What is Cyber Security?

Cyber security is the application of technologies, processes and controls to protect systems, networks, programs, devices and data from cyber-attacks.

Its aim is to reduce the risk of cyber-attacks, and protect against the unauthorized exploitation of systems, networks and technologies.

Major areas covered in cyber security include:

1) Application Security

2) Information Security

3) Disaster recovery

4) Network Security

5) Operational security

6) End-user education

1- Application Security

This encompasses measures or counter-measures that are taken during the development life-cycle to protect applications from threats that can come through flaws in the application design, development, deployment, upgrade or maintenance.

Some basic techniques used for application security include:

a) Input parameter validation.

b) User/Role Authentication & Authorization.

c) Session management, parameter manipulation & exception management.

d) Auditing and logging.

2- Information Security

This protects information from unauthorized access to avoid identity theft and to protect privacy.

Major techniques used include:

a) Identification, authentication & authorization of user

b) Cryptography.

3- Disaster recovery

This is a process that includes performing risk assessment, establishing priorities, developing recovery strategies in case of a disaster. Any business should have a concrete plan for disaster recovery to resume normal business operations as quickly as possible after a disaster.

4- Network Security

This includes activities to protect the usability, reliability, integrity and safety of the network. Effective network security targets a variety of threats and stops them from entering or spreading on the network.

Network security components include:

a) Anti-virus and anti-spyware.

b) Firewall, to block unauthorized access to your network.

c) Intrusion prevention systems (IPS), to identify fast-spreading threats, such as zero-day or zero-hour attacks.

d) Virtual Private Networks (VPNs), to provide secure remote access.

5- Operational security

This includes the processes and decisions for handling and protecting data assets. The permissions users have when accessing a network and the procedures that determine how and where data may be stored or shared all fall under this umbrella.

6- End-user education

This addresses the most unpredictable cyber-security factor: people. Anyone can accidentally introduce a virus to an otherwise secure system by failing to follow good security practices. Teaching users to delete suspicious email attachments, not plug in unidentified USB drives, and various other important lessons is vital for the security of any organization.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s