Introduction to Cyber Security

UNIT–I:
Introduction to Cyber security- Cyber security objectives, Cyber security
roles, Differences between Information Security & Cyber security, Cyber
security Principles-Confidentiality, integrity, &availability Authentication &
non- repudiation.

Cyber Security Introduction - Cyber Security Basics:

Cyber security is the most concerned matter as cyber threats and attacks are
overgrowing. Attackers are now using more sophisticated techniques to target
the systems. Individuals, small-scale businesses or large organization, are all
being impacted. So, all these firms whether IT or non-IT firms have
understood the importance of Cyber Security and focusing on adopting all
possible measures to deal with cyber threats.
What is cyber security?
"Cyber security is primarily about people, processes, and technologies working
together to encompass the full range of threat reduction, vulnerability
reduction, deterrence, international engagement, incident response,
resiliency, and recovery policies and activities, including computer network
operations, information assurance, law enforcement, etc."
OR
Cyber security is the body of technologies, processes, and practices designed
to protect networks, computers, programs and data from attack, damage or
unauthorized access.
The term cyber security refers to techniques and practices designed to protect
digital data.
The data that is stored, transmitted or used on an information system.
OR
Cyber security is the protection of Internet-connected systems, including
hardware, software, and data from cyber attacks.
It is made up of two words one is cyber and other is security.
Cyber is related to the technology which contains systems, network and
programs or data.
Whereas security related to the protection which includes systems security,
network security and application and information security.
Why is cyber security important?
Listed below are the reasons why cyber security is so important in what’s
become a predominant digital world:
Cyber attacks can be extremely expensive for businesses to endure.
 In addition to financial damage suffered by the business, a data breach can
also inflict untold reputational damage.
Cyber-attacks these days are becoming progressively destructive.
Cybercriminals are using more sophisticated ways to initiate cyber attacks.
Regulations such as GDPR are forcing organizations into taking better care of
the personal data they hold.
Because of the above reasons, cyber security has become an important part
of the business and the focus now is on developing appropriate response plans
that minimize the damage in the event of a cyber attack.
But, an organization or an individual can develop a proper response plan only
when he has a good grip on cyber security fundamentals.

Fundamental Goals of Cyber Security

The majority of the business operations run on the internet exposing their
data and resources to various cyber threats. Since the data and system
resources are the pillars upon which the organization operates, it goes without
saying that a threat to these entities is indeed a threat to the organization
itself.
A threat can be anywhere between a minor bug in a code to a complex cloud
hijacking liability. Risk assessment and estimation of the cost of reconstruction
help the organization to stay prepared and to look ahead for potential losses.
Thus knowing and formulating the goals of cybersecurity specific to every
organization is crucial in protecting the valuable data.
Cybersecurity is a practice formulated for the protection of sensitive
information on the internet and on devices safeguarding them from attack,
destruction, or unauthorized access.
The goal of cybersecurity is to ensure a risk-free and secure environment for
keeping the data, network and devices guarded against cyber threats. Let us
learn more about the Goals of cybersecurity.

What are the goals of Cyber Security?

The ultimate goal of cyber security is to protect the information from being
stolen or compromised. To achieve this we look at 3 fundamental goals of
cyber security.
1. Protecting the Confidentiality of data
2. Preserving the Integrity of data
3. Restricting the Availability of data only to authorized users Here are few
steps to maintain these goals
1. Classifying the assets based on their importance and priority. The most
important ones are kept secure at all times.
2. Pinning down potential threats.
3. Determining the method of security guards for each threat
4. Monitoring any breaching activities and managing data at rest and data in
motion.
5. Iterative maintenance and responding to any issues involved.
6. Updating policies to handle risk, based on the previous assessments.
All of the above aspects can be fit into 3 significant goals known as the “CIA
Triad”. So let us jump right in and get started with the CIA concepts in the
below section.
What Are the Different Roles in Cyber Security?
“Organizations are still working hard to accurately define the expectations of
cyber security roles and how those roles fit into the bigger organizational
picture,” said Backherms.
The specific job responsibilities for any given cyber security role can also
depend on the size and resources of the employer. “At a smaller or mid-size
firm, you might end up being a ‘jack of all trades,’ while at a larger firm you’re
more likely to have specialists,” said Champion.
Cyber security professionals can benefit from starting as generalists and then
specializing in an area of interest or strength, according to Champion. These
areas can include:
• Application security
• Data loss prevention
• Forensics
• Incident response
• Network security
Security architecture
Threat intelligence
Vulnerability management
Differences between Information Security & Cyber
security:
The terms Cyber Security and Information Security are often used
interchangeably. As they both are responsible for the security and protecting
the computer system from threats and information breaches and often Cyber
security and information security are so closely linked that they may seem
synonymous and unfortunately, they are used synonymously. If we talk about
data security it’s all about securing the data from malicious users and threats.
Now another question is what is the difference between Data and Information?
So one important point is that “not every data can be information” data can
be informed if it is interpreted in a context and given meaning. for example
“100798” is data and if we know that it’s the date of birth of a person then it
 is information because it has some meaning. so information means data that
has some meaning.
Examples and Inclusion of Cyber Security are as follows:
• Network Security
• Application Security
• Cloud Security
• Critical Infrastructure
Examples and inclusion of Information Security are as follows:
• Procedural Controls
• Access Controls
• Technical Controls
• Compliance Controls

Diagrams are given below to represent the difference between Information

Security and Cybersecurity.
In the above diagram, ICT refers to Information and communications technology
(ICT) which is an extensional term for information technology (IT) that defines
the role of unified communications and the integration of telecommunications
(basically digital communication security).

What is the CIA Triad?

The CIA Triad is a security model developed to ensure the 3 goals of
cybersecurity, which are Confidentiality, Integrity, and Availability of data and
the network.

1. Confidentiality
Keeping the sensitive data private and accessible to only authorized users.
2. Integrity
Designed to protect the data from unauthorized access and ensure its
reliability, completeness and correctness.

3. Availability
Authorized users can have access to system resources and data as and when
they need it.
Goals of CIA Triad
1. Confidentiality
The central idea behind the term confidentiality in the CIA Triad. The CIA Triad
ensures that the data is only accessible by genuine authorized users. It helps
in preventing disclosure to unintended parties who might exploit the privacy
of the user.
Methods to ensure Confidentiality are :
• Encryption of raw data
• Using biometrics for authentication
• Two way or multifactor authentication
• Let us say you work as a security engineer for a renowned financial firm
with many competitors across the globe. An anonymous entity is trying
to access the company’s trade secrets. You must make sure that the
confidential information is not accessible to any unauthorized outsiders.
• Hence you implement Firewall and intrusion detection systems. This is
a typical example of holding the confidentiality of your company.
2. Integrity
• Integrity is making sure the data is unaltered during the time of
transmission and ensuring it reaches the end-user in the correct form.
It maintains the consistency and reliability of data.
Methods to ensure Integrity are :
• Making use of user access control to restrict unauthorized modification
of files.
• Setting up backups to restore data during any system failure.
• Version control systems help to identify any modification by tracing the
logs.
Now being the same security engineer of the same financial firm, you have to
ensure that users are not destroying the data that the company holds.
Some users may accidentally or intentionally alter the database and corrupt
the data to cause loss to the firm.
You need to ensure that the backups are in place for implementation during
such emergencies.
You may use File Integrity Monitors(FIM) and hashing functions to make sure
the data is un-tampered and safe.
3. Availability
The last component of the CIA Triad – Availability helps in delivering resources
as and when requested by the user without any intervention like Denial of
Service warnings.
Methods to ensure Availability are :
1. Installing firewalls, proxy servers during downtime.
2. Locating backups at geographically isolated locations.
Lastly, consider your task this time is to ensure the website of your firm is
functioning properly 24/7 without any hindrance.
Organizations that deal with financial transactions cannot take any chances to
face downtime as it will cause huge losses, hold the customers’ assets at stake
and reduce trust in the organization.
During such times, when the server crashes you need to have a second one
that you replace the services and keep the site up and running.

Tools for Achieving CIA Goals

1. Tools for Confidentiality

a. Encryption – It is the process of transforming plain data into unreadable
cipher data using an encryption key.
b. Access Control – It has rules and policies to limit access to the resources
by checking the credentials of users.
c. Authentication – It is the confirmation of the user’s identity for providing
access to the resources.
d. Authorisation – Verifies the user’s access level and either grant or
refuses resource access.
e. Physical Security – It is required to keep the information available and
improve the robustness of the system during hardware failures. It
secures business-sensitive information, trade secrets, and customer
information.
2. Tools for Integrity
a. Backups – These are duplicate archives of original data.
b. Checksums – It is a computational function that maps the contents of
the data to a numerical value to check whether the data is the same
before and after the transaction.
c. Error-correcting codes – Method for controlling errors during and
unreliable data transfer over noisy channels.

3. Tools for Availability

a. Physical protection – Safeguarding the data against physical challenges
like fire or theft.
b. Computational Redundancy – Makes the system fault-tolerant and
protects against accidental modification.
To achieve and maintain these goals, good
cybersecurity has to consider the following points:
• A business-specific plan which establishes threats and risk.
• Policies and procedures for execution when business is under threat.
• Security training among employees to create awareness.
• Set security milestones.
• Consult an expert for advice.