Understanding Cyber Security

Cyber security is a crucial aspect of modern technology that involves protecting computer systems,
networks, and data from digital attacks, unauthorised access, and damage. With the increased
prevalence of digital technologies, the importance of cyber security cannot be overstated. It ensures
that the confidentiality, integrity, and availability of information and resources are safeguarded.
What Is Cyber Security?
Importance of Cyber Security
Key Elements of Cyber Security
Cyber security includes a range of practices and technologies designed to
protect digital systems from various threats. It is essential for maintaining
the safety and functionality of information systems in the face of ever-
evolving cyber threats.

- Protection of Information: Ensures that sensitive data remains

confidential and is not accessed or disclosed to unauthorized parties.
- Integrity of Systems: Maintains the accuracy and reliability of data and
systems, preventing unauthorised modifications.
- Availability of Resources: Guarantees that information and systems are
accessible to authorised users as needed, preventing disruptions caused by
cyber-attacks.
he importance of cyber security extends across multiple facets of society, impacting individuals,
businesses, and governments. Understanding why it is crucial helps highlight its role in protecting
the digital landscape.

- Preventing Data Breaches: Protects personal and financial information from being stolen or
compromised, which can lead to identity theft and financial loss.
- Securing Business Operations: Ensures that businesses can operate smoothly without
interruptions caused by cyber attacks, which can lead to damage of a business' finances and
reputation.
- Protecting National Security: Safeguards critical infrastructure and government data from cyber
espionage and attacks that could undermine national security and public safety.
- Enhancing Consumer Trust: Builds trust among consumers and clients through a commitment to
protecting their data and privacy.

Effective cyber security involves a combination of practices, technologies,

and policies. These key elements work together to create a robust defence
against cyber threats.

- Firewalls and Intrusion Detection/Prevention Systems: Act as

barriers to block unauthorised access and monitor for suspicious activities
within networks.
- Encryption: Ensures that data transmitted over networks or stored on
devices is unreadable to unauthorised users.
- Access Controls: Manages who can access information and systems,
ensuring that only authorised individuals have the necessary permissions.
- Regular Updates and Patching: Keeps software and systems up to date
to protect against known vulnerabilities and exploits.
- Security Awareness Training: Educates users on how to recognise and
respond to potential security threats.

ypes of Cyber Threats

Cyber threats come in a variety of forms, each presenting unique challenges to security.
Understanding these threats helps in developing effective defence strategies.
Malware
Phishing
Ransomware
DDoS Attacks
Social Engineering

Malicious software that is designed to disrupt, damage, or gain unauthorised

access to systems.
Final Notes

Cyber security has evolved significantly over the decades, adapting to the growing complexity and
sophistication of cyber threats. Understanding the historical development of cyber security helps
provide context for current practices and future advancements.
Early Beginnings
Growth of Network Security
Emergence of the Internet

In the early days of computing, security was not a primary concern, as

computers were isolated and not interconnected. However, as networks
began to form, the need for security measures became apparent.
1970s: The development of ARPANET, the precursor to the internet,
highlighted the need for secure communication channels. Initial security
measures were basic, focusing on protecting physical access to systems.

Creeper Virus (1971): One of the first known viruses, Creeper, was created
as an experiment, leading to the creation of the Reaper programme to delete
it, marking the beginning of antivirus development. As computer networks
expanded, so did the scope and scale of security threats, necessitating more advanced security
measures.

1980s: The rise of personal computers and the spread of networks saw an increase in cyber threats.
The introduction of the first antivirus software aimed to combat the increasing number of computer
viruses.

Morris Worm (1988): The Morris Worm, one of the first widespread internet worms, caused
significant disruptions and highlighted the need for network security protocols. The widespread
adoption of the internet in the 1990s brought new challenges and opportunities for cyber security.

1990s: The commercialization of the internet led to the proliferation of e-commerce, making cyber
security a critical concern for protecting financial transactions and personal information.

Firewalls: The development of firewalls provided a barrier between internal networks and external
threats, becoming a fundamental security tool.

Modern Cyber Security

The 21st century has seen an explosion of digital connectivity, bringing both
advanced technologies and sophisticated cyber threats.

2000s: The rise of advanced persistent threats (APTs) and state-sponsored

attacks emphasised the need for robust security strategies. Cyber security
became a central focus for governments, businesses, and individuals.

Cloud Computing: The shift to cloud computing introduced new security

challenges, requiring innovative solutions to protect data in distributed
environments.

Cryptography Issues: With the advent of quantum computing, traditional

cryptographic algorithms are at risk. Post-quantum cryptography is being
developed to protect against these future threats, as quantum computers
have the potential to crack currently sophisticated hash algorithms in a
matter of minutes.
Contemporary Challenges and Innovations
Cyber Security Fundamentals
Cyber security revolves around protecting information and systems from threats and ensuring they
function correctly and securely. Fundamental to understanding cyber security are the concepts of
confidentiality, integrity, and availability, often referred to as the CIA triad. These principles form the
backbone of effective security measures.

The Principles of Cyber Security

Confidentiality
Integrity
Availability

Confidentiality ensures that sensitive information is accessible to authorized

viewers. Protecting data from unauthorized access and disclosure is crucial
for maintaining privacy and security.

Access Controls: Implement mechanisms that restrict who can access

specific data, ensuring only authorized users can view or modify it.
Encryption: Use encryption techniques to make data unreadable to
unauthorized users, both in transit and at rest.

Authentication: Verifies the identity of users attempting to access

information, ensuring they are who they claim to be.

Data Masking: Conceal specific data within a database or file, making it

accessible only to users with the proper permissions.
Understanding the fundamental concepts of confidentiality, integrity, and availability is essential for
building robust cyber security practices. These principles ensure that data is protected from
unauthorized access, remains accurate and trustworthy, and is accessible to authorized users when
needed. By focusing on the CIA triad, individuals and organizations can create a secure and reliable
digital environment.

Integrity ensures that information is accurate and trustworthy. It protects data from being altered by
unauthorized individuals, maintaining its original state.

Hashing: Generate a unique hash value for data, which changes if the data is modified, allowing for
the detection of alterations.

Digital Signatures: Use digital signatures to verify the authenticity and integrity of a message or
document, ensuring it has not been tampered with.

Checksums: Calculate checksums for data to detect errors or alterations, ensuring the data
received is the same as the data sent.

Audit Trails: Maintain logs of all access and changes to data, allowing for the tracking and
verification of data integrity.
Availability ensures that information and resources are accessible to the authorised users whenever
needed. It involves maintaining the functionality of systems and services to prevent disruptions.

Redundancy: Implement redundant systems and backups to ensure availability in case of

hardware/software failures.

Failover Mechanisms: Use failover mechanisms that automatically switch to a standby system if
the primary system fails, ensuring continuous availability.

Load Balancing: Distribute workloads across multiple systems to prevent any single system from
becoming a bottleneck, ensuring smooth operation.

Regular Maintenance: Perform regular maintenance and updates to systems to prevent outages
and address vulnerabilities that could impact availability.
Availability ensures that information and resources are accessible to the authorised users whenever
needed. It involves maintaining the functionality of systems and services to prevent disruptions.
Redundancy: Implement redundant systems and backups to ensure availability in case of
hardware/software failures.

Failover Mechanisms: Use failover mechanisms that automatically switch to a standby system if
the primary system fails, ensuring continuous availability.

Load Balancing: Distribute workloads across multiple systems to prevent any single system from
becoming a bottleneck, ensuring smooth operation.

Regular Maintenance: Perform regular maintenance and updates to systems to prevent outages
and address vulnerabilities that could impact availability.
Authorization is the process of determining whether an authenticated user
has permission to access a resource or perform an action. It ensures that all
users have appropriate access levels.

- Role-Based Access Control (RBAC): Assigns access rights based on user

roles within an organisation, limiting access to only those resources
necessary for their role.
- Access Control Lists (ACLs): Define which users or system processes
have access to specific resources and what operations they can perform.
- Attribute-Based Access Control (ABAC): Uses attributes (e.g., user
attributes, resource attributes, environmental conditions) to grant access
dynamically based on policies.
- Policy-Based Access Control: Establishes policies that specify conditions
under which access is granted, often used in conjunction with ABAC and
RBAC.
counting, also known as auditing, involves tracking and recording user activities on a system. This
helps monitor usage, detect anomalies, and ensure compliance with security policies.

- Log Management: Collecting and managing logs that record user activities, system events, and
access attempts. Logs are essential for auditing and forensic analysis.
- Audit Trails: Maintaining detailed records of system activities, which can be reviewed to ensure
compliance with security policies and investigate incidents.
- Usage Monitoring: Continuously monitor system usage to detect unusual patterns or unauthorised
activities that may indicate a security breach.
- Reporting: Generating reports from logs and audit trails to provide insights into user activities,
access patterns, and potential security issues.