Transcript
It can be rightfully said that today’s generation lives on the internet and we generally users are almost ignorant as to how those random bits of ones and zeros reacch securely to a computer it’s not magic it’s work and sweat that makes sure that your packets reach to you unzipped today IRA Paul from Edureka I’m here to tell you guys about how cyber security makes this all possible now before we begin let me brief you all about the topics that we are going to cover today so basically we are gonna ask three questions that are important to cyber security firstly we’re going to see why cyber security is needed next we’re going to see what exactly is cyber security and in the end I’m going to show you all through a scenario how cyber security can save a whole organization from organized cybercrime okay so let’s get started now as I just said we are living in a digital era whether it be booking a hotel room ordering some dinner or even booking a cab we are constantly using the Internet and inherently constantly generating data this data is generally stored on the cloud which is basically a huge data server or data center that you can access online also we use an array of devices to access this data now for a hacker it’s a golden age with so many access points public IP addresses and constant traffic and tons of data to exploit blackhat hackers are having one hell of a time exploiting vulnerabilities and creating malicious software for the same above that cyber ducks are evolving by the day hackers are becoming smarter and more creative with their malware and how they bypass virus scans and firewalls still baffle many people let’s go through some of the most common types of cyber attacks now so as you guys can see I’ve listed out eight cyberattacks that have plagued us since the beginning of the Internet let’s go through them briefly so first on the list we have general malware malware is an all-encompassing term for a variety of cyber threats including Trojans viruses and bombs malware is simply defined as code with malicious intent that typically steals data or destroy something on the computer next on the list we are fishing often posing as a request for data from a trusted third party phishing attacks are sent via email and asked users to click on a link and enter the personal data freshing emails have gotten much more sophisticated in recent years making it difficult for some people to discern a legitimate request for information from a false one phishing emails often fall into the same category as spam but are more harmful than just a simple ad next on the list we have password attacks a password attack is exactly what it sounds like a third party trying to gain access to your system by cracking a user’s password next up is DDoS which stands for distributed denial of service ad or staff focuses on disrupting the service of a network attackers sent high volumes of data or traffic through the network that is making a lot of connection requests until the network becomes overloaded and can no longer function next up we have man-in-the-middle attacks by impersonating the endpoint in an online information exchange that is the connection from your smartphone to a website the MIT M attacks can obtain information from the end users and entity he or she is communicating with for example if you’re banking online the man in the middle would communicate with you by impersonating your bank and communicate with the bank by impersonating you the man in the middle would then receive all the information transferred between both parties which could include sensitive data such as bank accounts and personal information next up we have drive-by downloads through malware on a legitimate website a program is downloaded to a user system just by visiting the site it doesn’t require any type of action by the user to download it actually next up we have mal advertising which is a way to compromise your computer with malicious code that is downloaded to your system when you click on an affected ad lastly we have rogue softwares which are basically malware that are masquerading as legitimate and necessary security software that will keep your system safe so as you guys can see now the internet sure isn’t a safe place as you might think it is this not only applies for us as individuals but also large organizations there have been multiple cyber breaches in the past that has compromised the privacy and confidentiality of a data if we head over to the site called information as beautiful we can see all this major cyber breaches that have been committed so as you guys can see even big companies like eBay AOL Evernote Adobe have actually gone through major cyber breaches even though they have a lot of security measures taken to protect the data that they contain so it’s not only that small individuals are targeted by hackers and other people but even bigger organizations are constantly being targeted by these guys so after looking at all sorts of cyber attacks possible the breaches of the past and the sheer amount of data available we must be thinking that there must be some sort of mechanism and protocol to actually protect us from all these sorts of cyber attacks and indeed they’re in a way and this is called cyber security in a computing context security comprises of cyber security and physical security both are used by enterprises to protect against unauthorized access to data centers and other computerized systems information security which is designed to maintain the confidentiality integrity and availability of data in a subset of cyber security the use of cyber security can help prevent against cyber attacks data breaches identity theft and can aid in risk management so when an organization has a strong sense of network security and an effective incident response plan this better able to prevent and mitigate these attacks for example and use a protection defense information and guards against loss of theft by lots of scanning computers for malicious code now when talking about cyber security there are three main activities that we are trying to protect ourselves against and they are unauthorized modification unauthorized deletion and unauthorized access these freedoms are very synonymous to the very commonly known CIA tried which stands for confidentiality integrity and availability the CIA triad is also commonly referred to as a three pillars of security and most security policies of bigger organizations and even smaller companies are based on these three principles so let’s go through them one by one so first on the list we have confidentiality confidentiality is roughly equivalent to privacy measures undertaken to ensure confidentiality are designed to prevent sensitive information from reaching the wrong people while making sure that the right people can in fact get it access must be restricted to those authorized to view the data in question in as common as well for data to be categorized according to the amount and type of damage that could be done should it fall into unintended hands more or less stringent measures can then be implemented across to those categories sometimes safeguarding data confidentiality may involve special training for those privy to such documents such training would typically include security risks that could threaten this information training can help familiarize authorized people with risk factors and how to guard against them further aspects of training can include strong password and password related best practices and information about social engineering methods to prevent them from bending data handling rules with good intention and potentially disastrous results next on the list we have integrity integrity involves maintaining the consistency accuracy and trustworthiness of data over its entire lifecycle data must not be changed in transit and steps must be taken to ensure that data cannot be altered by unauthorized people for example in a breach of confidentiality these measures include file permissions and user access controls version control may be used to prevent erroneous changes or accidental deletion by authorized users becoming a problem in addition some means must be in place to detect any changes in data that might occur as a result of non human caused events such as electromagnetic pulses or silver crash some data might include checksums even cryptographic checksums for a verification of integrity back up or redundancies must be available to restores affected data to its correct state last but not least is availability availability is best ensured by rigorous maintaining of hardware performing hardware best immediately when needed and maintaining a correctly functional operating system environment that is free of software conflicts it’s also important to keep current with all necessary system upgrades providing adequate communication bandwidth and preventing the occurrences of bottlenecks are equally important redundancy failover and even high availability clusters can mitigate serious consequences when Hardware issues do occur fast in as adaptive disaster recovery is essential for the worst case scenarios that capacity is reliant on the existence of a comprehensive disaster recovery plan safeguards against data loss or interruption in connection must include unpredictable events such as natural disasters and file to prevent data loss from such occurrences a backup copy must be stored in a geographically isolated location perhaps even in a fireproof water safe place extra security equipments or software such as firewalls and proxy servers can guard us against down times and unreachable data due to malicious actions such as denial of service attacks and network intrusions so now that we have seen what we are actually trying to implement when trying to protect ourselves on the internet we should also know the ways that we actually protect ourselves when we are attacked by cyber organizations so the first step to actually mitigate any type of cyber attack is to identify the malware or the cyber threat that is being currently going on in your organization next we have to actually analyze and evaluate all the affected parties and the file systems that have been compromised and in the end we have to patch the whole treatment so that our organization can come back to its original running state without any cyber breaches so how is it exactly done this is mostly done by actually calculating three factors the first factor is vulnerability the second factor is threat and the third is risk so let me tell you about the three of them a little bit so first on the list of actual calculation is we have vulnerability so a vulnerability refers to a known weakness of an asset that can be exploited by one or more attackers in other words it is a known issue that allows an attack to be successful for example when a team member resigns and you forgot to disable their access to external accounts change logins or remove their names from the company credit cards this leaves your business open to both unintentional and intentional threats however most vulnerabilities are exploited by automated attackers and on a human typing on the other side of the network next testing for vulnerabilities is critical to ensuring the continuity of your systems by identifying weak points and developing a strategy to respond quickly here are some questions that you ask when determining your security vulnerabilities so you have questions like is your data backed up and stored in a secure off-site location is your data stored in the cloud if yes how exactly is it being protected from cloud vulnerabilities what kind of security do you have to determine who can access modify or delete information from within your organization next like you could ask questions like what kind of antivirus protection is in use what are the license currents are the license current and is it running as often as needed also do you have a data recovery plan in the event of vulnerability being exploited so these are the normal question that one asks when actually checking their vulnerability next up is threat a threat refers to a new or newly discovered incident with potential to do harm to a system or your overall organization there are three main types of threat national threats like floods or tornadoes unintentional threats such as employee mistakingly accessing the wrong information and intentional threats there are many examples of intentional threats including spyware malware adware companies are the actions of disgruntled employees in addition worms and viruses are categorized as threats because they could potentially cause harm to your organization through exposure to an automated attack as opposed to one perpetrated by human beings although these threats are generally outside of one’s control and difficult to identify in advance it is essential to take appropriate measures to assess threats regularly here are some ways to do so and sure that your team members are staying informed of current trends in cybersecurity so they can quickly identify new threats they should subscribe to blogs like Y owed and podcasts like the tech janux extreme IT that covers these issues as well as joined professional associations so they can benefit from breaking news feeds conferences and Vimanas you should also perform regular threat assessment to determine the best approaches to protecting a system against a specific threat along with assessing different types of tech in addition penetration testing involves modeling real-world threats in order to discover bollen abilities next on the list we have risk so risk refers to the potential for loss or damage when a threat exploits a vulnerability examples of risks include financial losses as a result of business disruption loss of privacy reputation or damage legal implications and can even include loss of life risk can also be defined as follows which is basically threat x the vulnerability you can reduce the potential for risk by creating and implementing a risk management plan and here are the key aspects to consider when developing your risk management strategy firstly we need to assess risk and determine needs when it comes to designing and implementing a risk assessment framework it is critical to prioritize the most important breaches that need to be addressed all the frequency may differ in each organization this level of assessment must be done on a regular recurring basis next we also have to include a total stakeholder perspective stakeholders include the business owners as well as employees customers and even vendors all of these players have the potential to negatively impact the organization but at the same time they can be assets in helping to mitigate risk so as we see risk management is the key to cybersecurity so now let us go through a scenario you actually understand how cyber security actually defends an organization against very manipulative cyber crime so cyber crime as you all know is a global problem that’s been dominating the news cycle it poses a threat to individual security and an even bigger threat to large international companies banks and government today’s organized cybercrime for our shadows lone hackers are fast and now large organized crime rings function like startups and often imply highly-trained developers who are constantly innovating new online attack most companies have preventative security software’s to stop these types of attacks but no matter how secure we are cybercrime is going to happen so meet Bob he’s the chief security officer for a company that makes a mobile app to help customers track and my manage the finances so security is a top priority so Bob’s company has an activity response platform in place that automates the entire cybersecurity process the ARP software integrates all the security and ID software needed to keep a large company like Bob’s secure into single dashboard and acts as a hub for the people processes and technology needed to respond to and contain cyber attack let’s see how this platform works in the case of a security breach while Bob is out on a business trip irregular activity occurs on his account as a user behavior analytics engine that monitors account activity recognize a suspicious behavior involving late-night logins and unusual amounts of data being downloaded this piece of software is the first signal that something is wrong and alert is sent to the next piece of software in the chain which is the security information and event management system now the ARP can orchestrate a chain of events that ultimately prevents the company from encountering a serious security disaster the ARP connects to a user directory software that Bob’s company uses which immediately recognizes the user accounts belong to an executed who is out on a business trip and then proceeds to lock his account the ARP sends the incident IP address to a threat intelligence software which identifies the address as a suspected malware server as each piece of security software runs the findings are recorded in the ARP incident which is already busy creating a set of instructions called a playbook for a security analyst to follow the analyst then locks Bob’s accounts and changes his passwords this time the software has determined the attempted attack came from a well known cyber crime organization using stolen credentials Bob’s credentials were stolen when the hacker found a vulnerability in his company’s firewall software and used it to upload a malware infected file now that we know how that happened the analyst uses the ARP and identifies and patches all the things the ARP uses information from endpoint tools to determine which machines need to be patched recommends how to bash them and then allows the analyst to push the patches to all the computers and mobile devices instantly meanwhile bob has to alert the legal departments of the and the AARP instantly notify the correct person of the situation and the status of the incident after the attack is contained and Bob’s account is secured the analysts then communicates which data may have been stolen or compromised during the incident he identifies which geographies jurisdictions and regulatory agencies cover the users and informations affected by the attack then the ARP creates a series of tasks so the organization can notify the affected parties and follow all relevant compliances and liability procedures in the past a security breach this large would have required Bob’s company to involve several agencies and third parties to solve the problem a process that could have taken months or longer but in a matter of hours the incident response platform organized all of the people processes and technology to identify and contain the problem find the source of the attack fix the vulnerability and notify all affected parties and in the future Bob and his team will be able to turn the cognitive security tools these tools will read and learn from tens of thousands of trusted publication blogs and other sources of information this knowledge will uncover new insights and patterns anticipate and isolate and minimize attacks as they happen and immediately recommend actions for security professionals to take keeping data safe and companies like Bob’s out of the headlines ok guys I hope you all learned something about cyber security today and why it is so essential in today’s world if you all have any doubts or questions regarding this video please post a comment down in the comment section that’s it for me goodbye I hope you have enjoyed listening to this video please be kind enough to like it and you can comment any of your doubts and queries and we will reply them at the earliest do look out for more videos in our playlist and subscribe to any edureka channel to learn more happy learning.
Trivest Technologies is a specialized security solutions provider, contact us today to keep you and your data safe. Email: contact@trivestgroup.com Phone: +2348022306494
