Cybersecurity - Introduction and Preventive Measures
3 likes2,713 views
This document discusses cybersecurity. It begins with an introduction to cybersecurity, including its history and importance. It then covers the CIA triad of confidentiality, integrity, and availability. Several common cyber threats like DDoS attacks, backdoors, and social engineering are described. Real world examples of CIA violations through ransomware, data breaches, and the dark web are provided. The document concludes with recommendations for preventive measures at both the enterprise and individual level to enhance cybersecurity.
Cybersecurity - Introduction and Preventive Measures
- 1. CYBERSECURITY • Aditya Ratnaparkhi • Deep Talati • Akshat Vaidya • Shivam Raj • Aashay Kedar • Rushi Maniar • Ritvik Shankar • Harsh Patel GROUP 1
- 2. Introduction ● What is Cybersecurity? ○ Protecting computers ○ Access authorization ○ Relevance to IS ● History ○ Creeper and Reaper ○ First dedicated antivirus company in 1987 ○ Morris worm in 1989 ● Why Cybersecurity ○ Personal information at stake ○ Affects companies, governments, individuals ○ Lower risk in Cyber crimes
- 3. The CIA Triad ● Confidentiality ○ Preventing unauthorized disclosure of information ● Integrity ○ Validating that your data is trustworthy and accurate ● Availability ○ Ensuring data is readily available for authorized users
- 4. Cyber Threats ● DDoS (Distributed Denial of Service) ● Backdoor ● Social Engineering
- 5. Cyber Threats ● Malware ● Evil Maid ● Eavesdropping
- 6. CIA violations in Real World • WannaCry Ransomware o Backdoor – Availability Encrypted data and hackers demanded for ransom • Facebook/Google Privacy o Social Engineering – Confidentiality & Integrity Facebook let personal information of 87 million users exposed to British Analytics firm to supposedly disinform users and affect US presidential elections • GitHub o DDos – Availability Hit with most powerful DDos attack ever recorded of 1.35 terabytes per second. Github having a good cybersecurity system in place recovered in 10 minutes • Dark Web o Social Engineering - Confidentiality & Integrity Since data is not indexed or encrypted, information flow is potentially vulnerable throughout the Dark Web
- 7. Preventive measures ● Hackers are persistent ● Key to staying ahead is staying informed ● Various measures must be taken, both by Enterprises and Individuals
- 8. Enterprise level ● Identify the Threats ● Educate Employees about potential threats ● Implement Two-Factor Authentication ● Ensure a Strong Sign-Off Policy ● Insure the Company Against Cybercrime
- 9. Individual level ● Responsibly dispose your electronic devices ● Maintain backups of your data ● Regularly update your antivirus system ● Use Two/Multi-Factor Authentication ● Use encryption ● Password Management ● Discern the types WiFi networks ● Report cyber scams to FBI’s Internet Crime Complaint Center or the Federal Trade Commission
- 10. ● 2017 – 8 billion connected devices to the internet ● 2023 – 45 billion IoT devices are expected to go online ● As the IoT continually evolves and grows, the number of cyberattacks increases. ● IoT attacks has increased from about 6,000 to 50,000 in the span of one year (2016 – 2017). Rise of 600%. ● Strategies used for IoT attacks: -Identity compromise -Device vulnerability -Unprotected patches and upgrades -Man-in-the-middle Future – Cybersecurity with IoT
- 11. Strategies for protecting IoT •Because IoT is a hyper-connected, and hyper-distributed collection of resources, there are many behaviors that need to be monitored to keep connected IoT devices in check.
- 12. References ● https://www.varonis.com/blog/events-that-changed-cybersecurity/ ● https://www.google.com/amp/s/www.techly.com.au/2018/02/14/techly-explains- fascinating-evolution-cybersecurity/amp/ ● https://www.sentinelone.com/blog/history-of-cyber-security/ ● https://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability- CIA ● https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/ ● https://www.incapsula.com/web-application-security/social-engineering-attack.html ● https://en.m.wikipedia.org/wiki/Evil_maid_attack ● https://www.google.com/amp/s/www.csoonline.com/article/3237324/cyber- attacks-espionage/what-is-a-cyber-attack-recent-examples-show-disturbing- trends.amp.html ● https://www.cio.com/article/2432981/risk-management/building-an-enterprise- security-program-in-ten-simple-steps.html
Editor's Notes
- #4: Bank account statements, personal information, credit card numbers, trade secrets, government documents are some examples of sensitive information. Corrupted or manipulated. human error or intentional tampering, banks are more concerned about the integrity of financial records Information can be erased or become inaccessible.