An Introduction to Cyber Security
Also known as computer security, cyber security is the process of protecting computer systems from theft or damage to hardware, software, or information, including the disruption of services. The protection process includes controlling physical access to the hardware, protecting against network access, data and code. Because there is a huge reliance by people on computer systems, Internet, wireless networks like Bluetooth and Wi-Fi, and the rapidly growth of smart devices, etc., cyber security is also becoming an important factor in the digital world.
To be able to secure and protect a computer system, it is also equally important to know the different security threats, such as the following: backdoor in a computer system refers to any secret method of bypassing normal authentication or security controls, which may be a result from poor configuration in the original design of the computer system or may have been added by an authorized party to allow some legitimate access or by an attacker for malicious reasons; denial of service attack is designed to make a machine or network resource unavailable to its intended users; direct-access attacks is a condition where an unauthorized user can gain physical access to a computer for the purpose of directly copying data in it or installing software worms, key loggers, covert listening devices or wireless mice; eavesdropping is the act of surreptitiously listening to a private conversation between hosts on a network; spoofing is a fraudulent or malicious practice in which communication is disguised as a source known to the receiver; tampering is a malicious modification of products; privilege escalation is a situation where an attacker with some level of restricted access is able to, without authorization, which can elevate their access level; phishing is an attempt to acquire sensitive information, like usernames, passwords, and credit card details directly from users; click-jacking is a malicious technique in which an attacker tricks a user into clicking on a button or link on another webpage while the user's intention is to click on the top level page; and social engineering is a method of convincing a user to disclose secrets such as passwords, card numbers, etc., like impersonating a bank, a contractor, or a customer. Check out this CISSP page.
The following are cyber security measures using a device, procedure or technique to reduce the amount of threat, vulnerability or attack by elimination or prevention: security by design means that the software, used in the computer system, has been designed from the ground up to be secure; vulnerability management adopts the cycle of identifying, remediate, or mitigating vulnerabilities in software and firm ware; hardware protection mechanism uses devices and methods, such as dongles, trusted platform modules, intrusion-aware cases, drive locks, disabling USB ports, and mobile-enabled access; and secure coding which aims to guard against the accidental introduction of security vulnerabilities. Here’s a good Cyber Security Consultancy you must visit.
Learn more about cyber security at https://en.wikipedia.org/wiki/Cyber_security_standards.