Description of Cyber-Security: -
The cyber-security is defined as technology or procedure developed in order to protect the computer systems, hardware, software and network etc. from any external or unauthorized access, from vulnerabilities that are supplied via the internet through cyber criminals (Goutam, 2015). The cyber-security method through which the interests of users over the internet, its network-based digital equipment and the confidential information are protected by the malicious users performs attacks via the internet connection. With the development of technology, the different attacks are also developed along which is making the internet connection more vulnerable to attacks. Below listed the characteristics which should be added in cyber-security policy to make it successful: -
àUsable: - The policy which is developed for the network security should be usable. A usable cyber-security policy is easy to understand the employees of the organization. With the usable cyber-security policy, all members of the organization will able to share their responses to each other for protecting the network from any unauthorized access.
àExceptions should be added: - The Cyber-Security policy should be developed by adding some exceptions according to the organization. The updated rule list should flexible and adaptive so that the management of the organization is able to implement the cyber-security policy successfully in order to protect the organization’s confidential data.
Common Attack possible on the system
Phishing Scam: - In this attack, an attempt is made to acquire the private information of users such as password, username, and sensitive financial information by masquerading an unauthorized entity in the communication. When the phishing attack is performed, the user thinks that they are accessing the connection as a legitimate user.
Malware: - It is a malicious software which is installed on the system without any prior information to the users. The system of users can be infected with the malware when the users open an email attachment and clicks on the link. The installed malware collects and redirects whole information of system to the malicious user’s system which is further users to access the financial accounts of users.
DDoS: - In this attack, a malicious user is able to deny the network functionality without any providing any prior knowledge to legitimate users. By performing the DDoS attack, the attacker can perform costly disruptions in a system which may damage the user’s reputation trustworthiness.
Ways to protect system: -
Intrusion Detection System
Behind the firewall in the network, the intrusion detection system is installed as offline tools which mainly focusses on the detection and logging security events that occur to affect the business’s private network. Intrusion Detection System primary reports the anomalies and the detects the known threats that are present in the private network and uses a group of “signatures” in which the bit patterns are used along with RFC application compliance in order to detect any known malware threats. The Intrusion Detection system provides a window to the security administrator look out, any security policy violations, infections like viruses or trojan horses available, information leakage, configuration issues etc.
Between the untrusted public network and trusted private network, network firewalls could be installed which will filter traffic that is generating regularly. The firewall is a network security device which helps the security analysts to monitor incoming or outgoing network traffic and provides features to the network to decide which traffic access should be allowed to block based on the security rules configured.
Goutam, R. (2015). Importance of Cyber Security. International Journal Of Computer Applications, 111(7).