Scribd
Upload
18 views16 pages

Basics of Cybersecurity

This document provides an overview of cybersecurity, including its definition, types, and historical development from the 1970s to the present. It highlights the importance of cybersecurity in protecting information assets and introduces the CIA triad, which consists of confidentiality, integrity, and availability. The document also emphasizes the growing need for cybersecurity measures due to increasing cyber threats and the financial impact on organizations.

Uploaded by

confidenceanuonye
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
18 views16 pages

Basics of Cybersecurity

This document provides an overview of cybersecurity, including its definition, types, and historical development from the 1970s to the present. It highlights the importance of cybersecurity in protecting information assets and introduces the CIA triad, which consists of confidentiality, integrity, and availability. The document also emphasizes the growing need for cybersecurity measures due to increasing cyber threats and the financial impact on organizations.

Uploaded by

confidenceanuonye
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 16

Basics of

Cybersecurity
Introduction to Cybersecurity
In this module, you will
● Understand what cyber security is about
● Know the types of security
● Know the history of cybersecurity and the need for it
● Understand what the CIA triad is.
What is Cybersecurity?
● It can be defined as the protection of information assets by addressing
threats to information processed, stored and transported by internetworked
information system.
● It is the application of technologies, processes and controls to protect
systems, networks, programs, devices and data from cyber attacks.
● It aims to reduce the risk of cyber attacks and protect against the
unauthorized exploitation of systems, networks and technologies.
● Cybersecurity is the practice of protecting critical systems and sensitive
information from digital attacks.
Types of Security
● Network security
● Application security
● Cloud security
● Phishing
● Denial-of-service
● Malware
● Man-in-the-middle
● Sql Injection
History of Cybersecurity

● 1970s: ARAPNET and The Creeper.


● 1980s: Birth of the commercial virus.
● 1990s: The world goes online.
● 2000s: Threats diversify and multiply.
● 2020s: The next generation.
1970s: ARPANET and The Creeper

● Security began in 1970 when researcher Bob Thomas created a computer


programme called Creeper that could move across ARPANET’s network,
leaving a breadcrumb trail wherever it went. Ray Tomlinson, the inventor of
email, wrote the programme Reaper, which chased and deleted Creeper.
Reaper was the very first example of antivirus software and the first self-
replicating programme, making it the first-ever computer worm.
● Then in 1979, 16-year-old Kevin Mitnick famously hacked into The Ark – the
computer at the Digital Equipment Corporation used for developing
operating systems – and made copies of the software. He was arrested and
jailed for what would be the first of several cyberattacks he conducted over
the next few decades. Today he runs Mitnick Security Consulting.
1980s: Birth of commercial virus.

● The 1980s brought an increase in high-profile attacks, including those at


National CSS, AT&T, and Los Alamos National Laboratory. The movie War
Games, in which a rogue computer program takes over nuclear missiles
systems under the guise of a game, was released in 1983. This was the
same year that the terms Trojan Horse and Computer Virus were first used.
● 1987 was the birth year of commercial antivirus although there were
competing claims for the innovator of the first antivirus product. Andreas
Lüning and Kai Figge released their first antivirus product for the Atari ST –
which also saw the release of Ultimate Virus Killer in 1987. Three
Czechoslovakians created the first version of the NOD antivirus in the same
year and in the US, John McAfee founded McAfee and released VirusScan.
1990s: The world goes online

● With the internet becoming available to the public, more people began
putting their personal information online. Organised crime entities saw this
as a potential source of revenue and started to steal data from people and
governments via the web. By the middle of the 1990s, network security
threats had increased exponentially and firewalls and antivirus programmes
had to be produced on a mass basis to protect the public.
● New virus and malware numbers exploded in the 1990s, from tens of
thousands early in the decade growing to 5 million every year by 2007. By
the mid-‘90s, it was clear that cybersecurity had to be mass-produced to
protect the public. One NASA researcher developed the first firewall
program, modeling it on the physical structures that prevent the spread of
actual fires in buildings.
2000s: Threats diversify and multiply

● In the early 2000s crime organisations started to heavily fund professional


cyberattacks and governments began to clamp down on the criminality of
hacking, giving much more serious sentences to those culpable. Information
security continued to advance as the internet grew as well but,
unfortunately, so did viruses.
● In 2001, a new infection technique appeared: users no longer needed to
download files – visiting an infected website was enough as bad actors
replaced clean pages with infected ones or ‘hid’ malware on legitimate
webpages. Instant messaging services also began to get attacked, and
worms designed to propagate via IRC (Internet Chat Relay) channel also
arrived.
2010s-2020s: The next generation

● The cybersecurity industry is continuing to grow at the speed of light. The


global cybersecurity market size is forecast to grow to $345.4bn by 2026
according to Statista. Ransomware is one of the most common threats to any
organisation's data security and is forecast to continue to increase.
● As cybersecurity developed to tackle the expanding range of attack types,
criminals responded with their own innovations: multi-vector attacks and
social engineering. Attackers were becoming smarter and antivirus was
forced to shift away from signature-based methods of detection to ‘next
generation’ innovations.
Need for Cybersecurity

Research has shown that:

● Every 11 seconds, a system on and off the internet experiences a form of


cyber attacks.
● Millions of malwares ways are developed by the hour to exploit vulnerabilities
in systems, servers etc
● Big firms lost over $1.8bn in 2019 due to cyber attacks and that figure is
bound to increase by up to 30% or more yearly.
● Social engineering attacks such as email phishing, voice phishing, SMS
phishing, and link bait are the most common form of attacks on small
businesses, especially on those without an online presence.
● A general knowledge of cyber security as a start up firm/new business, would
help curb and prevent most of the attacks to an extent while working to put
The CIA Triad

The CIA triad is a model designed to guide policies for information security within
an organization. It can be broken down into:

● Confidentiality
● Integrity
● Availability
● Non-repudiation
Confidentiality

● Protection from unauthorised access.


● Employ an authentication process.
● Implement security controls.
● Ensure that access control policies are implemented.
● Only authorised people have access.
● Should apply to all assets.
Integrity

● Protection from unauthorized modification.


● Only authorized modifications are made.
● Ensure that data is accurate, authentic and safe.
● Ensure correctness of data.
● Data must be complete and clear.
Availability

● Protection from disruptions in access.


● Data must be available when needed.
Non-repudiation

● Non-repudiation refers to a situation where a statement's author cannot


successfully dispute its authorship or the validity of an associated contract.
● Sender/Receiver cannot deny the validity of a message sent/received.
● Achieved with the help of digital signatures.
● Ensures that a party to a contract or a communication cannot deny the
authority of their signature.

You might also like