SlideShare a Scribd company logo
CYBER SECURITY
-WHYISITIMPORTANT?
OBJECTIVE
This presentation aims to educate
and create awareness amongst
the community on the use of
Technology, Internet Media and
its implications on possible cyber
crimes
Evolution of technology, usage and value
Evolution of security problems and solutions
Evolution never stops…
4
5
Cyber Security
Cyber Security is a set of principles and
practices designed to safeguard your
computing assets and online information
against threats. It is the practice of defending
computers, servers, mobile devices, electronic
systems, networks, and data from malicious
attacks.
6
What is a Secure System?
• Confidentiality – restrict
access to authorized
individuals
• Integrity – data has not been
altered in an unauthorized
manner
• Availability – information can
be accessed and modified by
authorized individuals in an
appropriate timeframe
7
Confidentiality
Example: Protection from Criminal stealing
customers’ usernames, passwords, or credit card information.
Protecting information from unauthorized access and disclosure
8
Integrity
Protecting information from
unauthorized modification
Example:
Only authorized personel can alter payroll information or a
proposed product design
9
Availability
Example: Protection from Criminal stealing
customers’ usernames, passwords, or credit card information.
Protecting information from unauthorized access and disclosure
10
Threats and Vulnerabilities
What are we protecting our and our stakeholder’s information
from?
Threats: Any circumstances or events that can potentially harm an
information system by destroying it, disclosing the information
stored on the system, adversely modifying data, or making the
system unavailable
Vulnerabilities: Weakness in an information system or its
components that could be exploited.
11
What kinds of threats are there?
• Phishing and Spear- phishing Attacks
• Social Engineering Scams
• Common Malware and Ransomware
• Business Email Compromise
• Fake websites that steal data or infect devices
And much more
12
Phishing
• Phishing refers to the practice of creating fake emails or SMS that
appear to come from someone you trust, such as: Bank, Credit
Card Company, Popular Websites
• The email/SMS will ask you to “confirm your account details or
your vendor’s account details”, and then direct you to a website
that looks just like the real website, but whose sole purpose is for
steal information.
• Of course, if you enter your information, a cybercriminal could use
it to steal your identity and possibly make fraudulent purchases
with your money.
13
Example of Phishing
14
Social Engineering
• When attempting to steal information or a person’s identity, a
hacker will often try to trick you into giving out sensitive
information rather than breaking into your computer.
• Social Engineering can happen:
• Over the phone
• By text message
• Instant message
• Email
15
Malware
• Malware = “malicious software”
• Malware is any kind of unwanted software that is installed without your
consent on your computer and other digital devices.
• Viruses, Worms, Trojan horses, Bombs, Spyware, Adware, and Ransomware
are subgroups of malware.
16
Virus: A computer virus is a type of malicious software, or malware,
that spreads between computers and causes damage to data and
software.
Trojan: Trojan is a type of malware that typically gets hidden as an
attachment in an email or a free-to-download file, and then transfers
onto the user’s device. Once downloaded, the malicious code will
execute the task the attacker designed it for, such as gaining
backdoor access to corporate systems, spying on users’ online
activity, or stealing sensitive data.
Worms: A computer worm is a subset of the Trojan horse malware
that can propagate or self-replicate from one computer to another
without human activation after breaching a system.
Adware: Adware is a type of malware designed to display.
Spyware: Spyware is like adware it spies on the user to see what
information it can collect off the user’s computer to display pop ads
on the user’s computer. Spyware unlike adware likes to use memory
from programs running in the background of the computer to keep
a close watch on the user.
17
Denial of Service Attack
18
Ransomware
• Ransomware is a type of malware that
restricts your access to systems and files,
typically by encryption and then demands
a ransom to restore access.
• Often, systems are infected by
ransomware through a link in a malicious
email. When the user clicks the link, the
ransomware is downloaded to the user’s
computer, smartphone or other device.
Ransomware may spread through
connected networks.
19
Ransomware Controls
• Weapons-Grade Data Backups
• Religious Patch Management
• Plan to Fail Well (Incident Response Plan)
• Know who to call!
• Training and Testing Your People
• Don’t Open that Email Link/Attachment
20
Cyber Crime
• Cyber Crime is a generic term that refers to all criminal activities
done using the medium of communication devices, computers,
mobile phones, tablets etc. It can be categorized in three ways:
• The computer as a target – attacking the computers of others.
• The computer as a weapon- Using a computer to commit
• “traditional crime” that we see in the physical world.
• The computer as an accessory- Using a computer as a “fancy filing
cabinet” to store illegal or stolen information.
21
Ransomware Controls
22
Hacking
• Financial (theft, fraud, blackmail)
• Political/State (state level/military)
• Fame/Kudos (fun/status)
• Hacktivism (cause)
• Pen Testers (legal hacking)
• Police
• Insider
23
Vulnerability Scanner
• The functions of a Vulnerability Scanner are far
different from a firewall or intrusion detection
system.
• Vulnerability scanning tools help you in
protecting your organization from any kind of
security risks or threats by scanning with deep
inspection of endpoints to ensure that they are
configured securely and correctly.
• The prime aim of running a vulnerability
scanner is to identify the devices that are open
for vulnerabilities.
24
Personal Cybersecurity Tips /
Best Practices
Use Strong
Passwords
Use a VPN
When
Necessary
Think Before
You Click
Update Your
Home Router
Update Your
Devices
Use Two-
Factor
Authentication
25
Url & Safe Web Browsing
• Don’t download free media.
• Don’t store your payment information online.
• Don’t over-share personal information on social media accounts.
• Change passwords regularly.
• Keep your browser software up-to-date.
• Run Anti-Virus software.
• Scan downloaded files before executing.
• Watch out for phishing.
• Don’t Reuse Passwords.
• Use HTTPS for banking transactions.
• Read Privacy Policies.
• Avoid Public or Free Wi-Fi.
• Disable Stored Passwords.
26
HIPAA
Health Insurance Portability & Accountability Act
27
What is HIPAA?
HIPAA Provides a framework for the
establishment of nationwide protection of
patient confidentiality, security of
electronic systems, and standards and
requirements for electronic transmission
of health information.
1 • Privacy Rule
2 • Security Rule
3
• Electronic Data
Exchange
28
Privacy Rule
• Privacy Rule went into effect April 14, 2003.
• Privacy refers to the protection of an individual’s
health care data.
• Defines how patient information is used and disclosed.
• Gives patients privacy rights and more control over
their own health information.
• Outlines ways to safeguard Protected Health
Information (PHI).
29
Security Rule
• Security (IT) regulations went into effect April 21, 2005.
• Security means controlling:
• Confidentiality of electronic protected health information (ePHI).
• Storage of electronic protected health information (ePHI)
• Access into electronic information
30
Electronic Data Exchange (EDI)
• Defines transfer format of electronic information
between providers and payers to carry out financial or
administrative activities related to health care.
• Information includes coding, billing and insurance
verification.
• Goal of using the same formats is to ultimately make
the billing process more efficient.
31
Why Comply With HIPAA?
• To show our commitment to protecting privacy
• As an employee, you are obligated to comply with Expeed Software
privacy and security policies and procedures
• Our patients/members are placing their trust in us to preserve the
privacy of their most sensitive and personal information
• Compliance is not an option, it is required.
• If you choose not to follow the rules:
• You could be put at risk, including personal penalties and sanctions
• You could put Expeed Software at risk, including financial and
reputational harm
32
HIPAA Regulations
HIPAA Regulations require we protect our patients’ PHI
in all media including, but not limited to, PHI created,
stored, or transmitted in/on the following media:
• Verbal Discussions (i.e., in person or on the phone)
• Written on paper (i.e., chart, progress notes,
encounter forms, prescriptions, x-ray orders, referral
forms and explanation of benefit (EOBs) forms
• Computer Applications and Systems (i.e., electronic
health record (EHR), Practice Management, Lab and X-
Ray
• Computer Hardware/Equipment (i.e., PCs, laptops,
PDAs, pagers, fax machines, servers and cell phones
33
Indian Cyber Security Law
The Information Technology (IT) Act, of 2000, is the primary legislation
dealing with cybersecurity, data protection and cybercrime. Identifying
activities such as hacking, denial-of-service attacks, phishing, malware
attacks, identity fraud and electronic theft as punishable offences
It contains 23 chapters define all related to Cyber security.
In 2021 new rules were added related to online gaming and guideline for
Digital Media Ethics
Let’s
Innovate
Together
www.expeed.com

More Related Content

Similar to Why is Cybersecurity Important in the Digital World

Information security / Cyber Security ppt
Information security / Cyber Security pptInformation security / Cyber Security ppt
Information security / Cyber Security ppt
Gryffin EJ
 
Shailendra Pandey.ppt
Shailendra Pandey.pptShailendra Pandey.ppt
Shailendra Pandey.ppt
ShailendraPandey92
 
COMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxCOMPUTER ETHICS.pptx
COMPUTER ETHICS.pptx
santosh26kumar2003
 
Chapter 13
Chapter 13Chapter 13
Chapter 13
bodo-con
 
wbushiwbisnisnisbsudhduhsubsuhsuhsusvudhuhsus
wbushiwbisnisnisbsudhduhsubsuhsuhsusvudhuhsuswbushiwbisnisnisbsudhduhsubsuhsuhsusvudhuhsus
wbushiwbisnisnisbsudhduhsubsuhsuhsusvudhuhsus
xenhalo561
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power point
bodo-con
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
Kaushal Solanki
 
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Accellis Technology Group
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganised
Bule Hora University
 
Ethics,security and privacy control
Ethics,security and privacy controlEthics,security and privacy control
Ethics,security and privacy control
Sifat Hossain
 
Ceferov Cefer Intelectual Technologies
Ceferov Cefer Intelectual TechnologiesCeferov Cefer Intelectual Technologies
Ceferov Cefer Intelectual Technologies
yusifagalar
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
SonakshiMundra
 
Online Safety, Security, Ethics and Netiquette.pptx
Online Safety, Security, Ethics  and Netiquette.pptxOnline Safety, Security, Ethics  and Netiquette.pptx
Online Safety, Security, Ethics and Netiquette.pptx
Bobby Dait
 
Cyber Security Briefing
Cyber Security BriefingCyber Security Briefing
Cyber Security Briefing
Marshall Frett Jr.
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024  Guide to Cyber Security: Protect Your Data Today”“In 2024  Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
tunzida045
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024  Guide to Cyber Security: Protect Your Data Today”“In 2024  Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
tunzida045
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial Planners
Michael O'Phelan
 
SECURING INFORMATION SYSTEM 1.pptx
SECURING INFORMATION SYSTEM 1.pptxSECURING INFORMATION SYSTEM 1.pptx
SECURING INFORMATION SYSTEM 1.pptx
CabdullhiY
 
Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.
rizwanshafique4321
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
MuhammadRehan856177
 

Similar to Why is Cybersecurity Important in the Digital World (20)

Information security / Cyber Security ppt
Information security / Cyber Security pptInformation security / Cyber Security ppt
Information security / Cyber Security ppt
 
Shailendra Pandey.ppt
Shailendra Pandey.pptShailendra Pandey.ppt
Shailendra Pandey.ppt
 
COMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxCOMPUTER ETHICS.pptx
COMPUTER ETHICS.pptx
 
Chapter 13
Chapter 13Chapter 13
Chapter 13
 
wbushiwbisnisnisbsudhduhsubsuhsuhsusvudhuhsus
wbushiwbisnisnisbsudhduhsubsuhsuhsusvudhuhsuswbushiwbisnisnisbsudhduhsubsuhsuhsusvudhuhsus
wbushiwbisnisnisbsudhduhsubsuhsuhsusvudhuhsus
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power point
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganised
 
Ethics,security and privacy control
Ethics,security and privacy controlEthics,security and privacy control
Ethics,security and privacy control
 
Ceferov Cefer Intelectual Technologies
Ceferov Cefer Intelectual TechnologiesCeferov Cefer Intelectual Technologies
Ceferov Cefer Intelectual Technologies
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
Online Safety, Security, Ethics and Netiquette.pptx
Online Safety, Security, Ethics  and Netiquette.pptxOnline Safety, Security, Ethics  and Netiquette.pptx
Online Safety, Security, Ethics and Netiquette.pptx
 
Cyber Security Briefing
Cyber Security BriefingCyber Security Briefing
Cyber Security Briefing
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024  Guide to Cyber Security: Protect Your Data Today”“In 2024  Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024  Guide to Cyber Security: Protect Your Data Today”“In 2024  Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial Planners
 
SECURING INFORMATION SYSTEM 1.pptx
SECURING INFORMATION SYSTEM 1.pptxSECURING INFORMATION SYSTEM 1.pptx
SECURING INFORMATION SYSTEM 1.pptx
 
Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 

More from Expeed Software

In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
Expeed Software
 
Comprehensive Guide on API Automation Testing
Comprehensive Guide on API Automation TestingComprehensive Guide on API Automation Testing
Comprehensive Guide on API Automation Testing
Expeed Software
 
What is Devops? What are the Fundamentals of it?
What is Devops? What are the Fundamentals of it?What is Devops? What are the Fundamentals of it?
What is Devops? What are the Fundamentals of it?
Expeed Software
 
The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.
Expeed Software
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Node JS - A brief overview on building real-time web applications
Node JS - A brief overview on building real-time web applicationsNode JS - A brief overview on building real-time web applications
Node JS - A brief overview on building real-time web applications
Expeed Software
 
Springboot - A milestone framework in Java Development
Springboot - A milestone framework in Java DevelopmentSpringboot - A milestone framework in Java Development
Springboot - A milestone framework in Java Development
Expeed Software
 
What makes Flutter the best cross platform sdk
What makes Flutter the best cross platform sdkWhat makes Flutter the best cross platform sdk
What makes Flutter the best cross platform sdk
Expeed Software
 

More from Expeed Software (8)

In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
 
Comprehensive Guide on API Automation Testing
Comprehensive Guide on API Automation TestingComprehensive Guide on API Automation Testing
Comprehensive Guide on API Automation Testing
 
What is Devops? What are the Fundamentals of it?
What is Devops? What are the Fundamentals of it?What is Devops? What are the Fundamentals of it?
What is Devops? What are the Fundamentals of it?
 
The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Node JS - A brief overview on building real-time web applications
Node JS - A brief overview on building real-time web applicationsNode JS - A brief overview on building real-time web applications
Node JS - A brief overview on building real-time web applications
 
Springboot - A milestone framework in Java Development
Springboot - A milestone framework in Java DevelopmentSpringboot - A milestone framework in Java Development
Springboot - A milestone framework in Java Development
 
What makes Flutter the best cross platform sdk
What makes Flutter the best cross platform sdkWhat makes Flutter the best cross platform sdk
What makes Flutter the best cross platform sdk
 

Recently uploaded

The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptxThe Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
operationspcvita
 
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned",  Igor Ivaniuk"Frontline Battles with DDoS: Best practices and Lessons Learned",  Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
Fwdays
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
UiPathCommunity
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
Neo4j
 
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and BioinformaticiansBiomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Neo4j
 
Christine's Supplier Sourcing Presentaion.pptx
Christine's Supplier Sourcing Presentaion.pptxChristine's Supplier Sourcing Presentaion.pptx
Christine's Supplier Sourcing Presentaion.pptx
christinelarrosa
 
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users",  Kevin Goedecke"Scaling RAG Applications to serve millions of users",  Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
Fwdays
 
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
Jason Yip
 
ScyllaDB Tablets: Rethinking Replication
ScyllaDB Tablets: Rethinking ReplicationScyllaDB Tablets: Rethinking Replication
ScyllaDB Tablets: Rethinking Replication
ScyllaDB
 
AI in the Workplace Reskilling, Upskilling, and Future Work.pptx
AI in the Workplace Reskilling, Upskilling, and Future Work.pptxAI in the Workplace Reskilling, Upskilling, and Future Work.pptx
AI in the Workplace Reskilling, Upskilling, and Future Work.pptx
Sunil Jagani
 
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
DanBrown980551
 
Christine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptxChristine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptx
christinelarrosa
 
AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)
HarpalGohil4
 
Introducing BoxLang : A new JVM language for productivity and modularity!
Introducing BoxLang : A new JVM language for productivity and modularity!Introducing BoxLang : A new JVM language for productivity and modularity!
Introducing BoxLang : A new JVM language for productivity and modularity!
Ortus Solutions, Corp
 
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid ResearchHarnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Neo4j
 
"What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w..."What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w...
Fwdays
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
Fwdays
 
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
Safe Software
 
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Ukraine
 
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdfLee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
leebarnesutopia
 

Recently uploaded (20)

The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptxThe Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
 
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned",  Igor Ivaniuk"Frontline Battles with DDoS: Best practices and Lessons Learned",  Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
 
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and BioinformaticiansBiomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
 
Christine's Supplier Sourcing Presentaion.pptx
Christine's Supplier Sourcing Presentaion.pptxChristine's Supplier Sourcing Presentaion.pptx
Christine's Supplier Sourcing Presentaion.pptx
 
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users",  Kevin Goedecke"Scaling RAG Applications to serve millions of users",  Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
 
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
 
ScyllaDB Tablets: Rethinking Replication
ScyllaDB Tablets: Rethinking ReplicationScyllaDB Tablets: Rethinking Replication
ScyllaDB Tablets: Rethinking Replication
 
AI in the Workplace Reskilling, Upskilling, and Future Work.pptx
AI in the Workplace Reskilling, Upskilling, and Future Work.pptxAI in the Workplace Reskilling, Upskilling, and Future Work.pptx
AI in the Workplace Reskilling, Upskilling, and Future Work.pptx
 
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
 
Christine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptxChristine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptx
 
AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)
 
Introducing BoxLang : A new JVM language for productivity and modularity!
Introducing BoxLang : A new JVM language for productivity and modularity!Introducing BoxLang : A new JVM language for productivity and modularity!
Introducing BoxLang : A new JVM language for productivity and modularity!
 
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid ResearchHarnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
 
"What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w..."What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w...
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
 
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
 
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
 
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdfLee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
 

Why is Cybersecurity Important in the Digital World

  • 2. OBJECTIVE This presentation aims to educate and create awareness amongst the community on the use of Technology, Internet Media and its implications on possible cyber crimes
  • 3. Evolution of technology, usage and value Evolution of security problems and solutions Evolution never stops…
  • 4. 4
  • 5. 5 Cyber Security Cyber Security is a set of principles and practices designed to safeguard your computing assets and online information against threats. It is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.
  • 6. 6 What is a Secure System? • Confidentiality – restrict access to authorized individuals • Integrity – data has not been altered in an unauthorized manner • Availability – information can be accessed and modified by authorized individuals in an appropriate timeframe
  • 7. 7 Confidentiality Example: Protection from Criminal stealing customers’ usernames, passwords, or credit card information. Protecting information from unauthorized access and disclosure
  • 8. 8 Integrity Protecting information from unauthorized modification Example: Only authorized personel can alter payroll information or a proposed product design
  • 9. 9 Availability Example: Protection from Criminal stealing customers’ usernames, passwords, or credit card information. Protecting information from unauthorized access and disclosure
  • 10. 10 Threats and Vulnerabilities What are we protecting our and our stakeholder’s information from? Threats: Any circumstances or events that can potentially harm an information system by destroying it, disclosing the information stored on the system, adversely modifying data, or making the system unavailable Vulnerabilities: Weakness in an information system or its components that could be exploited.
  • 11. 11 What kinds of threats are there? • Phishing and Spear- phishing Attacks • Social Engineering Scams • Common Malware and Ransomware • Business Email Compromise • Fake websites that steal data or infect devices And much more
  • 12. 12 Phishing • Phishing refers to the practice of creating fake emails or SMS that appear to come from someone you trust, such as: Bank, Credit Card Company, Popular Websites • The email/SMS will ask you to “confirm your account details or your vendor’s account details”, and then direct you to a website that looks just like the real website, but whose sole purpose is for steal information. • Of course, if you enter your information, a cybercriminal could use it to steal your identity and possibly make fraudulent purchases with your money.
  • 14. 14 Social Engineering • When attempting to steal information or a person’s identity, a hacker will often try to trick you into giving out sensitive information rather than breaking into your computer. • Social Engineering can happen: • Over the phone • By text message • Instant message • Email
  • 15. 15 Malware • Malware = “malicious software” • Malware is any kind of unwanted software that is installed without your consent on your computer and other digital devices. • Viruses, Worms, Trojan horses, Bombs, Spyware, Adware, and Ransomware are subgroups of malware.
  • 16. 16 Virus: A computer virus is a type of malicious software, or malware, that spreads between computers and causes damage to data and software. Trojan: Trojan is a type of malware that typically gets hidden as an attachment in an email or a free-to-download file, and then transfers onto the user’s device. Once downloaded, the malicious code will execute the task the attacker designed it for, such as gaining backdoor access to corporate systems, spying on users’ online activity, or stealing sensitive data. Worms: A computer worm is a subset of the Trojan horse malware that can propagate or self-replicate from one computer to another without human activation after breaching a system. Adware: Adware is a type of malware designed to display. Spyware: Spyware is like adware it spies on the user to see what information it can collect off the user’s computer to display pop ads on the user’s computer. Spyware unlike adware likes to use memory from programs running in the background of the computer to keep a close watch on the user.
  • 18. 18 Ransomware • Ransomware is a type of malware that restricts your access to systems and files, typically by encryption and then demands a ransom to restore access. • Often, systems are infected by ransomware through a link in a malicious email. When the user clicks the link, the ransomware is downloaded to the user’s computer, smartphone or other device. Ransomware may spread through connected networks.
  • 19. 19 Ransomware Controls • Weapons-Grade Data Backups • Religious Patch Management • Plan to Fail Well (Incident Response Plan) • Know who to call! • Training and Testing Your People • Don’t Open that Email Link/Attachment
  • 20. 20 Cyber Crime • Cyber Crime is a generic term that refers to all criminal activities done using the medium of communication devices, computers, mobile phones, tablets etc. It can be categorized in three ways: • The computer as a target – attacking the computers of others. • The computer as a weapon- Using a computer to commit • “traditional crime” that we see in the physical world. • The computer as an accessory- Using a computer as a “fancy filing cabinet” to store illegal or stolen information.
  • 22. 22 Hacking • Financial (theft, fraud, blackmail) • Political/State (state level/military) • Fame/Kudos (fun/status) • Hacktivism (cause) • Pen Testers (legal hacking) • Police • Insider
  • 23. 23 Vulnerability Scanner • The functions of a Vulnerability Scanner are far different from a firewall or intrusion detection system. • Vulnerability scanning tools help you in protecting your organization from any kind of security risks or threats by scanning with deep inspection of endpoints to ensure that they are configured securely and correctly. • The prime aim of running a vulnerability scanner is to identify the devices that are open for vulnerabilities.
  • 24. 24 Personal Cybersecurity Tips / Best Practices Use Strong Passwords Use a VPN When Necessary Think Before You Click Update Your Home Router Update Your Devices Use Two- Factor Authentication
  • 25. 25 Url & Safe Web Browsing • Don’t download free media. • Don’t store your payment information online. • Don’t over-share personal information on social media accounts. • Change passwords regularly. • Keep your browser software up-to-date. • Run Anti-Virus software. • Scan downloaded files before executing. • Watch out for phishing. • Don’t Reuse Passwords. • Use HTTPS for banking transactions. • Read Privacy Policies. • Avoid Public or Free Wi-Fi. • Disable Stored Passwords.
  • 27. 27 What is HIPAA? HIPAA Provides a framework for the establishment of nationwide protection of patient confidentiality, security of electronic systems, and standards and requirements for electronic transmission of health information. 1 • Privacy Rule 2 • Security Rule 3 • Electronic Data Exchange
  • 28. 28 Privacy Rule • Privacy Rule went into effect April 14, 2003. • Privacy refers to the protection of an individual’s health care data. • Defines how patient information is used and disclosed. • Gives patients privacy rights and more control over their own health information. • Outlines ways to safeguard Protected Health Information (PHI).
  • 29. 29 Security Rule • Security (IT) regulations went into effect April 21, 2005. • Security means controlling: • Confidentiality of electronic protected health information (ePHI). • Storage of electronic protected health information (ePHI) • Access into electronic information
  • 30. 30 Electronic Data Exchange (EDI) • Defines transfer format of electronic information between providers and payers to carry out financial or administrative activities related to health care. • Information includes coding, billing and insurance verification. • Goal of using the same formats is to ultimately make the billing process more efficient.
  • 31. 31 Why Comply With HIPAA? • To show our commitment to protecting privacy • As an employee, you are obligated to comply with Expeed Software privacy and security policies and procedures • Our patients/members are placing their trust in us to preserve the privacy of their most sensitive and personal information • Compliance is not an option, it is required. • If you choose not to follow the rules: • You could be put at risk, including personal penalties and sanctions • You could put Expeed Software at risk, including financial and reputational harm
  • 32. 32 HIPAA Regulations HIPAA Regulations require we protect our patients’ PHI in all media including, but not limited to, PHI created, stored, or transmitted in/on the following media: • Verbal Discussions (i.e., in person or on the phone) • Written on paper (i.e., chart, progress notes, encounter forms, prescriptions, x-ray orders, referral forms and explanation of benefit (EOBs) forms • Computer Applications and Systems (i.e., electronic health record (EHR), Practice Management, Lab and X- Ray • Computer Hardware/Equipment (i.e., PCs, laptops, PDAs, pagers, fax machines, servers and cell phones
  • 33. 33 Indian Cyber Security Law The Information Technology (IT) Act, of 2000, is the primary legislation dealing with cybersecurity, data protection and cybercrime. Identifying activities such as hacking, denial-of-service attacks, phishing, malware attacks, identity fraud and electronic theft as punishable offences It contains 23 chapters define all related to Cyber security. In 2021 new rules were added related to online gaming and guideline for Digital Media Ethics