Upload
amos-oyoo
View
141
Download
4
Embed Size (px)
Citation preview
INTRODUCTION TO CYBER SECURITY
Presented by Amos Oyoo
what is cyber security?
• Cybersecurity is the ability to protect or defend Cyberspace from an attacks – (National Institutes of Standards Technology –NIST)
• Cyber attack – an attack for disrupting, disabling, destroying or maliciously controlling a computer environment/infrastructure; or destroying the integrity of the data or stealing controlled information
What is cyberspace?Cyberspace is where
online communication happens. If you've spent time chatting with friends
on the Internet, you've been in cyberspace.
Cyberspace is a world of information through the
internet. It can be said that anything
that is done via the use of internet, occurs within the confines of the cyberspace
Why does cybersecurity matter?
•Cybersecurity is involved every time we touch a computer or a computing device
•Your cyber hygiene affects others
•Cyber security is a shared responsibility
Why Cybersecurity Training?
•Status of the office•We already have:
• Management Controls
• Technical Controls
• Operational Controls
•We need:• Human Controls
Who are the victims of cyber attacks?
• Businesses• Government• Financial
Institutions• Energy Companies• Educational
Institutions• Media outlets• You
What do we stand to lose?•Money•Reputation •Personal information
Who are the attackers?• Hackers • Cyber criminals• Cyber spies• Nation-States• Malicious Insiders• Hacktivists –
hackers with political motives
• Script Kiddies 76 Chinese Hackers Arrested in
Runda
How are they attacking?• Network attack (Denial of service; man-in-
the middle attack; Brute force attack etc)• Malware Distribution – malicious software:
(through emails; infected documents; websites; QR codes; Crypto-locker)
• Social Engineering -psychological manipulation of people to divulge confidential information
• Data theft
Who are our defenders?• ICT Team• Security Vendors – firewalls,
antivirus, Intrusion monitors and detections
• ICT Hardware/Software manufacturers
• The Government – laws, policies, prosecutions etc
• You, the User
What are we protecting?
What is information systems
• A computer information system is a system composed of people and computers that processes or interprets information.
• The software used to run a computerized database or to refer to only a computer system.
Computer-Based Information Systems
Quality information needs to possess the following attributes:
Without data and the ability to process it, an organization
could not successfully complete most business activities
The Value of Information
• Value of information is directly linked to how it helps decision makers achieve their organization’s goals
• For example, value of information might be measured in:• Time required to make a decision• Increased profits to the company
security VS Safety
Security: We must protect our computers and data in the same way that we secure the doors to our homes. Safety: We must behave in ways that protect us against risks and threats that come with technology.
LEADING THREATS• Virus - A virus attaches itself to a program, file, or disk• Worm - Worms are more sophisticated viruses that can
replicate automatically and send themselves to other computers by first taking control of certain software programs on your PC, such as email.
• Trojan Horse / Logic Bomb• Phishing –acquire sensitive information such as usernames,
passwords, and credit card details often for malicious reasons, by masquerading as a trustworthy entity
• Social Engineering
LOOMING THREATS• Cloud services• Ransomware• Spear phishing - is an email that
appears to be from an individual or business that you know.
• The Internet of Things