What is Cyber Security?
A Textbook Definition would be:
“Protection of internet connected systems, including hardware, software and data from unauthorized access”. The unauthorized access may compromise one or more of the following.
- Integrity of data or information stored
- Availability of service e.g. where you can’t access a website etc.
The First Ever Cyber Attack: Creeper
IT was written by Robert Thomas without a malicious intent. The virus was designed for an experiment on the Tenex operating system. The virus was intended to replicate itself and display “ Catch me if you can”; instead the virus would remove itself from the machine and travel to the next tenex system.
Cyber Threat Statistics
- Cybercrime damage to hit $6 Trillion by 2021
- Average cost of data breach: $3.86 million
- 48% of the business in U.K identified atleast one cyber attack monthly
- 74% of the breaches in Q1 2019 are due to passwords being exposed in public
- 56% of the cyber breaches took one month to discover
Roles and Functions in Cyber Security
Designations and Career Path in Cyber Security:
Based on which function you choose to pursue in cyber security, following is a brief picture of various designations available. However, it also designations might overlap depending on the size of the organization.
|Function||Entry- Level||Mid-Level||Senior -Level|
|Operate||Cyber security specialist||Cyber security Analyst||Cyber Security Manager|
|Operate||Incident analyst||Penetration Tester||Cyber Security Engineer| Architect|
|Pay by Experience level for a Cyber Security Analyst|
|Experience||Salary per annum (INR)|
|0-2 Years||4-6 Lacs|
|3-7 Years||7-10 Lacs|
|8-12 years||11-17 Lacs|
|12-15 Years||20 Lacs|
- Basic Security Framework
- Types of Security Attacks
- Types of hackers
Cyber security as opposed to popular belief is more than hacking, its encompasses the following three aspects:
- People: This is as simple as using a strong password with numeric, special characters and not related to the user name. How many times do people keep passwords as : Password@1234 or rajnish@121. This is where the maximum mistakes happen, hence awareness and best practices used by people is of critical importance for a strong cyber security preparedness.
- Process: According to a report 43% of the cyber breaches happened with small business. The data is not surprising, since these small businesses will lack process in three fronts: Monitoring, Respond, Mitigate. A simple process flaw could be as simple as deactivation of company email ID’s after the employee has exited, a two days delay could damage big data losses for the company.
Technology: Given that people and process are in place, technology can aid in leveling up the cyber defense for an organization. Some of the technology includes Firewalls, DNS Filtering, malware protection, antivirus software and email security
Types of Cyber Attack
Malware is a term used to describe malicious software, including spyware, ransomware, viruses, and worms.
Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that then installs risky software
Once inside the system, malware can do the following:
- Access to key components of the network (ransomware)
- Installs malware or additional harmful software covertly obtains information by transmitting data from the hard drive (spyware)
- Disrupts certain components and renders the system inoperable
Practice of sending fraudulent communications that appear to come from a reputable source, usually through email. The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing is an increasingly common cyberthreat.
Man in the Middle
Also known as eavesdropping attacks, they occur when attackers insert themselves into a two- party transaction. Once the attackers interrupt the traffic, they can filter and steal data.
A denial-of-service attack floods systems, servers, or networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests. Attackers can also use multiple compromised devices to launch this attack. This is known as a distributed-denial-of-service (DDoS) attack
Zero Day Exploit
A zero-day exploit hits after a network vulnerability is announced but before a patch or solution is implemented. Attackers target the disclosed vulnerability during this window of time. Zero-day vulnerability threat detection requires constant awareness.
Types of Hackers
Cyber Security Process
To put it in a simple analogy, consider the Covid situation. You need a overall policy first on handling a crisis and a response strategy in the event of a health crisis- which is done by cyber security managers and architects. While in the ground there is a team which continuously monitors travelers coming from various countries and making sure they can pick up any imminent infected people. Next step is assessing the situation on a continuous basis, analyzing the data of infected people and identifying the root cause of the virus infection. The next step is to find solutions to contain the virus using either by developing medication or consider in our case a lock down. Once the entire situation comes under control you continuously audit the entire process to find inefficiency or loopholes.
Highlights of the Program
- Training by Top cyber security experts in India
- Access to 20 Real life case studies
- Access to learning management system
Want to know more about cyber security Course by IMS proschool? Click here