ♦ Web Site Defacements – Hacking and altering the website of a company’s website.
  • 36. Identity Fraud / Identity Theft ♦ Stealing someone's identity in which someone pretends to be someone else by assuming that person's identity
  • 37. Doxing ♦ Process of Gathering and releasing Personally Identifiable information
  • 38. Denial Of Service Attack • Attempt to make a machine or network resource unavailable to its intended users • typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers.
  • 39. Key Techniques Used ♦ Phishing - attempt to acquire sensitive information, like bank account information or an account password, by posing as a legitimate entity in an electronic communication  You get an email that looks like it comes from your bank, credit card company, etc.  Asking you to “update their records” may be due to potential fraud, other reasons  Provides a hyperlink to a web page where you enter your personal information  The link takes you to a thief’s website that is disguised to look like the company’s.
  • 40. Key Technique Used • Step 1 - Preparation – Setup fake website • Step 2 - Luring the users – Send Email with fake link • Step 3 - Steal the details – User gives away id/password • Step 4 - Use the details – Commit fraud Real Web Site Real Web Site Phisher Phisher Victim Victim Phishing email User’s response (id/password) Use of stolen (id/password) information Phishing How-to
  • 41. Most common security mistakes • Poor password management • Not locking the computer while unattended • Opening email attachments from unknown addressees • Not running anti-virus programs • Sharing information (and machines) • Not reporting security violations • Unattended Paper Documents • Unprotected Electronic Data (while at rest and in motion).E.g: Emails, USB’s, CD’s, etc.. • Improper Information Handling • Passing of information over Phone.
  • 42. Information Security Responsibilities • Engage Information Security teams to support the line of business, enabling secure solutions for new processes and technology • Work with Information Security teams RISO, RISI to drive line of business-specific information security metrics reporting • Support Regional Information Security teams in mitigating security risks from Internal Audit report findings • Follow business continuity plans given by bank, in case of any disaster/ emergency. • Report Security Violations and security incidents • Adhere to Bank’s Information Security Policy and guidelines • Maintain and update Asset register of your office/dept • Extend support to RISO during Risk Assessment and Business Impact Analysis of your office/dept
  • 43. • Implement and act in accordance with the organization’s information security policies and procedures • Protect assets from unauthorized access, disclosure, modification, destruction, or interference • Execute defined security processes or activities • Report security events, potential events, or other security risks by following approved processes • Do not use systems or access information without authorization • Adheres to controls put in place to protect assets
  • 44. Standards & Regulations  ISO 27001 (Information Security Management System)  ISO 22301 (Business Continuity Management System)  PCI- DSS (Payment Card Industry - Data Security Standard)  IT Act 2000 & ITAA 2008 (Information Technology Act, India)  RBI Guidelines (Reserve Bank of India)
  • 45. Cyber Security Is Everyone’s Responsibility Robert Statica – Cybersecurity
  • 46. India stands 10th in the cyber crime in the world
  • 47. Conclusion ♦ I hope that my presentation will be helpful for my audience to improve their knowledge about cyber security and to overcome several security loopholes on their computer operation. Also it helps to spread awareness among normal people about emerging security threats. Simple and practical prevention methods are explained in the Seminar to protect the information assets.