The practice of protecting internet-connected systems such as hardware, software and data from cyber threats is called cybersecurity. To protect against unauthorized access to data centers and other computerized systems, cybersecurity is mainly used by individuals and enterprises. To access, alter, delete, destroy or extort an organization’s or user’s systems and sensitive data, a strong security posture is designed which is provided by an effective cybersecurity strategy against malicious attacks. It is also instrumental in preventing attacks designed to disable or disrupt the operations of systems or devices.
An ideal cybersecurity approach should have multiple layers of protection across any access point or attack surface. For data, hardware, software and connected networks, a protective layer is included. Moreover, all employees within an organization who have access to any of these endpoints should be trained on the proper compliance and security processes. As an another layer of protection against threats some organizations also use tools such as unified threat management systems. These tools can detect, isolate and remediate potential threats and notify users if additional action is needed.
The cybersecurity field is divided into several different sections. These sections are as follows:
- Network security
- Disaster recovery and business continuity planning
- Cloud security
There are different types of cyber threats. Some of them are listed below:
- Computer worms and viruses are computer programs that can adversely affect the quality and performance of a computer, computer network or a computer resource. Computer viruses may also be responsible for data pilferage resulting in huge loss or damage to the affected person. It is very simple and easy to transfer virus and worms from one system to another system.
- Ransomware is a kind of malware involving an attacker locking the victim’s computer system files via encryption and demanding a payment to decrypt and unlocking the victim’s computer.
- Social engineering is an attack that relies on human interaction. It tricks users into breaking security procedures to gain sensitive information that’s typically protected.
- Phishing is a kind of cyber threat where fraudulent email or text messages are sent that resemble those from reputable or known sources. Generally random attacks, the intent of phishing messages is to steal sensitive data, such as credit card or login information.
- E-mail spoofing is a kind of cyber offence similar to the offence of identity theft with only minor differences.
- Vishing is one of the cyber threats which is a combination of “voice” and “phishing”. It is similar to a fraudulent act, but here the fraud occurs over automated or manual phone calls that guide the victim to gain financial reward; this results in the victims providing the account number and password.
- Man-in-the-middle attacks are eavesdropping attacks that involve an attacker intercepting and relaying messages between two parties who they believe are communicating with each other.
At JIMS Vasant Kunj II BCA program offers papers focused on cybersecurity and also makes them easy to understand. Today many IT Companies are recruiting the employees based on this topic.
Shivangi
Assistant Professor, BCA Department
JIMS, VK II