Blue Modern Futuristic Cyber Security Presentation.pdf

Full Transcript

CYBER SECURITY 2
 TYPES OF DATA INCLUDE:
Personal
Protect your identity, data, and devices.

Organizational
Everyone should help protect the
organization's reputation, data, and customers.

Government
With more digital info being collected and
shared, protecting it is crucial for national
security, economic stability, and citizen safety

02
 PROTECTION OF PERSONAL DATA
Offline Identity
This is who you are in real life, like at home,
school, or work. Family and friends know your
personal details, such as your full name, age,
and address

Online Identity
This is who you are online. It includes your
usernames, social media profiles, and how you
interact with others on websites and online
communities.
02
 Avoid using your full name, address, or phone

TIPSFOR CREATINGA
number.
Don't use your email username.
Use different usernames and passwords for
different accounts, especially for financial ones. USERNAME
Avoid usernames that hint at your passwords,
like using "IT" for work-related accounts.
Pick a username that suits the type of account,
whether it's for business, social, or personal use.

03
04
 Money: Hackers often want to steal money. They
can access your accounts, impersonate family
members, and send messages asking for money,
claiming they are stranded abroad and need help.

Banking WHAT DO HACKERS
Hackers can steal your data to get into your
bank accounts, credit cards, and other online
WANT?
accounts. They might even take out loans
using your name.
Medical Theft
Hackers can steal your medical insurance to
use the benefits for themselves.

05
 internet Service Provider (ISP)
Tracks your online activity and can sell this data to advertisers.
May share your information with government agencies when
required by law.

Advertisers
Monitor your online activities to send you targeted ads.
Search Engines and Social Media Platforms WHO ELSE WANTS
Collect data on your gender, location, phone number, and
political/religious views based on your searches and online activity.
YOUR DATA?
Sell this information to advertisers.

Websites You Visit
Use cookies to track your activities for a personalized experience.
This data can be linked to your online identity and sold to
advertisers

06
The Cube, created by John McCumber in 1991, is a security
model with three dimensions:

THE CUBE
1. Foundational principles for protecting information
systems.
2. Protection of information in its various states.
3. Security measures used to protect data.

The foundational principles for protecting information
systems
The CIA triad: it is a common model that forms the basis for
the development of security systems

07
 Confidentiality
Rules prevent sensitive information from being shared with unauthorized people.
Methods include data encryption, identity verification, and two-factor
authentication

Integrity
Ensures system information is protected from changes.
One method is using a hash function.

Availability
Authorized users can access systems and data as needed, while unauthorized
users cannot. Maintain equipment, perform repairs, update software, and create
backups to ensure availability

08
 Processing

THE PROTECTION Data being used for an operation (data in process).
Storage
OF DATA IN EACH Data saved in memory or on a hard drive, SSD, or USB (data at rest).

STATE: Transmission
Data moving between systems (data in transit).

THE SECURITY Awareness, Training, and Education

MEASURES USED
Ensures users know about security threats and how to protect systems.
Technology
TO PROTECT DATA Uses software and hardware solutions to prevent malicious incidents.
Policy and Procedure
Administrative controls that guide how an organization secures
information.
09
SECURITY BREACHES
A security breach is unauthorized access to a
device, facility, program, network, or data. It
involves bypassing security measures, often
leading to private data being copied, shared,
or stolen.

How Security Breaches Occur
1. Malware: Attackers infect a system with malware to steal data, use
resources, or damage the system.
2. Phishing: Attackers send fake emails to trick users into revealing sensitive
data, like login details for online banking.
3. Physical: Attackers steal or tamper with equipment to access systems or
steal data.
4. Insider Threats: Employees misuse their access to view sensitive data or
10 unintentionally cause breaches with weak passwords.
 CONSEQUENCES OF A
SECURITY BREACH
Reputational Damage: A breach can harm an
Attackers
organization's long-built reputation.
Attackers exploit vulnerabilities to break into computers
Vandalism: Hackers may deface a website with
or networks for personal or financial gain.
false information.
Theft: Sensitive personal data can be stolen in a
Types of Attackers
breach.
White Hat Attackers: Break into systems to find and fix Loss of Revenue: Hackers can take down a
weaknesses. website, stopping online business.
Gray Hat Attackers: Find vulnerabilities and may
report them if it suits their agenda.
Black Hat Attackers: Unethical criminals who break
into systems for personal gain or malicious reasons.

11
Cybersecurity Criminals
Script Kiddies: Teenagers or hobbyists who mostly engage in
vandalism, using existing tools or online instructions to launch
attacks.

Vulnerability Brokers: Grey hat hackers who find exploits and
report them to vendors, sometimes for rewards.

Hacktivists: Grey hat hackers who protest political or social
issues by publicly protesting against organizations or
governments, often leaking sensitive information.

State-Sponsored Hackers: Hackers who steal government
secrets, gather intelligence, and sabotage networks, targeting
foreign governments and terrorist groups.

12
 THREATS TO ORGANIZATIONAL
DATA
Internal Threats
External Threats
LEmployees, contract staff, or trusted partners
can accidentally or intentionally: Amateurs or skilled attackers outside
Mishandle confidential data. the organization can:
Facilitate attacks by connecting infected USB
devices.
Exploit network vulnerabilities.
Invite malware by clicking on malicious Gain unauthorized access to
emails or websites. computing devices.
Threaten internal servers or network
infrastructure.
12
 Cyberwarfare involves using technology to attack another nation's information
systems and computer networks, aiming to cause damage, disrupt, or shut down
service
Cyberwarfare can destabilize a nation, disrupt commerce, and
erode citizens' trust in their government.

Purposes:
Steal defense secrets and gather technology information to close
gaps in industries and military capabilities.
Disrupt another nation's infrastructure.

A cyber attack : is a malicious attempt to access or damage a computer or
network system to steal, alter, disable, or destroy information through
unauthorized access.

13
Spyware
Purpose: Tracks and spies on user activities.
Capabilities: Logs keystrokes and captures sensitive data,
including personal and financial information.
Method: Alters device security settings to monitor activities.
Adware
Purpose: Delivers advertisements automatically.
Characteristics: Often comes with certain software versions, leads
to constant pop-up ads on the screen.
Target: Web browsers are the primary target for ad delivery.
Backdoor
Purpose: Provides unauthorized access by bypassing
authentication processes.
Capabilities: Allows hackers to gain remote access and execute
commands within the system.
Detection: Runs in the background, making it difficult to detect.
15
Ransomware
Purpose: Holds systems or data captive until a ransom is paid.
Method: Encrypts data, making it inaccessible.
Spread: Often through phishing emails or exploiting system
vulnerabilities.
Scareware
Purpose: Uses scare tactics to trick users into taking certain actions.
Method: Displays fake warnings about system risks to prompt users
to run specific programs, which then infect the system with
malware.
Rootkit
Purpose: Modifies the operating system to gain control.
Capabilities: Installs other malware, enables unauthorized remote
access, and creates backdoors.
Detection: Difficult to detect and remove due to deep system
integration.
16
virus
Purpose: Replicates and attaches to executable files.
Characteristics: Requires user interaction to activate and can be
harmless or destructive.
Effects: Can display images, modify, or delete data.
Trojan Horse
Purpose: Executes malicious operations by exploiting user
privileges.
Characteristics: Often hidden in image files, audio files, or games.
Worms
Purpose: Self-replicates to spread across computers.
Characteristics: Does not need a host program to run and spreads
without user participation.
Spread: Can propagate quickly over networks.

17
 SYMPTOMS OF MALWARE
Slow device performance and frequent
crashes.
Unknown files/programs and
unauthorized emails.
Slower web browsing and network
issues.
Modified or deleted files and unknown
processes running.

18