· is necessary since it helps in securing data from threats such as data theft or misuse, also safeguards your system from viruses.
· Internet Security is a branch of computer security specifically related to the internet. Its objective is to establish rules and measure to use against attacks over the internet.
The major security problems.
· Virus
o A virus is a program that is loaded onto your computer without your knowledge and runs against your wishes.
o In order to solve this problem just install a security suite that protects the computer against threats such as viruses and worms.
· Hacker
o Is a person who breaks into computer, usually be gaining access to administrative controls.
o There are 3 types of Hacker; White Hat Hacker, Grey Hat Hacker, Black Hat Hacker
o To prevent the hacking, it may be impossible to prevent computer hacking, however effective security control including strong password, and the use of f firewalls can help.
· Malware
o Is any software that infects and damages a computer system without owner’s knowledge or permission.
o To prevent this malware, you must download an anti-malware program that also helps prevent infection and activate network threat protection, firewall, antivirus.
· Trojan Horse
o Trojan horses are email viruses that can duplicate themselves, steal information, or harm the computer system. These viruses are the most serious threats to computer.
o To avoid Trojans Horse, install security suites, such as Avast Internet Security, will prevent you from downloading Trojan Horses.
· Password Cracking
o Password attacks are attacks by hackers that are able to determine passwords or find passwords to different protected electronic areas and social network sites.
o Use always strong password with the combination of alphanumeric and special character. Do not use same password for different websites.
Type’s cybercrime and what the possible things to do on preventing it.
· Hacking
o In simple terms means an illegal intrusion into a computer system and/or network.
· Denial of Service Attack
o Act by the criminal, who floods the bandwidth of the victim’s network. E-mail box with spam mail depriving of the services.
· Virus Dissemination
o Malicious software that attaches itself to other software (virus, worms, Trojan horse, web jacking, e-mail bombing etc.)
· Computer Vandalism
o Damaging or destroying data rather than stealing. Transmitting the virus
· Cyber Terrorism
o Use of Internet based attacks in terrorist activities. Technology savvy terrorist are using 512-bit encryption, which is impossible to decrypt.
· Software Piracy
o Theft of software through the illegal copying of genuine programs. Distribution of products intended to pass for the original.
The types of hackers and their characteristics.
· White Hat Hacker
o White-hat programmers, on the other hand, are regarded to be the great folks, working with organizations to fortify the security of a framework. A white hat has consent to lock in the targets and to compromise them inside the endorsed rules of engagement.
o White-hat programmers are frequently alluded to as moral programmers. This person specializes in moral hacking devices, strategies, and strategies to secure an organization’s data frameworks
· Grey Hat Hacker
o Grey hats exploit networks and computer systems in the way that black hats do, but do so without any malicious intent, disclosing all loopholes and vulnerabilities to law enforcement agencies or intelligence agencies.
o Usually, grey-hat hackers surf the net and hack into computer systems to notify the administrator or the owner that their system/network contains one or more vulnerabilities that must be fixed immediately. Grey hats may also extort the hacked, offering to correct the defect for a nominal fee.
· Black Hat Hacker
o The term “black hat” originated from Western movies, where the bad guys wore black hats and the good guys wore white hats. A black-hat hacker is an individual who attempts to gain unauthorized entry into a system or network to exploit them for malicious reasons.
o The black-hat hacker does not have any permission or authority to compromise their targets. They try to inflict damage by compromising security systems, altering functions of websites and networks, or shutting down systems. They often do so to steal or gain access to passwords, financial information, and other personal data.
To implement and maintain Security of a Cyber field around us.
1. Build an Information Security Team
o Before you begin this journey, the first step in information security is to decide who needs a seat at the table. One side of the table holds the executive team, made up of senior-level associates responsible for crafting the mission and goals of the security program, setting security policies, risk limitations, and more. On the other side of the table sits the group of individuals responsible for daily security operations. As a whole, this group designs and builds the framework of the security program.
2. Inventory and Manage Assets
o The security team’s first job is to understand which assets exist, where those assets are located, ensure the assets are tracked, and secure them properly. In other words, it’s time to conduct an inventory of everything that could contain sensitive data, from hardware and devices to applications (both internally and third party developed) to databases, shared folders, and more. Once you have your list, assign each asset an owner, then categorize them by importance and value to your organization should a breach occur.
3. Assess Risk
o To assess risk, you need to think about threats and vulnerabilities. Start by making a list of any potential threats to your organization’s assets, then score these threats based on their likelihood and impact. From there, think about what vulnerabilities exist within your organization, categorize and rank them based on potential impact. These vulnerabilities can consist of people (employees, clients, third parties), processes or lack thereof, and technologies in place.
4. Manage Risk
o Now that you have your risks ranked, decide whether you want to reduce, transfer, accept, or ignore each risk.
4.1 Reduce the risk: Identify and apply fixes to counter the risk (e.g., setting up a firewall, establishing local and backup locations, purchasing water leak detection systems for a data center).
4.2 Transfer the risk: Purchase insurance for assets or bring on a third party to take on that risk.
4.3 Accept the risk: If the cost to apply a countermeasure outweighs the value of the loss, you can choose to do nothing to mitigate that risk.
4.4 Avoid the risk: This happens when you deny the existence or potential impact of a risk, which is not recommended as it can lead to irreversible consequences.
5. Develop an Incident Management and Disaster Recovery Plan
o Without an Incident Management and Disaster Recovery Plan, you put your organization at risk should any security incident or natural disaster occur. This includes things like power outages, IT system crashes, hacking, supply chain problems, and even pandemics like COVID-19. A good plan identifies common incidents and outlines what needs to be done—and by whom—in order to recover data and IT systems.
6. Inventory and Manage Third Parties
o Make a list of vendors, suppliers, and other third parties who have access to your organization’s data or systems, then prioritize your list based on the sensitivity of the data. Once identified, find out what security measures high-risk third parties have in place or mandate necessary controls. Be sure to consistently monitor and maintain an updated list of all third-party vendors.
7. Apply Security Controls
o You’ve been busy identifying risks and deciding on how you’ll handle each one. For the risks you want to act on, it’s time to implement controls. These controls will mitigate or eliminate risks. They can be technical (e.g., encryption, intrusion detection software, antivirus, firewalls), or non-technical (e.g., policies, procedures, physical security, and personnel). One non-technical control you’ll implement is a Security Policy, which serves as the umbrella over a number of other policies such as a Backup Policy, Password Policy, Access Control Policy, and more.
8. Establish Security Awareness Training
o Conduct frequent security awareness trainings to share your information security plan and how each employee plays a role in it. After all, new security measures and policies do nothing if employees working with the data are not educated on how to minimize risk. Any time an element of your security program changes, your employees need to be aware. And be sure to document and retain evidence of trainings for future auditing purposes.
9. Audit
o The best way to determine the effectiveness of your information security program is to hire a third-party auditor to offer an unbiased assessment on security gaps. In some cases, this is mandatory to confirm compliance. Third-party assessors can also perform vulnerability assessments, which include penetration tests to identify weaknesses in your organization’s networks, systems, and applications, along with audits against criteria such as ISO 27001, PCI DSS, FedRAMP, and HITRUST; as well as SOC 2® reports using the AICPA Trust Service Principles. Your company can also conduct internal audits to assess controls, policies, procedures, risk management, and more.
