Cyber security is the field of protecting computers, servers, mobile devices, electronic systems, networks, and data from harmful attacks. It's also called information technology security or electronic information security. Cyber security services is essential because many organizations and individuals store and process a lot of data on their devices and networks, such as personal information, financial records, medical records, and military secrets. If this data is exposed or stolen, it could have serious consequences. Cyber security started in 1972 with a research project on ARPANET (The Advanced Research Projects Agency Network), which was the precursor to the internet. ARPANET created protocols for connecting computers remotely.
Cyber security has several types that cover different aspects of protection :
• Network security is the practice of keeping a computer network safe from unauthorized access, data breaches, and other network-based threats. It uses technologies such as firewalls, intrusion detection systems (IDS), virtual private networks (VPNs), and network segmentation.
• Application security is the practice of making software and devices secure from threats. A compromised application could expose the data it's supposed to protect. Successful security starts in the design stage, before a program or device is deployed.
• Information security is the practice of preserving the integrity and privacy of data, both when it's stored and when it's transmitted.
• Operational security is the practice of managing and protecting data assets. It includes the permissions users have when they access a network and the procedures that determine how and where data can be stored or shared.
• Disaster recovery and business continuity are the practices of responding to a cyber-security incident or any other event that causes the loss of operations or data. Disaster recovery policies specify how the organization restores its operations and information to the same level as before the event. Business continuity is the plan the organization follows while trying to operate without certain resources.
• End-user education is the practice of teaching people how to follow good security practices. Anyone can accidentally introduce a virus to a secure system by not following good security practices. Teaching users to delete suspicious email attachments, not plug in unknown USB drives, and various other important lessons is crucial for the security of any organization.
Cyber security also faces different kinds of threats that could damage the confidentiality, integrity, or availability of data or systems. Some of these threats are:
• Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks aim to overload a system's resources and make it inaccessible to legitimate users.
• Drive-by attack involves downloading harmful code from a corrupted website without the user's awareness or consent.
• Phishing and spear phishing attacks use fake emails that look like they come from trusted sources to trick users into giving up sensitive information or clicking on harmful links or attachments.
• Password attack involves guessing or cracking a user's password to gain unauthorized access to their accounts or systems.
• Cross-site scripting (XSS) attack injects harmful code into a web page that runs in the browser of a user who visits that page.
• SQL injection exploits a weakness in a database-driven application by inserting harmful SQL statements into an input field that is run by the database server.
• Man-in-the-middle (MitM) attack intercepts and changes the communication between two parties who think they are directly communicating with each other.
Cyber security is a changing and growing field that requires constant attention and adaptation to counter new and emerging threats. By knowing the types of cyber security and the types of threats they face, organizations and individuals can better protect their data and systems from cyber attacks.