Cyber Security - Checks & Controls

Blog for Information Technology, Information Security and Digital Marketing Enthusiasts.

Wednesday, June 10, 2020

Cyber Security

Dear Visitor, Greetings of the day.


Today we will learn about Cyber security, Cyber Security elements , Types of cyber-attacks  and the importance of cyber security.

cyber security


What is  cyber security

Definition – In simple words this is a type of security used for systems connected to the Internet. It also works to protect hardware, software and data from cybercrime.

Both cyber security and security forces are kept protecting the data so that the data is not stolen in any way and all the documents and files are safe. Great computer specialists and IT trained people are able to do this kind of work.

Cyber ​​security elements

Application Security

Information Security

network security

Emergency protection

Operational safety

End User Education

Data security

Mobile Security

Cloud Protection

Many times, the danger in cyber security is because the network connection and the Internet is changing the world at a very rapid rate, due to which security has become very important.

The administration is adopting several methods to deal with such activities. Strong capital is being used by many countries for cyber security so that the personal data of those countries is not leaked and all the information is protected.

In 2017, in one cyber security survey its estimated that information security expenditures across the world had risen to 83.4 billion and had increased nearly 7% since 2016. In the coming time, by the end of 2020, expenditure on its product and service will be up to 150 billion.

Types of cyber security attacks

Due to changing technology, our security and intelligence has become very challenging for us. However, to avoid cyberbullying, we need to keep our information secure.

 Ransomware - This is a type of virus used by criminals to attack people's computers and systems. This causes a lot of damage to files lying on the computer. Then the criminal takes bribe from whichever computer or system is malfunctioned in this way and then leaves his system.

Malware - It damages any file or program of computer such as computer virus, worm, trojan etc.
malware

Social engineering - This is a kind of attack that depends on human interaction. So that people can be tricked into the web with cleverness and their personal data, password etc. can be removed from them. Because of this also people are in great danger, so whoever you talk to, do it very carefully.
Phishing - This is a type of fraud in which emails containing fraud are sent to people so that they feel that this mail has come from a good organization. The purpose of such mail is to steal the necessary data such as credit card information or login information.


Advantages of cyber security

Cyber ​​security is necessary because the government, military, corporate, financial and medical institutions collect a lot of data and keep that data in their systems, computers and other devices. Some part of this data can also be very important, due to which theft can have a profound effect on one's personal life and it can cause all the soil of that institution to be silted.

With the help of cyber security, this data is kept secure so that this data cannot be captured by anyone else. As the data grows, we need good and effective cyber security products and services.

With the help of cyber security, we can avoid cyber-attack, data theft and thieves threats. Whenever an organization has the security of a good network and there are ways to avoid any kind of difficulty, all this work is possible only with the help of cyber security products and services. For example, many types of antivirus etc. protect us from virus attacks.

Cyber ​​security is a continuous process because of the risk. Security systems are constantly updated to check and control the increasing volume and complexity of cyber-attacks.

In the coming years, there will be even more advanced cyber-attacks using new technologies and intentions. Dark Web, the availability of ransomware and malware on the Dark Web will increase dramatically. It will not allow anyone, no matter how much technical knowledge they have, to launch a cyber-attack easily and quickly.

Nevertheless, due to the damage caused by cyber-attacks in the past, there is now a greater awareness of cyber-attacks and better cyber security measures are also needed among all types of organizations.

With the now applicable EU GDPR (General Data Protection Regulations), organizations may face fines of up to 20 million euros or 4% of annual global turnover for certain violations. There are also non-financial costs to consider, such as reputational damage and loss of customer confidence.

Cyber-attacks have become more sophisticated with attackers using ever-increasing tactics to exploit weaknesses in social engineering, malware and ransomware (as was the case with Petya, WannaCry and Crypto-Locker).

Three pillars of cyber security [PPT]

1  People:
     Every employee and stakeholders should be aware of their role in preventing and mitigating cyber threats, and specialized technical cyber security employees need to be fully prepared with the latest skills and qualifications to mitigate and respond to cyber-attacks is.

2 Processes:

Processes are important in defining how organization activities, roles, and documentation are used to reduce the risks of organization information. Cyber ​​threats change quickly, so processes need to be constantly reviewed to be able to adapt with them.

3 Technology:

By identifying the cyber risks that your organization faces, you can then begin to see which place to control, and what technologies you will need for this. Technology can be deployed to prevent or mitigate the effects of cyber risks, which depend on your risk assessment and your acceptable level of risk.





Cyber security needs more women role models

Information and cyber security assurance body Crest has highlighted a number of actions needed to improve gender diversity in cyber security, including more outreach into schools, dedicated career mentoring for women entering the sector and changes to recruitment practices.

Borne out of research undertaken at a recent gender diversity workshop organised by the non-profit group, alongside polling of its accredited members, Crest’s report, Exploring the gender gap in cyber security, found that while awareness of gender diversity was improving in security, there was still more work that could be reasonably undertaken to make an even greater difference.

Polls taken across two workshop events held during the summer of 2019 found that only 14% of attendees thought that not enough was being done to close the gender gap, but 86% believed that the progress that has been made was not enough.

The study also revealed that 59% of women in security said their experience in the industry was “mixed”, in that they had received some support but, equally, obstacles and challenges arose specifically because they are women.

“It is encouraging that as an industry we are making progress, but there is a lot more to do and improving the visibility of female role models will allow us to challenge the perception of the cyber security industry,” said Crest president Ian Glover.

The main priorities for change identified at the workshops were encouraging girls and young women to study computer science; improving visibility of women role models in security; challenging the perception that security is a gender-specific role; and industry-wide mentoring and coaching for women embarking on careers in the sector.

The report said that senior security leaders could and should shoulder more of the legwork in approaching schools and colleges, to help address a lack of interest in Stem subjects. This could be coupled with better promotion of established initiatives, such as the National Cyber Security Centre’s (NCSC’s) Cyber-First Girls contest.

Crest’s report also pointed to issues with current recruitment practices, and said change is needed in how security jobs are described and “sold” to women, right down to the language used in ads, and even candidate requirements.

Many of those present at its workshops said that the inclusion of training options in job adverts could encourage more women to apply, as would the introduction of flexible working hours, maternity policies that go above and beyond the bare minimum, and support for women going back to work after a career break.

Crest also found demand for an industry-wide mentoring and coaching scheme for women, creating a community, and helping people grow and develop in their careers.

 “Schools hold the key and we need to help them to encourage more girls into the industry. Furthermore, the mentoring scheme would give a platform on which role models can help to coach and guide others, which in turn will help to challenge the perception of gender as it relates to the industry,” said Glover.

security