250 likes | 464 Views
Cyber Security. PRESENTED BY: Isaac Momanyi Maonga : D61/79546/2012 Anthony Njogu :D61/75282/2012 Bernard Njenga: D61/62047/2013 Bryan Tetea : D61/67521/2011 Rose Waeni : D61/79063/2012. Definition.
E N D
Cyber Security PRESENTED BY: Isaac MomanyiMaonga: D61/79546/2012 Anthony Njogu :D61/75282/2012 Bernard Njenga: D61/62047/2013 Bryan Tetea: D61/67521/2011 Rose Waeni: D61/79063/2012
Definition • Cyber security (n) is defined as the state of being protected against the criminal or unauthorised use of electronic data, or the measures taken to achieve this. • Cyber security, also referred to as information technology security, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction. • Governments, military, corporations, financial institutions, hospitals and other businesses collect, process and store a great deal of confidential information on computers and transmit that data across networks to other computers. With the growing volume and sophistication of cyber attacks, ongoing attention is required to protect sensitive business and personal information, as well as safeguard national security.
Introduction • Cyber security involves protecting information and systems from major cyber threats, such as cyber terrorism, cyber warfare, and cyber espionage. Cyber threats take aim at secret, political, military, or infrastructural assets of a nation, or its people. Cyber security is therefore a critical part of any governments’ security strategy. • Cyber terrorism is the disruptive use of information technology by terrorist groups to further their ideological or political agenda. This takes the form of attacks on networks, computer systems, and telecommunication infrastructures
Introduction (cont’d) • Cyber warfare involves nation-states using information technology to penetrate another nation’s networks to cause damage or disruption. • Cyber espionage is the practice of using information technology to obtain secret information without permission from its owners or holders. • Cyber espionage is most often used to gain strategic, economic, political, or military advantage. It is conducted through the use of cracking techniques and malware • During a US Senate hearing in March 2013, top intelligence officials warned that cyber attacks and digital spying are the top threat to national security, eclipsing terrorism.
Glossary of Cyber security terms • Bot − A computer connected to the Internet that has been surreptitiously/secretly compromised with malicious logic to perform activities under the remote command and control of a remote administrator. • Honey pots – Computers that are either intentionally or unintentionally left vulnerable to attack by hackers. They can be used to catch hackers or fix vulnerabilities. • Denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users, mainly by use of bots. • Cryptography − The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication and data origin authentication. • Data Breach − The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.
Glossary of Cyber security terms (cont’d) • Digital Forensics − The processes and specialized techniques for gathering, retaining and analysing system-related data (digital evidence) for investigative purposes. • Information Assurance − The measures that protect and defend information and information systems by ensuring their availability, integrity and confidentiality. • Intrusion Detection − The process and methods for analysing information from networks and information systems to determine if a security breach or security violation has occurred. • Malware − Software that compromises the operation of a system by performing an unauthorized function or process. • Penetration Testing − An evaluation methodology whereby assessors search for vulnerabilities and attempt to circumvent the security features of a network and/or information system. The term “white hat” refers to an ethical computer hacker, or a computer security expert, who specialises in penetration testing
Glossary of Cyber security terms (cont’d) • Phishing − A digital form of social engineering to deceive individuals into providing sensitive information. • Root − A set of software tools with administrator-level access privileges installed on an information system and designed to hide the presence of the tools, maintain the access privileges and conceal the activities conducted by the tools. • Software Assurance − The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software functions in the intended manner. • Virus − A computer program that can replicate itself, infect a computer without permission or knowledge of the user and then spread or propagate to another computer.
Cyber security vs. Privacy – NSA’s PRISM • PRISM is a clandestine national security electronic mass surveillance program operated by the United States National Security Agency (NSA) since 2007. Its existence was leaked 10th June 2013 by NSA contractor (infrastructure analyst) Edward Snowden, after fleeing to Hong Kong. He later sought and was granted political asylum by Russia • Providers (mostly through legally binding orders and subpoenas, usually not voluntary) include phone company Verizon that had been ordered to turn over to the NSA logs (metadata) tracking all of its customers’ telephone calls, tech companies Microsoft, Yahoo!, Google, Facebook, YouTube, AOL, Skype, Apple, “with 98% of PRISM production [being] based on Yahoo, Google and Microsoft.”
Cyber security vs. Privacy – NSA’s PRISM (cont’d) • Is privacy dead? Or has privacy simply become less relevant? • Proponents argue that the NSA must have effective, efficient, and powerful tools at its disposal to counter the threats of the modern world. One cannot expect these tools to come without a price. The simple reality is that part of the price tag is a portion of the privacy to which we have become accustomed. (Implication: We must trust the US government with these tools.) • Opponents argue that the NSA has harmed global cyber security as it was revealed that NSA has worked to weaken the international cryptographic standards that define how computers secure communications and data, and also deliberately introduced backdoors into security-critical software and hardware.
How to overcome cyber attacks • User education and awareness • Produce user security policy cover ing acceptable and secure use of organization’s system. • Establish a staff training programme of the cyber risks. • Incident management • Establish an incident response and disaster recovery capability. • Provide specialist training to the incident management team. • Report criminal incidents to law enforcement
Manage user privileges • Establish account management processes and limit the number of privileged accounts. • Limit user privileges and monitor user activity. • Control access to activity and audit logs • Malware protection • Produce relevant policy and establish anti-malware defences that are applicable and relevant to all business across. • Scan for malware across the organization
Secure configuration • Apply security patches and ensure that the secure configuration of all ICT systems is maintained. • Create a system inventory and define a baseline build for all ICT devices. • Network security • Protect your networks against external and internal attack. • Manage the network perimeter • Filter out unauthorized access and malicious content • Monitor and test security controls
Monitoring • Establish a monitoring strategy and produce supporting policies. • Continuously monitor all ICT systems and network. • Analyze logs for unusual activity that could indicate an attack. • Removable media control • Produce a policy to control all access to removable media. • Limit media types and use. • Scan all media for malware before importing on to corporate system
Building cyber threat management capabilities • Anticipate capabilities • Assess inherent risks and implement controls • Detect capabilities • Monitor and track emerging risks and current controls • Respond capabilities • Prevent and investigate incidents • Contain capabilities • Communicate and Improve
Implications • All citizens should be aware of cyber risks, secure their computers and take steps to protect their identities, privacy and finances Online. • Businesses should operate a secure and resilient information and communications technologies to protect the integrity of their own operations and the identity and privacy of their customers. • Government should, ensures its information and communications technologies are secure and resilient.
Conclusion • With the rapid escalation in the intensity and sophistication of cyber crime and other cyber security threats, it is imperative that government, business and the community are aware of the severity of cyber security risks, and commit to work together to protect what has become a vital component of our economy and society.