This document provides an introduction to cyber security, including definitions and key concepts. It describes cyber security as protecting internet-connected systems from malicious attacks. The document then outlines different types of cyber security such as network security, application security, information security, identity management, cloud security, mobile security, endpoint security, and IoT security. It discusses the importance of cyber security and its goals of ensuring data protection, confidentiality, integrity, and availability. Finally, it defines common cyber security terminology.
ETHICAL HACKING AND SOCIAL ENGINEERING
Topics Covered: Ethical Hacking Concepts and Scopes, Threats and Attack Vectors, Information Assurance, Threat Modelling, Enterprise Information Security Architecture, Vulnerability, Assessment and Penetration Testing, Types of Social Engineering, Insider Attack, Preventing Insider Threats, Social Engineering Targets and Defence Strategies
Ethical Hacking Concepts and Scopes, Threats and Attack Vectors, Information Assurance, Threat Modelling
Enterprise Information Security Architecture, Vulnerability
Assessment and Penetration Testing
Types of Social Engineering, Insider Attack, Preventing Insider
Threats, Social Engineering Targets and Defence Strategies
Forklift Classes Overview by Intella PartsIntella Parts
Discover the different forklift classes and their specific applications. Learn how to choose the right forklift for your needs to ensure safety, efficiency, and compliance in your operations.
For more technical information, visit our website https://intellaparts.com
ETHICAL HACKING AND SOCIAL ENGINEERING
Topics Covered: Ethical Hacking Concepts and Scopes, Threats and Attack Vectors, Information Assurance, Threat Modelling, Enterprise Information Security Architecture, Vulnerability, Assessment and Penetration Testing, Types of Social Engineering, Insider Attack, Preventing Insider Threats, Social Engineering Targets and Defence Strategies
Ethical Hacking Concepts and Scopes, Threats and Attack Vectors, Information Assurance, Threat Modelling
Enterprise Information Security Architecture, Vulnerability
Assessment and Penetration Testing
Types of Social Engineering, Insider Attack, Preventing Insider
Threats, Social Engineering Targets and Defence Strategies
Forklift Classes Overview by Intella PartsIntella Parts
Discover the different forklift classes and their specific applications. Learn how to choose the right forklift for your needs to ensure safety, efficiency, and compliance in your operations.
For more technical information, visit our website https://intellaparts.com
Overview of the fundamental roles in Hydropower generation and the components involved in wider Electrical Engineering.
This paper presents the design and construction of hydroelectric dams from the hydrologist’s survey of the valley before construction, all aspects and involved disciplines, fluid dynamics, structural engineering, generation and mains frequency regulation to the very transmission of power through the network in the United Kingdom.
Author: Robbie Edward Sayers
Collaborators and co editors: Charlie Sims and Connor Healey.
(C) 2024 Robbie E. Sayers
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdffxintegritypublishin
Advancements in technology unveil a myriad of electrical and electronic breakthroughs geared towards efficiently harnessing limited resources to meet human energy demands. The optimization of hybrid solar PV panels and pumped hydro energy supply systems plays a pivotal role in utilizing natural resources effectively. This initiative not only benefits humanity but also fosters environmental sustainability. The study investigated the design optimization of these hybrid systems, focusing on understanding solar radiation patterns, identifying geographical influences on solar radiation, formulating a mathematical model for system optimization, and determining the optimal configuration of PV panels and pumped hydro storage. Through a comparative analysis approach and eight weeks of data collection, the study addressed key research questions related to solar radiation patterns and optimal system design. The findings highlighted regions with heightened solar radiation levels, showcasing substantial potential for power generation and emphasizing the system's efficiency. Optimizing system design significantly boosted power generation, promoted renewable energy utilization, and enhanced energy storage capacity. The study underscored the benefits of optimizing hybrid solar PV panels and pumped hydro energy supply systems for sustainable energy usage. Optimizing the design of solar PV panels and pumped hydro energy supply systems as examined across diverse climatic conditions in a developing country, not only enhances power generation but also improves the integration of renewable energy sources and boosts energy storage capacities, particularly beneficial for less economically prosperous regions. Additionally, the study provides valuable insights for advancing energy research in economically viable areas. Recommendations included conducting site-specific assessments, utilizing advanced modeling tools, implementing regular maintenance protocols, and enhancing communication among system components.
Saudi Arabia stands as a titan in the global energy landscape, renowned for its abundant oil and gas resources. It's the largest exporter of petroleum and holds some of the world's most significant reserves. Let's delve into the top 10 oil and gas projects shaping Saudi Arabia's energy future in 2024.
Vaccine management system project report documentation..pdfKamal Acharya
The Division of Vaccine and Immunization is facing increasing difficulty monitoring vaccines and other commodities distribution once they have been distributed from the national stores. With the introduction of new vaccines, more challenges have been anticipated with this additions posing serious threat to the already over strained vaccine supply chain system in Kenya.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Quality defects in TMT Bars, Possible causes and Potential Solutions.PrashantGoswami42
Maintaining high-quality standards in the production of TMT bars is crucial for ensuring structural integrity in construction. Addressing common defects through careful monitoring, standardized processes, and advanced technology can significantly improve the quality of TMT bars. Continuous training and adherence to quality control measures will also play a pivotal role in minimizing these defects.
2. Introduction to Cyber Security
• The technique of protecting internet-connected
systems such as computers, servers, mobile
devices, electronic systems, networks, and data
from malicious attacks is known as cybersecurity.
• Cybersecurity into two parts one is cyber, and the
other is security.
• Cyber refers to the technology that includes
systems, networks, programs, and data.
• And security is concerned with the protection of
systems, networks, applications, and information.
3. Cont...
• Cyber Security is the body of technologies,
processes, and practices designed to protect
networks, devices, programs, and data from
attack, theft, damage, modification or
unauthorized access.
• Cyber Security is the set of principles and
practices designed to protect our computing
resources and online information against threats.
• Cybersecurity refers to a set of techniques used
to protect the integrity of networks, programs
and data from attack, damage or unauthorized
access
4. Types of Cyber Security
• Network Security: It involves implementing the
hardware and software to secure a computer
network from unauthorized access, intruders,
attacks, disruption, and misuse.
• It involves technologies such as Firewalls, Intrusion
detection systems (IDS), Virtual private
networks (VPNs), and Network segmentation.
5. Cont..
• Application Security:
• It involves protecting the software and devices
from unwanted threats.
• This protection can be done by constantly
updating the apps to ensure they are secure from
attacks.
• Successful security begins in the design stage,
writing source code, validation, threat modeling,
etc., before a program or device is deployed.
6. Cont..
• Information or Data Security: It involves
implementing a strong data storage mechanism
to maintain the integrity and privacy of data, both
in storage and in transit.
• It includes Encryption, Access controls, Data
classification, and Data loss prevention (DLP)
measures.
• Identity management: It deals with the
procedure for determining the level of access
that each individual has within an organization.
7. Cont..
• Cloud Security: It involves securing data,
applications, and infrastructure hosted on
cloud platforms, and ensuring appropriate
access controls, data protection, and
compliance.
• It uses various cloud service providers such as
AWS, Azure, Google, etc., to ensure security
against multiple threats.
8. Cont..
• Mobile Security: It involves securing the organizational
and personal data stored on mobile devices such as cell
phones, computers, tablets, and other similar devices
against various malicious threats.
• These threats are unauthorized access, device loss or
theft, malware, etc.
• Regularly backing up mobile device data is important
to prevent data loss in case of theft, damage, or device
failure.
• Mobile devices often connect to various networks,
including public Wi-Fi, which can pose security risks. It
is important to use secure networks whenever
possible, such as encrypted Wi-Fi networks or cellular
data connections.
9. Cont..
• Endpoint Security: refers to securing
individual devices such as computers, laptops,
smartphones, and IoT devices.
• It includes antivirus software, intrusion
prevention systems (IPS), device encryption,
and regular software updates.
10. Cont..
• Internet of Things (IoT) Security : Devices frequently
run on old software, leaving them vulnerable to
recently identified security vulnerabilities.
• This is generally the result of connectivity problems or
the requirement for end users to manually download
updates.
• Manufacturers frequently ship Internet of Things (IoT)
devices (such as home routers) with easily crackable
passwords, which may have been left in place by
suppliers and end users.
• These devices are easy targets for attackers using
automated scripts for mass exploitation when they are
left exposed to remote access.
12. Cyber Security Goals
• Cyber Security's main objective is to ensure
data protection.
• There is a triangle of three related principles
to protect the data from cyber-attacks.
• This principle is called the CIA triad.
• The CIA triad which stands for Confidentiality,
Integrity, and Availability is a design model to
guide companies and organizations to form
their security policies.
13. CIA Model
• When any security breaches are found, one or
more of these principles has been violated.
• The components of the triad are considered to
be the most important and fundamental
components of security.
14. CIA Model- Confidentiality
• Confidentiality : is equivalent to privacy that
avoids unauthorized access of information.
• It involves ensuring the data is accessible by
those who are allowed to use it and blocking
access to others.
• It prevents essential information from
reaching the wrong people.
• Data encryption is an excellent example of
ensuring confidentiality.
15. CIA Model- Integrity
• This principle ensures that the data is authentic,
accurate, and safeguarded from unauthorized
modification by threat actors or accidental user
modification.
• If any modifications occur, certain measures
should be taken to protect the sensitive data
from corruption or loss and speedily recover from
such an event.
• It indicates to make the source of information
genuine.
16. CIA Model- Availability
• This principle makes the information to be
available and useful for its authorized people
always.
• It ensures that these accesses are not
hindered by system malfunction or cyber-
attacks.
17. Cyber Security Terminologies
• Vulnerability: A Security Vulnerability is a weakness, flaw, or
error found within a security system that has the potential to be
leveraged by a threat agent in order to compromise a secure
network.
• In the process of building and coding technology mistakes
happen. What’s left behind from these mistakes is commonly
referred to as a bug.
• bugs aren’t inherently harmful, many can be taken advantage of
by nefarious actors—these are known as vulnerabilities.
• Vulnerabilities can be leveraged to force software to act in ways
it’s not intended to.
• Once a bug is determined to be a vulnerability, it is registered as
common vulnerability or exposure (CVE), and assigned a
Common Vulnerability Scoring System (CVSS) score to reflect the
potential risk it could introduce to your organization.
18. Security Vulnerability Examples
• There are a number of Security Vulnerabilities, some common
examples are:
• Broken Authentication: When authentication credentials are
compromised, user sessions and identities can be hijacked by
malicious actors to pose as the original user.
• SQL Injection: As one of the most prevalent security
vulnerabilities, SQL injections attempt to gain access to database
content via malicious code injection. A successful SQL injection
can allow attackers to steal sensitive data, spoof identities, and
participate in a collection of other harmful activities.
• Cross-Site Scripting: Much like an SQL Injection, a Cross-site
scripting (XSS) attack also injects malicious code into a website.
However, a Cross-site scripting attack targets website users,
rather than the actual website itself, which puts sensitive user
information at risk of theft.
19. Cont..
• Cross-Site Request Forgery: A Cross-Site
Request Forgery (CSRF) attack aims to trick an
authenticated user into performing an action
that they do not intend to do. This, paired with
social engineering, can deceive users into
accidentally providing a malicious actor with
personal data.
• Security Misconfiguration: Any component of
a security system that can be leveraged by
attackers due to a configuration error can be
considered a “Security Misconfiguration.”
20. Cyber Threat
• Exploit: A means of attack on a computer
system, either a series of commands, malicious
software, or piece of infected data.
• Hacker (Black Hat, White Hat): Any hacker who
attempts to gain unauthorized access to a
system with the intent to cause mischief,
damage, or theft. They can be motivated by
greed, a political agenda, or simply boredom.
– White Hat : A hacker who is invited to test out
computer systems and servers, looking for
vulnerabilities, for the purposes of informing the
host of where security needs to be buffed up.
21. Cont..
• Security breach — A security breach is any incident that results in
unauthorized access to computer data, applications, networks or
devices.
• Facebook saw internal software flaws lead to the loss of 29 million
users' personal data in 2018. This compromised accounts included that
of company CEO Mark Zuckerberg.
• Data Breach-The occurrence of disclosure of confidential information,
access to confidential information, destruction of data assets or
abusive use of a private IT environment.
• Generally, a data breach results in internal data being made accessible
to external entities without authorization.
• Risk assessment — The process of evaluating the state of risk of an
organization. Risk assessment is often initiated through taking an
inventory of all assets, assigning each asset a value, and then
considering any potential threats against each asset.
• Threats are evaluated for their exposure factor (EF) in order to
calculate a relative risk value known as the ALE (Annualized Loss
Expectancy).
• The largest ALE indicates the biggest concern or risk for the
organization.
22. Cont..
• Threat assessment — The process of evaluating the
actions, events and behaviors that can cause harm to
an asset or organization. Threat assessment is an
element of risk assessment and management.
• link jacking — A potentially unethical practice of
redirecting a link to a middle-man or aggregator site
or location rather than the original site the link
seemed to indicate it was directed towards.
• For example, a news aggregation service may
publish links that seem as if they point to the original
source of their posted articles, but when a user
discovers those links via search or through social
networks, the links redirect back to the aggregation
site and not the original source of the article.
23. Social Engineering
• Social engineering is the term used for a broad
range of malicious activities accomplished
through human interactions.
• It uses psychological manipulation to trick
users into making security mistakes or giving
away sensitive information.
• Social engineering attacks happen in one or
more steps.
24. Cont..
• A perpetrator first investigates the intended
victim to gather necessary background
information, such as potential points of entry and
weak security protocols, needed to proceed with
the attack.
• Then, the attacker moves to gain the victim’s
trust and provide stimuli for subsequent actions
that break security practices, such as
revealing sensitive information or granting access
to critical resources.
26. Baiting
• Baiting attacks use a false promise to pique a
victim’s greed or curiosity. They lure users into
a trap that steals their personal information or
inflicts their systems with malware.
• Baiting scams don’t necessarily have to be
carried out in the physical world. Online forms
of baiting consist of enticing ads that lead to
malicious sites or that encourage users to
download a malware-infected application.
27. Scareware
• Scareware involves victims being bombarded
with false alarms and fictitious threats.
• Users are deceived to think their system is
infected with malware, prompting them to
install software that has no real benefit or is
malware itself.
• Scareware is also referred to as deception
software, rogue scanner software and
fraudware.
28. Cont..
• A common scareware example is the
legitimate-looking popup banners appearing
in your browser while surfing the web,
displaying such text such as, “Your computer
may be infected with harmful spyware
programs.” It either offers to install the tool
(often malware-infected) for you, or will direct
you to a malicious site where your computer
becomes infected.
29. Pretexting
• Here an attacker obtains information through a
series of cleverly crafted lies. The scam is often
initiated by a perpetrator pretending to need
sensitive information from a victim so as to
perform a critical task.
• The attacker usually starts by establishing trust
with their victim by impersonating co-workers,
police, bank and tax officials, or other persons
who have right-to-know authority.
• The pretexter asks questions that requires to
confirm the victim’s identity, through which they
gather important personal data.
30. Phishing
• As one of the most popular social engineering
attack types, phishing scams are email and
text message campaigns aimed at creating a
sense of urgency, curiosity or fear in victims.
• It then trick them into revealing sensitive
information, clicking on links to malicious
websites, or opening attachments that contain
malware.
31. Phishing
• An example is an email sent to users of an
online service that alerts them of a policy
violation requiring immediate action on their
part, such as a required password change.
• It includes a link to an illegitimate website—
nearly identical in appearance to its legitimate
version—prompting the unsuspecting user to
enter their current credentials and new
password. Upon form submission the
information is sent to the attacker.
32. Social engineering prevention
• Don’t open emails and attachments from
suspicious sources – If you don’t know the
sender in question, you don’t need to answer an
email. Even if you do know them and are
suspicious about their message, cross-check and
confirm the news from other sources, such as via
telephone or directly from a service provider’s
site.
• Use multifactor authentication – One of the
most valuable pieces of information attackers
seek are user credentials. Using multifactor
authentication helps ensure your account’s
protection in the event of system compromise.
33. Cont.
• Be wary of tempting offers – If an offer
sounds too enticing, think twice before
accepting it as fact.
• Keep your antivirus/antimalware software
updated – Make sure automatic updates are
engaged, or make it a habit to download the
latest signatures first thing each day.
34. Footprinting
• Footprinting refers to the process of collecting data
over time in order to make a targeted cyberattack .
• The process of cybersecurity footprinting involves
profiling organizations and collecting data about the
network, host, employees and third-party partners.
• This information includes the OS used by the
organization, firewalls, network maps, IP
addresses, domain name system information, security
configurations of the target machine, URLs, virtual
private networks, staff IDs, email addresses and phone
numbers.
35. Cont..
• Footprinting can be performed manually or
using automated tools.
• It may involve scanning for open ports,
identifying user accounts, and mapping
network topologies.
• By understanding the layout of the target’s
infrastructure, attackers can identify potential
vulnerabilities that may be exploitable.
36. What Information Is Collected in
Footprinting?
• Network topology. Collecting this type of
information involves identifying the IP addresses
and hostnames of all systems on the network and
mapping out the connections among them.
• Operating systems and applications. Information
about the target’s operating system and
applications can be used to identify potential
security vulnerabilities. For example, if a
company uses an outdated version of Windows, it
may be vulnerable to specific attacks that are not
possible against newer versions.
37. Cont..
• User accounts. Footprinting can reveal
usernames and passwords for user accounts
on the target system, which can be helpful in
the later stages of an attack.
• Web servers. This includes the servers’
software versions, installed modules, and
enabled features.
38. Types of Footprinting
• There are two main types of footprinting: passive
and active.
• Passive footprinting involves collecting data
without actively engaging with the target system.
• Under this approach, information is collected
through crawling websites and social media
platforms, among other methods.
• For example, tools like tcpdump and Wireshark
can be used to capture packets sent and received
by the target system.
39. Active Footprinting
• Active footprinting involves interacting with
the target system to gather information. This
can be done manually or using automated
tools like using the traceroute commands.
• Active footprinting is more intrusive and can
potentially cause harm to the target system if
not done carefully, but it can also gather
information that can’t be collected through
passive footprinting.
40. Steps of Footprinting
• 1. Identifying Targets: The first step is to
identify which systems or organizations to
footprint by scanning networks for open ports
or performing reconnaissance using Google
searches and other tools.
• 2. Gathering Information: After the target has
been identified, the next step is to gather as
much information about it as possible
41. Cont..
• 3. Analyzing Results: After all relevant data has
been collected, it needs to be analyzed to
determine the most vulnerable points. This is
done by identifying common weaknesses across
multiple systems or comparing results against
known exploits.
• 4. Planning Attacks: The final step is to use the
information gathered during footprinting to plan
a successful attack against the target’s systems,
networks, and devices. This may involve
developing custom exploits or choosing a suitable
attack vector based on the data collected.
42. Advantages of footprinting
• Footprinting techniques in ethical hacking help
businesses identify and secure IT infrastructure before
a threat actor exploits a vulnerability. Users can also
build a database of known vulnerabilities and
loopholes.
• Footprinting also helps companies better understand
their current security posture through analysis of data
gathered about the firewall, security configuration and
more.
• Drawing a network map helps cover all trusted routers,
servers and other network topologies. Users can
pursue a reduced attack surface by narrowing it down
to a specific range of systems.
43. Scanning
• Scanning can be considered a logical extension (and
overlap) of active reconnaissance that helps attackers
identify specific vulnerabilities.
• The attacker has gained valuable insights about the
target.
• But a deeper insights are required.
• Scanning helps in getting more specific information
about the target.
• Attackers use automated tools such as network
scanners and application scanners to locate systems
and attempt to discover vulnerabilities.
• The scanning methods may differ based on the attack
objectives, which are set up before the attackers
actually begin this process.
44. Types of scanning in ethical hacking
• Scanning is the second step in ethical
hacking.
• It helps the attacker get detailed information
about the target.
• Scanning could be basically of three types:
1. Port Scanning
2. Network Scanning
3. Vulnerability Scanning
45. Port Scanning
• Port Scanning is Detecting open ports and running services on
the target host.
• Port scanning could be further divided into 5 types:
1. Ping Scan – This is the simplest scan. Ping scan sends ICMP
packets and wait for the response from the target. If there is a
response, the target is considered to be active and listening.
2. TCP Half Open – Also, referred to as SYN scan, this is another
very common type of scanning method
3. TCP Connect – TCP connect is similar to TCP half open, except
for the fact that a complete TCP connection is established in
TCP connect port scanning.
4. UDP – UDP is used by very common services like DNS, SNMP,
DHCP. So, sending a UDP packet and waiting for a response
helps gather information about UDP ports.
5. Stealth Scanning – As the word says, stealth means a quieter
activity. When an attacker wants to be undetected while
scanning, a stealth scan is used.
46. Network Scanning
• Network scanning is the process or technique
by which we scan the network to gain details
such as active hosts, open ports including
running TCP and UDP services, open
vulnerabilities, details about the host like
operating system and much more.
• For IP (internet protocol) networks, generally
“ping” is used for reaching a host and checking
its status. Ping is an ICMP (Internet Control
Message Protocol) utility and sends packets to
the target and receives an ICMP echo reply.
47. Vulnerability Scanning
• Vulnerability Scanning – Scanning to gather
information about known vulnerabilities in a
target.
• Vulnerability scans are conducted via
automated vulnerability scanning tools to
identify potential risk exposures and attack
vectors across an organization’s networks,
hardware, software, and systems.
48. Difference Between Scanning and
FootPrinting
• During active reconnaissance, there is contact with
the target network.
• However, in the scanning step (2nd step of ethical
hacking), the attacker already has basic information
about the network and the infrastructure.
• The aim is to get details like active host names, open
ports, operating systems on the active hosts, etc.
• While they might seem the same, scanning is not
possible or rather, would not be successful without
an in-depth and detailed reconnaissance. The
scanning step further expands reconnaissance and
takes it to the next level.
49. Security Architecture
• Cybersecurity establishments need an
adaptive security architecture.
• It’s a valuable framework to help enterprises
classify all potential and existing security
investments to determine where they’re
deficient and make sure there’s a balanced
approach to cyber security.
51. Perimeter Security
• The set of physical & technical security and
programmatic policies that provide levels of
protection against remote malicious activity;
used to and protect the back-end systems
from unauthorized access.
• When properly configured, the perimeter
defense security model can prevent, delay,
absorb and/or detect attacks, thus reducing
the risk to critical back-end systems.
52. Network Security
• The layer that partitions the broader network
of assets and connections into enclaves;
• an enclave is a distinctly bounded area
enclosed within a larger unit.
• Enclaves incorporate their individual access
controls and protection mechanisms.
• Network Security layer when properly used
can prevent damages to travel from one
enclave to others and also sets policies of
accesses specific to the enclaves.
53. Cont..
• Endpoint Security: Security protection
mechanisms and controls that reside directly on
an endpoint device (final devices such as
computers, laptops, mobile devices, tablets, etc.)
interfacing with any network or system.
• Application Security: Security protection
mechanisms and controls that are embedded
within the applications residing on the network,
enclaves, and Endpoint devices. Examples of such
applications could be – MS Office, ERP
application, Mobile Apps, etc.
54. Cont..
• Data Security: The layer of security that protects data
in the Enterprise regardless of the data’s state, that is,
whether it is in motion, at rest or in use.
• Prevention: This is achieved by Policies, procedures,
training, threat modelling, risk assessment, penetration
testing and all other inclusive sustainment activities to
posture a secure position.
• Operations: Constant observation of the Enterprise
with a keen eye, coupled with the right tools and
processes, to recognize incidents & events, and
respond accordingly in a timely manner.
55. Security Operations (SecOps)
• Security operations (SecOps) is a term used to
describe the collaboration between security and
operations teams within an organization.
• IT operations has continued to expand over the
years, branching out into individual specialties that
tends to create siloed (individual) activities.
• SecOps seeks to foster more collaboration between IT
security and IT operations to help prioritize network
and data security and mitigate risk without sacrificing
IT performance.
• A key tenet of SecOps, however, is to ensure that
security is a fundamental part of every project and
included in even the earliest stages of project
development.
56. Cont…
• The SecOps team is a team of highly skilled IT and
security professionals who monitor threats and assess
risk across an organization. The SecOps team is the
lifeblood of a security operations center (SOC).
• Roles include SOC analysts, security engineers, a security
manager, an IT operations manager and system admins,
who all report up to the chief information security officer
(CISO).
• The goal of SecOps is to improve an organization’s
security posture, identify security issues and detect
vulnerabilities, and facilitate a unified approach to
security across individual departments. This approach
helps with cross-team collaboration to complete tasks
more efficiently and eliminate duplication of effort.
57. Cyber terrorism
• Cyber terrorism (also known as digital
terrorism) is defined as disruptive attacks by
recognised terrorist organisations against
computer systems with the intent of
generating alarm, panic, or the physical
disruption of the information system.
• Cyberterrorism is often defined as a
politically motivated attack against
information systems, programs and data
that threatens violence or results in
violence.