Cyber Security PPT.pptx
- 2. Introduction • Since the 1970s, computer usage starts to grow and reaches every aspect commercially and personally. • Despite their handiness, computers are also prone to several threats. • IBM and other early computer companies have already provided security software products since the seventies. • As the computer and digital media development, the threats also get developed. • To counteract them, people nowadays are creating protection called Cyber Security.
- 3. • The term refers to a protection system for computers and networks from theft, damage, disruption, illegal changing, or information disclosure taken from the electronic data, software, or hardware. • The definition might seem simple, but in reality, the varied and enhanced technologies like smartphones, websites, televisions, Internet of Things (IoT) require a complicated cyber security system.
- 4. Cyber Security’s elements • Based on the function and media, cyber security system covers these types of security: Data security: In every single network, hardware, and software, there must be data provided by the owners, clients, or even the third party. Data security protects by giving limited access only to the authorized ones to prevent any data theft. Application security: This type of security should be developed from the design stage of the program. Continuous updates of the apps should include the security system, so new threats could be detected early. Mobile security: Mobiles including tablets and cell phones are also prone to threats that could come from wire/devices like USB and wireless like Bluetooth and the internet. Network security: By connecting people, networks have a bigger possibility of getting intrusion and attacks. The admin/host is also a part of the security system.
- 5. (Continued) Endpoint security: Users and entry points (users’ devices) are most likely to get malicious threats from a virus such as Malware. The form of security could be anti-virus software, but the best one is the education for users to carefully plug in USBs, responding to suspicious links and more. Cloud security: Cloud is a digital data storage that enables users to store and download data. Although the storage companies also run their cyber security system, the users also need to be careful in managing their cloud account there have been many data thefts due to reckless Cloud account usage. Database and Infrastructure security: Not only the digital software but the hardware could also be stolen. The security system should cover digitally and physically. Business continuity and disaster recovery: Unexpected incidents might cause data loss. The owners should design a system to recover the loss or at least to back up the data. Another way is designing Business Continuity which is a plan to run the business with some missing resources/data.
- 6. Why is Cyber Security important? • As mentioned before, cyber threats could bring any damages to the data, hardware/software, and reputation. Further problems such as data abuse and data leaking are likely to happen. On the contrary, all types of data including intellectual property, non-public personal information (NPI), and non-public corporate information are sensitive information that must be protected. • There have been creative ways of stealing sensitive information and simple protections like anti-virus app is not enough to prevent the threats. Hence governments in several countries participate in making regulations related to cyber security. An example is General Data Protection Regulation (GDPR) in European Union. Many other countries are also taking legal stances regarding cyber matters. • Unfortunately, some cases of data leaking also come from the governmental body. Hence, the stakeholders and individuals need to be wise in managing the data. Especially the institutions, the cyber security system must be designed carefully to prevent any threats including data leaking intentionally or unintentionally.
- 7. CYBER THREATS • Digital threats are categorized into three types that are cybercrime, cyber-attack, and cyber-terrorism. Cybercrime is organized by a person or a group targeting financial profit or disruption. Cyber-attack is mostly driven by political motives and cyber terrorism is mostly done in massive act to cause certain fear. To make those threats happen, cybercriminals usually use these methods. Some of these threats are given in the next slide.
- 8. Cyber Threats Methods • Phishing: the most frequent threat might be phishing. It is an illegal act to steal one’s private data by sending them a link that redirects to fake sites or forms requiring users’ personal information. • Malware: acronym of Malicious Software, Malware enables attackers or hackers to have access to the installed device. • SQL Injection: it stands for Structured Query Language. Just like its name, SQL is a code injected into an entry field that exploits the security vulnerability. • Backdoor: similar to the name, the backdoor is a technique to access a program by passing the ‘main’ normal authentication. It is usually inserted by program developers or hackers, and it is hard to detect. • Denial-of-service attack: this attack employs ‘denial’ by the system by submitting the wrong password or overloading a network/machine’s capabilities to make the service unavailable. Another example is zombie computers. • Direct-access attack: contrary to a denial-of-service attack, the direct-access attack is done by installing keyloggers, worms, a wireless mic, or covert listening devices to make operating system modifications for direct access to the original one. • Spoofing: it is a masquerade act that comes from data falsification. Examples include biometric spoofing, IP address spoofing, and email spoofing.
- 9. Tips on building your Cyber Security After knowing all possible threats, now is the best time to build your cyber security system. To start, here are a few tips that you can follow. • Avoid any suspicious emails, chats, texts, or links from unknown senders. Especially if they ask you to input your particular data. • Regularly update pins or passwords with unique and strong ones. This could block access to the hackers that are currently logging into your account. • Never use public and unsecured Wi-Fi. People could break into your device using a wireless connection. • Have a secure backup. • Use cyber security technologies such as Identity and Access Management (IAM), Security information and event management (SIEM), and data security platform. • Educate and check the staff to minimize the insider threat. • Try Third-Party Risk Management (TRPM). • Employ IT professionals that could detect any possible threats or protect from any hackers’ attacks.
- 10. (Continued) • Choose cyber security strategy at least choose some software protection like anti-virus or others. • Use multi-factor authentication as it is harder to get broken down. • Do not recklessly log in to various devices. • Prepare for the worst by making secondary plans in case there is data/resource loss.
- 11. Thank You!