Cyber law and Security Policy

CS801C
 CONTENTS

 Introduction to Cyber Security

 Importance of Cyber Security
 Challenges of Cyber Security
 Types of Cyber Security Threats
 Protection from Cyber threats
 Types of Cyber Security
 Summary
 References

2
 INTRODUCTION

Introduction to Cyber security analytics

 Cybersecurity Analytics involves aggregating data for the purpose of collecting evidence,
building timelines, and analyzing capabilities to perform and design a proactive cybersecurity
strategy that detects, analyzes, and mitigates cyberthreats.

 Cybersecurity is the protection of internet-connected systems such as hardware, software and

data from cyberthreats. The practice is used by individuals and enterprises to protect against
unauthorized access to data centers and other computerized systems.

3
 INTRODUCTION (Contd…)

Introduction to Cyber Security

What is Cyber Security?
Cyber Security is the body of technologies, processes, and practices designed to protect networks, devices,
programs, and data from attack, theft, damage, modification or unauthorized access. It’s also known
as Information Security (INFOSEC), Information Assurance (IA), or System Security.
Why Cyber Security?
Cyber Security is critical since the government, Corporate, therapeutic organizations, collect
military, budgetary, prepare, and store the uncommon sum of information on computer and other properties
like individual data, and these private data introductions seem have negative consequences.
 INTRODUCTION (Contd…)

Why is Cybersecurity Important?

 Cyber security is protecting our digital assets, such as personal and financial data, intellectual
property and critical infrastructure, is crucial. Cyberattacks can cause significant financial
losses, reputational harm and even physical damage.

 In today's interconnected world, cyber security has become more and more important as
more and more information is being stored and transmitted digitally. As a result, cyber-
attacks have also become more common.

5
 IMPORTANCE OF CYBER SECURITY

1. Protecting Sensitive Data

2. Prevention of Cyber Attacks
3. Safeguarding Critical Infrastructure
4. Maintaining Business Continuity
5. Compliance with Regulations
6. Protecting National Security
7. Preserving Privacy

6
 CHALLENGES OF CYBER SECURITY

1. Constantly Evolving Threat Landscape

2. Lack of Skilled Professionals

3. Limited Budgets

4. Insider Threats

5. Complexity of Technology

7
 TYPES OF CYBER SECURITY THREATS

1. Malware attack

Attacks use many methods to get malware into a user’s device, most often social engineering. Users may
be asked to take an action, such as clicking a link or opening an attachment.

Malware attacks include

• Trojan virus

• Ransomware

• Wiper malware

• Worms
 TYPES OF CYBER SECURITY THREATS

2. Social engineering attacks

Social engineering attacks work by psychologically manipulating users into performing actions
desirable to an attacker, or divulging sensitive information.

Social engineering attacks include:

• Phishing

• Malvertising

• Drive-by downloads

• Scareware security software

 TYPES OF CYBER SECURITY THREATS

3. Distributed denial of service (DDoS)

The objective of a denial of service (DoS) attack is to overwhelm the resources of a target system and
cause it to stop functioning, denying access to its users. Distributed denial of service (DDoS) is a
variant of DoS in which attackers compromise a large number of computers or other devices, and use
them in a coordinated attack against the target system.

Methods of DDoS attacks include:

• Botnet

• TCP SYN flood attack

• Smurf attack
 TYPES OF CYBER SECURITY THREATS

4. Man-in-the-middle attack (MitM)

When users or devices access a remote system over the internet, they assume they are communicating
directly with the server of the target system. In a MitM attack, attackers break this assumption, placing
themselves in between the user and the target server.

MitM attacks include:

• Session hijacking

• Replay attack

• IP spoofing

• Bluetooth attacks
 TYPES OF CYBER SECURITY THREATS
5. Password attacks

A hacker can gain access to the password information of an individual by ‘sniffing’ the connection to the
network, using social engineering, guessing, or gaining access to a password database. An attacker can
‘guess’ a password in a random or systematic way.

Password attacks include:

• Brute-force password guessing

• Dictionary attack

• Pass-the-hash attack

• Golden ticket attack

 PROTECTION FROM CYBER THREATS

1. Use strong passwords

2. Keep your software up to date
3. Enable two-factor authentication
4. Be wary of suspicious emails
5. Educate yourself
 TYPES OF CYBER SECURITY

1. Network Security
Focuses on securing computer networks from unauthorized access, data breaches, and other
network-based threats. It involves technologies such as:

14
 TYPES OF CYBER SECURITY

Types of Network Security Attacks

a) Active attack: In an active attack, the intruder attempts to disrupt the network’s normalcy,
modifies the information, and tries to alter the system resources.

b) Passive attack: In a passive attack, the intruder intercepts data that travels through the
network. Here, the intruder eavesdrops but does not alter the message.

15
 TYPES OF CYBER SECURITY

2. Application Security

Concerned with securing software applications and preventing vulnerabilities that could be
exploited by attackers. It involves secure coding practices, regular software updates and patches,
and application-level firewalls.
 Most of the Apps that we use
on our Cell-phone are Secured
and work under the rules and
regulations of the Google Play
Store.

16
 TYPES OF CYBER SECURITY

3. Information or Data Security

Focuses on protecting sensitive information from unauthorized access, disclosure, alteration, or

destruction. It includes Encryption, Access controls, Data classification, and Data loss prevention
(DLP) measures.

17
 TYPES OF CYBER SECURITY

4. Cloud Security

It involves securing data, applications, and infrastructure hosted on cloud platforms, and ensuring
appropriate access controls, data protection, and compliance. It uses various cloud service
providers such as AWS, Azure, Google Cloud, etc., to ensure security against multiple threats.

18
 TYPES OF CYBER SECURITY
5. Mobile Security

It involves securing the organizational and personal data stored on mobile devices such as cell phones,
tablets, and other similar devices against various malicious threats. These threats are Unauthorized
access, Device loss or Theft, Malware, etc.

19
 TYPES OF CYBER SECURITY
6. Internet of Things (IoT) Security

Devices frequently run on old software, leaving them vulnerable to recently identified security
vulnerabilities. This is generally the result of connectivity problems or the requirement for end users to
manually download updates from a C&C center.

20
 SUMMARY

Cybersecurity is an essential part of our digital lives, protecting our personal and professional
assets from cyber threats. By understanding the types of cyber threats, taking proactive steps to
protect yourself, and staying informed about the latest best practices, you can help ensure the
safety and security of your digital assets. This Chapter contains the topics of introduction of
cyber security, overview, Importance and challenges of cyber security, Types of Cyber Security,
Cyber security threats and protection.

21
 SELF-ASSESSMENT QUESTIONS

1. “Cyberspace” was coined by _________

(a) Richard Stallman

(b) William Gibson
(c) Andrew Tannenbaum
(d) Scott Fahlman

2. What does cyber security protect?

(a) Cyber security protects criminals

(b) Cyber security protects internet-connected systems
(c) Cyber security protects hackers
(d) None of the mentioned

22
 TERMINAL QUESTIONS

1. What is Cyber security? Explain the importance of cyber security?

2. Why Cyber security important? Explain the challenges of cyber security?
3. Explain the different types of cyber security threats?
4. Why cyber threats happen? How to protect yourself from cyber threats?

5. Why cyber security? Give a brief overview of cyber security with CIA triad?

6. Explain the Types of Cyber security?

23
REFERENCES FOR FURTHER LEARNING OF THE SESSION

Reference Books
1.Cyber security analytics: Technology and Automation – Martti Lehto, Pekka Neittaanmaki –
2015 (e-Book edition :1)
2.Information Security Analytics: Finding security insights, Patterns, Anomalies in Big data –
Mark Talabis, Jason Martin, Robert McPherson – 2014 (e-Book edition :1).
3.Advances In Cyber Security Analytics and Decision System - Shishir K. Shandilya, Neal
Wagner, Atulya K. Nagar ꞏ 2020 (e-Book edition :1).
4.Mastering Your Introduction to Cyber Security Paperback – by Dr Michael C Redmond Phd.
5.Cyber Security: A practitioner's guide Paperback – by David Sutton

24
THANK YOU

25