Cyber-Security Reviewer

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 3

REVIEWER IN CYBER SECURITY • The global cyber threat continues to evolve

at a rapid pace, with a rising number of


Lesson 1: Introduction to Cyber Security data breaches each year.

Cyber security is the practice of defending • A report by Risk Based Security revealed


computers, servers, mobile devices,
that a shocking 7.9 billion records have
electronic systems, networks, and data
from malicious attacks. It's also known as been exposed by data breaches in the first
information technology security or nine months of 2019 alone. This figure is
electronic information security. more than double (112%) the number of
The term applies in a variety of contexts, records exposed in the same period in
from business to mobile computing, and 2018.
can be divided into a few common
categories. • Medical services, retailers and public
entities experienced the most breaches,
Network security 
with malicious criminals responsible for
-is the practice of securing a computer
network from intruders, whether targeted most incidents.
attackers or opportunistic malware.
• Some of these sectors are more appealing
Application security  to cybercriminals because they collect
-focuses on keeping software and devices financial and medical data, but all
free of threats. A compromised application businesses that use networks can be
could provide access to the data it is targeted for customer data, corporate
designed to protect. Successful security espionage, or customer attacks.
begins in the design stage, before a
program or device is deployed. • With the scale of the cyber threat set to
continue to rise, the International Data
Information security 
-protects the integrity and privacy of data, Corporation predicts that worldwide
both in storage and in transit. spending on cyber-security solutions will
reach a massive $133.7 billion by 2022.
Operational security 
-includes the processes and decisions for • Governments across the globe have
handling and protecting data assets. The responded to the rising cyber threat with
permissions users have when accessing a guidance to help organizations implement
network and the procedures that determine effective cyber-security practices.
how and where data may be stored or
shared all fall under this umbrella. • In the U.S., the National Institute of
Standards and Technology (NIST) has
Business continuity outlines exactly how a
created a cyber-security framework. To
business will proceed during and following
combat the proliferation of malicious code
a disaster. It may provide contingency
and aid in early detection, the framework
plans, outlining how the business will
recommends continuous, real-time
continue to operate even if it must move to
monitoring of all electronic resources.
an alternate location. Business continuity
planning may also consider smaller • The importance of system monitoring is
interruptions or minor disasters, such as echoed in the “10 steps to cyber security”,
extended power outages. guidance provided by the U.K. government’s
National Cyber Security Centre. In
Disaster recovery refers to the plans a business
Australia, The Australian Cyber Security
puts into place for responding to a catastrophic
Centre (ACSC) regularly publishes guidance
event, such as a natural disaster, fire, act of terror,
on how organizations can counter the latest
active shooter or cybercrime. Disaster recovery
cyber-security threats. 
involves the measures a business takes to respond
to an event and return to safe, normal operation as The Difference between Data and
quickly as possible. Information
End-user education is building awareness among • The terms data and information can mean
employees by equipping them with the necessary different things in different contexts, but
tools and skills required to protect themselves and the main differences between them
the company data from loss or attack. are: Data is a collection of
facts. Information is how you understand
The scale of the cyber threat
those facts in context. Data is unorganized,
while information is structured or
organized.
Lesson 2: Introduction to Network Security Why is security so important?

• We live in an age of information. Businesses Information security performs key roles


these days are more digitally advanced than such as:
ever, and as technology improves,
organizations’ security postures must be  The organization's ability to function
enhanced as well. without any hindrance
 Enabling the safe operation of applications
• Now, with many devices communicating implemented on the organization's IT
with each other over wired, wireless, or systems
cellular networks, network security is an  Protecting the data the organization collects
important concept. In this article, we will and its uses
explore what is network security and its key
features. What are the different types of Network
Security?
What is Network Security?
1. Access Control
• Network security is the process of taking
preventative measures to protect the Access control is a security technique that
underlying networking infrastructure from regulates who or what can view or use
unauthorized access, misuse, malfunction, resources in a computing environment. It is
modification, destruction or improper a fundamental concept in security that
disclosure. minimizes risk to the business or
organization.
• The Internet has undoubtedly become a
huge part of our lives. Many people in There are two types of access control:
today’s generation rely on the Internet for physical and logical.
many of their professional, social and
• Physical access control limits access to
personal activities. But are you sure your
campuses, buildings, rooms and physical IT
network is secure?
assets.
• There are many people who attempt to
• Logical access control limits connections
damage our Internet-connected computers,
to computer networks, system files and
violate our privacy and make it
data.
impossible to the Internet services.
Types of access control
• Given the frequency and variety of existing
attacks as well as the threat of new and 1. Mandatory access control (MAC).
more destructive future attacks, network
security has become a central topic in the This is a security model in which access
field of cybersecurity. rights are regulated by a central authority
based on multiple levels of security.
• Implementing network security measures
allows computers, users and programs to Often used in government and military
perform their permitted critical functions environments, classifications are assigned
within a secure environment. to system resources and the operating
system (OS) or security kernel.
How can we ensure network security?
It grants or denies access to those resource
• We must ensure that the passwords are objects based on the information security
Strong and Complex everywhere- within the clearance of the user or device.
network too, not just on individual
computers within an org. For example, Security Enhanced Linux
(SELinux) is an implementation of MAC on
• These passwords cannot be simple, default the Linux OS.
and easily guessable ones. This simple step
can go a long way toward securing your
networks.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy