SlideShare a Scribd company logo

Lecture 3 security threats in data analysis.pptx

Download as PPTX, PDF
C
chesenybrian2022

Data Analysis, data threat

Data & Analytics
1 of 25
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Security threats and mitigation • - definition of cybersecurity terms • Attacks on various e-learning platforms • Protection mechanisms against attacks • Channels of reporting cybersecurity attacks • Attack statistics in kenya • Mitigation strategies – KE-CIRT/CC
Definition of terms • Threat: a threat is any potential danger to information or systems • Threat agent: is the person or process attacking the network through a vulnerable port or firewall, or a process used to access data in a way that violates your security policy • Vulnerability: is a software, hardware or procedural weakness that my provide an attacker or threat agent with an opportunity to enter a computer or network and gain unauthorized access to resources within the environment • Risk: is the likelihood of a threat agent taking advantage of a vulnerability. It is the potential for loss or the probability that a threat will exploit a vulnerability. • Exposure: An exposure occurs when a threat agent exposes a company asset to potential loss. A vulnerability can cause an organization to be exposed to possible damages.
Threats to data and information • Spyware • Malware • Phishing • Data breaches • Computer viruses
spyware • Also known as adware, is a software that reacks a users browsing history. Their purpose is to invade privacy • Mitiagation measure: do not allow permission to websites to track data. Also install firewalls as a precautionally measure. A firewall is a hardware or software that filters information exchanged between two networks. Most operating systems have a firewall feature. • If a spyware invades your system, it is not only harmful for your system, but it can also track your passwords, addresses, names and other confidential information
malware • Malware(malicious software) are programs that may affect the running of a system or perform illegal activities such as secretly collecting sensitive information from unknowing users. Some of the common types of malicious programs include: Boot sector viruses, file viruses, hoax viruses, trojan horse, worms, etc
Measures against viruses • Install the latest versions of antivirus software on the computers. Also ensure that you continously update the anti-virus software with new virus definitions to counter new viruses • Always scan removable storage media for viruses before using them • Scan attachments for viruses before opening or downloading an attachment. Links that you receive via email usually carry malware to infect your system or data
Phising/smishing • Phishing is a social breach that comes through instant messages and email. Usually, you are made to click on links that try to gain access to your personal data or information. • Sensitive information can be kept safe from phishing if users avoid opening links from people they do not know.
Data breaches • Data breaching is when the safety and infromation stored in the system have been compromised. When unauthorized people have access to data, systems and networks, they can view secured data that is kept hidden, it is called a data breach. It happens only when vulnerable points in the system or unuathorized persons have taken control to your system unethically with malicious intentions.
How to protect data from breaches • Downloard registered software (genuine and legitimate software) • Update software when they get old.newer versions have more security features • Encypt your data, so that even if it is stolen, it can not be accessed • Use strong passwords and credentials for all your online accounts. Avoid common passwords or based on your visible information(birth date, child, pet name, etc) • Change your passwords regularly and make sure they are strong and not easy to guess. • Set up two factor/multi-factor authentication on every account that allows it
2 factor/multi factor authentication • Addition of another layer of protection to prevent fraud, account or identity theft. Identification process consists of two steps: • Identification: climing identity (user name, mobile no, ID, email,etc) • Authentication: backing up identity by using two of the following factors Something you know: password, PIN, verification question Something you are: fingerprint, face recognition, iris Something you have:phone, smart card, etc
Protecting office devices • Always lock your devices with a strong password, PIN, pattern lock, biometric means • Make sure your computer and mobile devices have regular and often backups. In addition save backups often on offline means (hard disk/ cloud) • Make sure that you have an automatic update for your operating system, software and browser • Avoid connecting external devices from unknown sources. Use only your own fixed device, which is approved and provided by your organization/institution • When leaving the office or at the end of the workday, remember to logout from your digital accounts and lock your computer.
Using external storage devices • Usage of external storage devices can allow an attacker to access devices data and even use the computer as a potential gateway into the organization. Avoid connecting external devices(CD, USB devices, mobile phones) from unkown sources. Use external storage devices:  Only if necessary and with permission of an authorized factor in the organization  After examination or “whitening” process  From reliable or permanent external media
Protecting emails • It is important to have two separate accounts: personal and organizational • Don’t click on links or open suspicious attachments from an unknown or even a known source • Be suspicious of emails that require an immediate/ urgent action. If necessary, contact the sender through alternative means (phone call) • Avoid sending corporate or sensitive information to an out-of-network email box. If necessary, use email encryption solutions • When sending an attachment email, make sure the attachment is indeed what you intended to send • Take not of the sender’s address, it could be an impersonator e.g. paypal.com or paypa1.com. • When mailing to a widespread mailing list, prefer to add all receipients In a hidden copy (BCC) • Do not forward/send usernames and passwords by e-mail or by any public channel • If you already clicked on a link/attachment you received – do not delete the message so that it can be investigated.
Safe internet use • Note that the URL starts with https (s for secure) and a closed lock icon appears next to it, which signifies that it is a secure site. • notice whether the site is unprofessionally designed, contains misspellings or poor linguistic wording, contains too many links or is characterized by multiple advertisements • Check if the website name matches its content and whether the website extension is strange/suspicious • If the site does not include “contact us”/”about us”/”privacy policy” – is a suspicious sign • In any case of concern or suspicion – avoid entering personal or bank details information on the website.
Report an unusual event • When there is a certain or suspected information security breach • When there is an identification or suspicion of an operational malfunction, which could cause information security breaches • When there is identification or suspicion of a suspicious action by a colleage or opponent • When an organization computer/ end-point or personal mobile which can be used to enter the corporate email –are stolen • The presence of a suspected or unauthorized party in the organization’s premises.
Summary of measures against data breaches:firewall • A firewall is a device or software that filters the data and information exchanged between different networks by enforcing the networks access control policy. The main purpose of a firewall is to monitor and control access to or from protected networks resource • People who do not have permission can not access the network and those within can not access firewall restricted sites outside their network
Channels of reporting cybersecurity attacks • In Kenya, you can report cybercrime to the National Kenya Computer Incident Response Team Coordination Centre (KE-CIRT/CC), • the Directorate of Criminal Investigations (DCI), • the Communications Authority of Kenya (CA).
KE-CIRT/CC • IS a multi-agency framework that coordinates response to cyber security matters at the national level • The agency detects, prevents and responds to various cyber threats targeted at the country and acts as the interface between local and international ICT service providers.
Data encryption • Data on transit over a network faces dangers of being tapped, listened to or copied to unauthorized destinations. Such data can be protected by scrambling it into a form that only authorized sender and reciever can read it. This process is called encryption. • There exist several algorithms for encryption of data. • Two keys are normally used (encryption key an decryption key)
Security monitors • Security monitors are hardware or programs that monitor and keep track of all the activities performed using computer systems.
Global cyber threat landscape overview • Malware • Mobile malware • Phishing and social engineering • System attacks • DDoS attacks
Total cyber threats detected in kenya between july and sept 2024 – 657,843,715 • System attacks – 583, 696 ,090 • Brute force attacks – 38,135,186 • Malware attacks -33, 894,268 • DDoS attacks – 1,826,259 • Web application attacks – 174,251 • Mobile application attacks – 117,661 The cyber attack vector trend in kenya shows that system attacks were most prevalent while mobile application attacks were least prevalent
Top targeted systems • End – user devices • Internet of things (IoTs) • Web applications • Networking devices
Top targeted industries • Internet service providers • Cloud service providers • Government ministries • Academia/education
Mitigation strategies against attacks – KE- CIRT/CC • Security by design: include security during development of software • Deployment of domain protection tools such as Domain-based message authentication reporting and spam filters • Upgrading end-of-life products • Application of relevant patches and updates as provided • Disconnect devices from the network if not in use • Update software to the latest version • Download applications from trusted sources • Check application permissions • Implementing firewalls and intrusion detection systems • Use of strong passwords and multi-factor authentication

More Related Content

PPTX
BCE L-3omputer security Basics.pptx
Kirti Verma
 
PPTX
Information security
Shanthamallachar D B
 
PPTX
InformationSecurity
learnt
 
PPTX
attack vectors by chimwemwe.pptx
JenetSilence
 
PDF
Information Security Awareness Training
Randy Bowman
 
PPTX
INFORMATION SECURITY SYSTEM
ANAND MURALI
 
PPTX
Computer Security.pptx
MeesanRaza
 
PPTX
Cyber security detailed ppt and understand
docpain605501
 
BCE L-3omputer security Basics.pptx
Kirti Verma
 
Information security
Shanthamallachar D B
 
InformationSecurity
learnt
 
attack vectors by chimwemwe.pptx
JenetSilence
 
Information Security Awareness Training
Randy Bowman
 
INFORMATION SECURITY SYSTEM
ANAND MURALI
 
Computer Security.pptx
MeesanRaza
 
Cyber security detailed ppt and understand
docpain605501
 

Similar to Lecture 3 security threats in data analysis.pptx (20)

PPTX
Lecture 6 Cybersecurity-Basics and .pptx
akatsesena2003
 
PPTX
Chapter 13
bodo-con
 
PPT
Information security and other issues
Haseeb Ahmed Awan
 
PPTX
Back to school - CYBER SAFETY
Sairam
 
PPTX
Cyber Security and data Security for all.pptx
RajagopalKeshavan
 
PPTX
Chapter 5 - Digital Security, Ethics, Privacy.pptx
FannyKwok1
 
PDF
Lecture 7---Security (1).pdf
ZeeshanMajeed15
 
PPTX
Cyber security
ZwebaButt
 
PDF
Lecture 01 Information Security BS computer Science
maqib8373
 
PPTX
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
PPTX
Personal Threat Models
Geoffrey Vaughan
 
PPTX
Lecture 5.1.pptx
Dibyesh1
 
PPT
Chapter1 intro network_security_sunorganised
Bule Hora University
 
PPTX
securitya wareness dont miss it .pptx
dtsdcom
 
PPTX
Lec 1- Intro to cyber security and recommendations
BilalMehmood44
 
PPTX
Ch15 power point
bodo-con
 
PPTX
COMPUTER APPLICATIONS Module 4.pptx
Arti Parab Academics
 
PPTX
Management Information Systems ( Security and Control.pptx
NamugenyiBetty
 
PPTX
Information security / Cyber Security ppt
Gryffin EJ
 
PPTX
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
David Menken
 
Lecture 6 Cybersecurity-Basics and .pptx
akatsesena2003
 
Chapter 13
bodo-con
 
Information security and other issues
Haseeb Ahmed Awan
 
Back to school - CYBER SAFETY
Sairam
 
Cyber Security and data Security for all.pptx
RajagopalKeshavan
 
Chapter 5 - Digital Security, Ethics, Privacy.pptx
FannyKwok1
 
Lecture 7---Security (1).pdf
ZeeshanMajeed15
 
Cyber security
ZwebaButt
 
Lecture 01 Information Security BS computer Science
maqib8373
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
Personal Threat Models
Geoffrey Vaughan
 
Lecture 5.1.pptx
Dibyesh1
 
Chapter1 intro network_security_sunorganised
Bule Hora University
 
securitya wareness dont miss it .pptx
dtsdcom
 
Lec 1- Intro to cyber security and recommendations
BilalMehmood44
 
Ch15 power point
bodo-con
 
COMPUTER APPLICATIONS Module 4.pptx
Arti Parab Academics
 
Management Information Systems ( Security and Control.pptx
NamugenyiBetty
 
Information security / Cyber Security ppt
Gryffin EJ
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
David Menken
 
Ad

Recently uploaded (20)

PPTX
Business Acumen Training GuidePresentation.pptx
stephvshelton19
 
PPTX
Introduction to Firewall Analytics - Interfirewall and Transfirewall.pptx
kuthubussaman1
 
PDF
168300704-gasification-ppt.pdfhghhhsjsjhsuxush
sriram270905
 
PPT
Chapter 2 METAL FORMINGhhhhhhhjjjjmmmmmmmmm
JanakiRaman206018
 
PPTX
MODULE 8 - DISASTER risk PREPAREDNESS.pptx
AceAquino4
 
PPTX
Major-Components-ofNKJNNKNKNKNKronment.pptx
dushyantsharma1221
 
PPTX
Acceptance and paychological effects of mandatory extra coach I classes.pptx
ZaheerAhmad228692
 
PPTX
Global journeys: estimating international migration
Office for National Statistics
 
PPTX
05. PRACTICAL GUIDE TO MICROSOFT EXCEL.pptx
macomputermacomputer
 
PPTX
ALIMENTARY AND BILIARY CONDITIONS 3-1.pptx
chepkoitcheruiyot
 
PPTX
STUDY DESIGN details- Lt Col Maksud (21).pptx
AyeshaAsha11
 
PDF
"Python Programming for Geospatial Data Science." ...
institute of Geoinformatics and Earth Observation at PMAS ARID Agriculture University of Rawalpindi
 
PPTX
Moving the Public Sector (Government) to a Digital Adoption
PaulYoung221210
 
PDF
TRAFFIC-MANAGEMENT-AND-ACCIDENT-INVESTIGATION-WITH-DRIVING-PDF-FILE.pdf
chouziyu14
 
PPT
Reliability_Chapter_ presentation 1221.5784
abobaker13
 
PDF
.pdf is not working space design for the following data for the following dat...
jerinjoy242
 
PPTX
CEE 2 REPORT G7.pptxbdbshjdgsgjgsjfiuhsd
hildogavino28
 
PPTX
advance b rammar.pptxfdgdfgdfsgdfgsdgfdfgdfgsdfgdfgdfg
rohullahansari5
 
PDF
Introduction to Business Data Analytics.
jamalmumthaj
 
PDF
Foundation of Data Science unit number two notes
sanguleumeshit
 
Business Acumen Training GuidePresentation.pptx
stephvshelton19
 
Introduction to Firewall Analytics - Interfirewall and Transfirewall.pptx
kuthubussaman1
 
168300704-gasification-ppt.pdfhghhhsjsjhsuxush
sriram270905
 
Chapter 2 METAL FORMINGhhhhhhhjjjjmmmmmmmmm
JanakiRaman206018
 
MODULE 8 - DISASTER risk PREPAREDNESS.pptx
AceAquino4
 
Major-Components-ofNKJNNKNKNKNKronment.pptx
dushyantsharma1221
 
Acceptance and paychological effects of mandatory extra coach I classes.pptx
ZaheerAhmad228692
 
Global journeys: estimating international migration
Office for National Statistics
 
05. PRACTICAL GUIDE TO MICROSOFT EXCEL.pptx
macomputermacomputer
 
ALIMENTARY AND BILIARY CONDITIONS 3-1.pptx
chepkoitcheruiyot
 
STUDY DESIGN details- Lt Col Maksud (21).pptx
AyeshaAsha11
 
"Python Programming for Geospatial Data Science." ...
institute of Geoinformatics and Earth Observation at PMAS ARID Agriculture University of Rawalpindi
 
Moving the Public Sector (Government) to a Digital Adoption
PaulYoung221210
 
TRAFFIC-MANAGEMENT-AND-ACCIDENT-INVESTIGATION-WITH-DRIVING-PDF-FILE.pdf
chouziyu14
 
Reliability_Chapter_ presentation 1221.5784
abobaker13
 
.pdf is not working space design for the following data for the following dat...
jerinjoy242
 
CEE 2 REPORT G7.pptxbdbshjdgsgjgsjfiuhsd
hildogavino28
 
advance b rammar.pptxfdgdfgdfsgdfgsdgfdfgdfgsdfgdfgdfg
rohullahansari5
 
Introduction to Business Data Analytics.
jamalmumthaj
 
Foundation of Data Science unit number two notes
sanguleumeshit
 
Ad

Lecture 3 security threats in data analysis.pptx

  • 1. Security threats and mitigation • - definition of cybersecurity terms • Attacks on various e-learning platforms • Protection mechanisms against attacks • Channels of reporting cybersecurity attacks • Attack statistics in kenya • Mitigation strategies – KE-CIRT/CC
  • 2. Definition of terms • Threat: a threat is any potential danger to information or systems • Threat agent: is the person or process attacking the network through a vulnerable port or firewall, or a process used to access data in a way that violates your security policy • Vulnerability: is a software, hardware or procedural weakness that my provide an attacker or threat agent with an opportunity to enter a computer or network and gain unauthorized access to resources within the environment • Risk: is the likelihood of a threat agent taking advantage of a vulnerability. It is the potential for loss or the probability that a threat will exploit a vulnerability. • Exposure: An exposure occurs when a threat agent exposes a company asset to potential loss. A vulnerability can cause an organization to be exposed to possible damages.
  • 3. Threats to data and information • Spyware • Malware • Phishing • Data breaches • Computer viruses
  • 4. spyware • Also known as adware, is a software that reacks a users browsing history. Their purpose is to invade privacy • Mitiagation measure: do not allow permission to websites to track data. Also install firewalls as a precautionally measure. A firewall is a hardware or software that filters information exchanged between two networks. Most operating systems have a firewall feature. • If a spyware invades your system, it is not only harmful for your system, but it can also track your passwords, addresses, names and other confidential information
  • 5. malware • Malware(malicious software) are programs that may affect the running of a system or perform illegal activities such as secretly collecting sensitive information from unknowing users. Some of the common types of malicious programs include: Boot sector viruses, file viruses, hoax viruses, trojan horse, worms, etc
  • 6. Measures against viruses • Install the latest versions of antivirus software on the computers. Also ensure that you continously update the anti-virus software with new virus definitions to counter new viruses • Always scan removable storage media for viruses before using them • Scan attachments for viruses before opening or downloading an attachment. Links that you receive via email usually carry malware to infect your system or data
  • 7. Phising/smishing • Phishing is a social breach that comes through instant messages and email. Usually, you are made to click on links that try to gain access to your personal data or information. • Sensitive information can be kept safe from phishing if users avoid opening links from people they do not know.
  • 8. Data breaches • Data breaching is when the safety and infromation stored in the system have been compromised. When unauthorized people have access to data, systems and networks, they can view secured data that is kept hidden, it is called a data breach. It happens only when vulnerable points in the system or unuathorized persons have taken control to your system unethically with malicious intentions.
  • 9. How to protect data from breaches • Downloard registered software (genuine and legitimate software) • Update software when they get old.newer versions have more security features • Encypt your data, so that even if it is stolen, it can not be accessed • Use strong passwords and credentials for all your online accounts. Avoid common passwords or based on your visible information(birth date, child, pet name, etc) • Change your passwords regularly and make sure they are strong and not easy to guess. • Set up two factor/multi-factor authentication on every account that allows it
  • 10. 2 factor/multi factor authentication • Addition of another layer of protection to prevent fraud, account or identity theft. Identification process consists of two steps: • Identification: climing identity (user name, mobile no, ID, email,etc) • Authentication: backing up identity by using two of the following factors Something you know: password, PIN, verification question Something you are: fingerprint, face recognition, iris Something you have:phone, smart card, etc
  • 11. Protecting office devices • Always lock your devices with a strong password, PIN, pattern lock, biometric means • Make sure your computer and mobile devices have regular and often backups. In addition save backups often on offline means (hard disk/ cloud) • Make sure that you have an automatic update for your operating system, software and browser • Avoid connecting external devices from unknown sources. Use only your own fixed device, which is approved and provided by your organization/institution • When leaving the office or at the end of the workday, remember to logout from your digital accounts and lock your computer.
  • 12. Using external storage devices • Usage of external storage devices can allow an attacker to access devices data and even use the computer as a potential gateway into the organization. Avoid connecting external devices(CD, USB devices, mobile phones) from unkown sources. Use external storage devices:  Only if necessary and with permission of an authorized factor in the organization  After examination or “whitening” process  From reliable or permanent external media
  • 13. Protecting emails • It is important to have two separate accounts: personal and organizational • Don’t click on links or open suspicious attachments from an unknown or even a known source • Be suspicious of emails that require an immediate/ urgent action. If necessary, contact the sender through alternative means (phone call) • Avoid sending corporate or sensitive information to an out-of-network email box. If necessary, use email encryption solutions • When sending an attachment email, make sure the attachment is indeed what you intended to send • Take not of the sender’s address, it could be an impersonator e.g. paypal.com or paypa1.com. • When mailing to a widespread mailing list, prefer to add all receipients In a hidden copy (BCC) • Do not forward/send usernames and passwords by e-mail or by any public channel • If you already clicked on a link/attachment you received – do not delete the message so that it can be investigated.
  • 14. Safe internet use • Note that the URL starts with https (s for secure) and a closed lock icon appears next to it, which signifies that it is a secure site. • notice whether the site is unprofessionally designed, contains misspellings or poor linguistic wording, contains too many links or is characterized by multiple advertisements • Check if the website name matches its content and whether the website extension is strange/suspicious • If the site does not include “contact us”/”about us”/”privacy policy” – is a suspicious sign • In any case of concern or suspicion – avoid entering personal or bank details information on the website.
  • 15. Report an unusual event • When there is a certain or suspected information security breach • When there is an identification or suspicion of an operational malfunction, which could cause information security breaches • When there is identification or suspicion of a suspicious action by a colleage or opponent • When an organization computer/ end-point or personal mobile which can be used to enter the corporate email –are stolen • The presence of a suspected or unauthorized party in the organization’s premises.
  • 16. Summary of measures against data breaches:firewall • A firewall is a device or software that filters the data and information exchanged between different networks by enforcing the networks access control policy. The main purpose of a firewall is to monitor and control access to or from protected networks resource • People who do not have permission can not access the network and those within can not access firewall restricted sites outside their network
  • 17. Channels of reporting cybersecurity attacks • In Kenya, you can report cybercrime to the National Kenya Computer Incident Response Team Coordination Centre (KE-CIRT/CC), • the Directorate of Criminal Investigations (DCI), • the Communications Authority of Kenya (CA).
  • 18. KE-CIRT/CC • IS a multi-agency framework that coordinates response to cyber security matters at the national level • The agency detects, prevents and responds to various cyber threats targeted at the country and acts as the interface between local and international ICT service providers.
  • 19. Data encryption • Data on transit over a network faces dangers of being tapped, listened to or copied to unauthorized destinations. Such data can be protected by scrambling it into a form that only authorized sender and reciever can read it. This process is called encryption. • There exist several algorithms for encryption of data. • Two keys are normally used (encryption key an decryption key)
  • 20. Security monitors • Security monitors are hardware or programs that monitor and keep track of all the activities performed using computer systems.
  • 21. Global cyber threat landscape overview • Malware • Mobile malware • Phishing and social engineering • System attacks • DDoS attacks
  • 22. Total cyber threats detected in kenya between july and sept 2024 – 657,843,715 • System attacks – 583, 696 ,090 • Brute force attacks – 38,135,186 • Malware attacks -33, 894,268 • DDoS attacks – 1,826,259 • Web application attacks – 174,251 • Mobile application attacks – 117,661 The cyber attack vector trend in kenya shows that system attacks were most prevalent while mobile application attacks were least prevalent
  • 23. Top targeted systems • End – user devices • Internet of things (IoTs) • Web applications • Networking devices
  • 24. Top targeted industries • Internet service providers • Cloud service providers • Government ministries • Academia/education
  • 25. Mitigation strategies against attacks – KE- CIRT/CC • Security by design: include security during development of software • Deployment of domain protection tools such as Domain-based message authentication reporting and spam filters • Upgrading end-of-life products • Application of relevant patches and updates as provided • Disconnect devices from the network if not in use • Update software to the latest version • Download applications from trusted sources • Check application permissions • Implementing firewalls and intrusion detection systems • Use of strong passwords and multi-factor authentication