Cybersecurity Overview

Introduction

• Presenter: Archana from Edureka
• Session Focus: Understanding cybersecurity, its need, and fundamental concepts through real-world scenarios.

Importance of Cybersecurity

• Modern interconnected world makes everyone susceptible to cyberattacks.
• Cyberattacks can target sensitive data like contact numbers, credit card info, bank details, etc.
• Cyber criminals steal data for profits, malicious hackers expose system vulnerabilities, hacktivists attack based on ideologies.
• Necessity to protect ourselves online.

Popular Cyber Attacks

1. Malware
   • Malicious software like spyware, viruses, worms, trojans.
   • Injected to corrupt systems.
   • Example: Anti-virus alerts, malicious email attachments.
2. Phishing
   • Deceptive emails from trusted sources.
   • Attachment/Link in email exploits user’s computer.
3. Man-in-the-Middle Attack
   • Attacker intercepts and manipulates communication between two parties.
4. Denial of Service (DoS) Attack
   • Overloads website with traffic, making it inaccessible.
5. Malvertising
   • Using online ads to spread malware.
6. Ransomware
   • Prevents access to system/files; demands ransom.
   • Payments usually in cryptocurrency or gift cards.

Understanding Cybersecurity

• Cybersecurity: Techniques and practices to protect digital data stored, transmitted, and used on information systems.
• Key Areas:
  • Application Security: Protecting software/devices from threats.
  • Information Security: Protecting data integrity and privacy.
  • Network Security: Securing networks from intruders.
  • Operational Security: Protecting data assets and processes.
  • Disaster Recovery & Business Continuity: Responding to incidents causing data loss.
  • End-user Education: Teaching users about cybersecurity practices.

CIA Triad in Cybersecurity

• Confidentiality: Keeping information secret.
  • Attacks: Cracking encrypted data, leaking data (Doxing).
  • Defense: Strict access control, data encryption.
• Integrity: Ensuring information is accurate and reliable.
  • Attacks: Embedding malware, falsifying records, zombie computers.
  • Defense: Cryptography, intrusion detection.
• Availability: Ensuring data/systems are accessible by authorized users.
  • Attacks: DoS, ransomware, power supply disruption.
  • Defense: Antivirus, spyware removal, firewall.

Additional Pillars of Security

1. People
   • Awareness and education about cybersecurity roles and updates.
2. Processes
   • Define activities, roles, documentation to mitigate risks.
   • Regular review and update to adapt to new threats.
3. Technology
   • Deploy tools to prevent/reduce cyber risks based on risk assessment.

Real-world Scenario

• Example: Wendy’s Hotel and Spa
  • Faced with a cyberattack that halted operations and exposed client data.
  • Hired Incident Response Team (IRP) to identify, contain, and recover from attack.
  • IRP prevents serious losses, restores operations, and prevents future attacks.

Conclusion

• Cybercrime is sophisticated; focus is on response and management of breaches.
• Emphasis on practicing response strategies and preparation.
• Importance of cyber hygiene and individual role in security.
• Encourage queries and further discussions in the comment section.

End of Session: Join the next session for more interesting topics.

---

Subscribe to the Edureka channel for more learning videos.