Cyber Security for an Organization

Presented By

Tejas C. WasuleGovt. College of Engineering,Amravati

Suraj A. JaiwalGovt. College of Engineering,Amravati

1. Introduction to Cyber Security

2. Need of Cyber Security

3. Types of Cyber Security

4. Types of Cyber Attacks And Preventions on it

5. Conclusion

6. References

Contents

Introduction to Cyber SecurityWhat is Cyber Space?•Worldwide Network of Computers•Open to Public (Internet)

What is Cyber Security?Technologies & Processes to Protect

• Computers• Networks• Data from Unauthorized Users• Vulnerabilities

Need of Cyber Security

1. To Protect Sensitive Business & Personal

Information

2. Safeguard National Security

3. To Protect Sensitive Data of• Government• Military• Corporation• Financial Institutions • Hospital & ETC

Email

Mobile

Network

Data

Website

Types of Cyber SecuritySecurity

1. Personal Files

2. Payment Information

3. Bank Account Details

4. Customer’s Information

Data

Website

Email

Mobile

Network

Types of Cyber SecuritySecurity

1. To Protect Online Data on Server

2. To Protect Online Operations of an

Organization

Data

Website

Email

Mobile

Network

Security

1. To protect Sensitive Information Sent Via

Email

Types of Cyber Security

Data

Website

Email

Mobile

Network

Security

Types of Cyber Security

1. Use Security Software on Smartphones

2. Encrypt Data on Mobile Devices

3. Reporting Procedure for Lost Mobile

4. Use Authentication

Data

Website

Email

Mobile

Network

Security

Types of Cyber Security

1. Secure Internal Network & Cloud Services

2. Secure & Encrypt your Organization's Wi-Fi

3. Set Safe Browsing Rule

Cyber Attacks…?1. What is Cyber Attack?

Attempt to • Destroy• Expose• Alter• Disable Unauthorized use of an Asset

2. Why Cyber Attacks Become Possible?• Vulnerability• Spam• Virus

1. SQL injection • Code Injection Technique that Exploits a Security Vulnerability in Application• Occurs at the Database layer of Application

2. SQL - Structured Query Language• Used to communicate with the database• ANSI-compliant SQL

MITM

XSS

DOS

SQL Injection

Phishing

Types of Cyber Attacks & PreventionsSQL Injection

• admin' -- • admin' # • admin'/* • or 1=1-- • ' or 1=1# • ' or 1=1/* • ') or '1'='1-- • ') or ('1'='1—

MITM

XSS

DOS

SQL Injection

Phishing

Types of Cyber Attacks & PreventionsSQL Injection Login Tricks

MITM

XSS

DOS

SQL Injection

Phishing

Types of Cyber Attacks & PreventionsSQL Injection-DEMO

MITM

XSS

DOS

SQL Injection

Phishing

Types of Cyber Attacks & PreventionsSQL Injection Preventions

SQL Injection

Phishing

MITM

XSS

DOS

Types of Cyber Attacks & PreventionsPhishing

• Is the act of attempting to acquire information such as Usernames, Passwords, and Credit card

• Using Fake Web-Pages identical to the legitimate one.

SQL Injection

Phishing

MITM

XSS

DOS

Types of Cyber Attacks & PreventionsPhishing-DEMO

SQL Injection

Phishing

MITM

XSS

DOS

Types of Cyber Attacks & PreventionsPhishing Preventions

1. Pay attention to the URL of a website.2. Be suspicious of unsolicited phone calls, visits.3. Do not provide personal information or

information about your organization 4. Do not respond to email solicitations for

personal information 5. Don't send sensitive information over the

Internet before checking a website's security

SQL Injection

Phishing

MITM

XSS

DOS

Types of Cyber Attacks & PreventionsMan-In-The-Middle Attack

The MITM intercepts communications between two systems and is performed when the attacker is in control of a router along normal point of traffic.

SQL Injection

Phishing

MITM

XSS

DOS

Types of Cyber Attacks & PreventionsCross Site Scripting(XSS)

AttackXSS is a security breach that takes advantage of dynamically generated Web pages.

SQL Injection

Phishing

MITM

XSS

DOS

Types of Cyber Attacks & PreventionsDaniel of Service(DOS)

AttackIt basically means, launching an attack, which will temporarily make the services, offered by the Network unusable by legitimate users.

Conclusion

1. The Goal of Secure Computing•Confidentiality•Integrity•Availability

2.Threats to Security in Computing•Interception•Interruption•Modification•Fabrication3. Controls available to prevent the threats •Encryption & Programing Controls•OS & Network Controls•Administrative Controls•Laws & Ethics

References1. http://en.wikipedia.org/wiki/

Cyber_security_standards

2. http://www.ccs.njit.edu/statica

3. http://www.unisys.com

Thank you

Any Que..??