Cyber Security

 

Cyber security is the application of technologies, processes, and control to protect systems, networks, programs, devices, and data from cyber-attacks. It aims to reduce the risk of cyber-attacks and protect against the unauthorized exploitation of systems, networks, and technologies.

What is a cyber-attack?

A cyber-attack is a deliberate attempt by external or internal threats or attackers to exploit and compromise the confidentiality, integrity, and availability of information systems of a target organization or individual(s). Cyber-attackers use illegal methods, tools, and approaches to cause damage and disruption or gain unauthorized access to computers, devices, networks, applications, and databases.

Cyber-attacks come in a wide variety. The following list highlights some of the important ones that criminals and attackers use to exploit software:

1.      Malware

2.      Ransomware

3.      Injection attacks (e.g., cross-site scripting, SQL injection, command injection)

4.      Session management and Man-in-the-Middle attacks

5.      Phishing

6.      Denial of service

7.      Privilege escalations

8.      Unpatched/Vulnerable software

9.      Remote code execution

10. Brute force


As organizational assets are made up of multiple disparate systems, an effective and efficient cyber security posture requires coordinated efforts across all its information systems. Therefore, cyber security is made up of the following sub-domains:

Application Security

Application security involves implementing various defenses within all software and services used in an organization against a wide range of threats. It requires a secure application architecture design, secure code, implementation of strong data input validation, threat modeling, etc. to minimize the likelihood of any unauthorized access or modification of application resources.

Identification of Management and Data Security

Identification of management includes frameworks, processes, and activities that enable authentication and authorization of legitimate individuals to information systems within an organization. Data security involves implementing strong information storage mechanisms that ensure the security of data at rest and in transit.

Network Security

Network security involves implementing both hardware and software mechanisms to protect the network and infrastructure from unauthorized access, disruptions, and misuse. Effective network security helps protect organizational assets against multiple external and internal threats.

Mobile Security

Mobile security refers to protecting both organizational and personal information stored on mobile devices like cell phones, laptops, tablets, etc. from various threats such as unauthorized access, device loss or theft, malware, etc. 

Cloud Security

Cloud security relates to designing secure cloud architectures and applications for organizations using various cloud service providers such as AWS, Google, Azure, Rack space, etc. Effective architecture and environment configuration ensure protection against various threats. 

Disaster recovery and business continuity planning (DR & BC)

DR & BC deals with processes, monitoring, alerts, and plans that help organizations prepare for keeping business-critical systems online during and after any kind of a disaster as well as resuming lost operations and systems after an incident.

User Education

Formally training individuals regarding topics on computer security is essential in raising awareness about industry best practices, organizational procedures, and policies as well as monitoring and reporting malicious activities. 

Best cyber security practices to prevent a breach

1. Conduct Cyber Security Training and Awareness Programs.

2. Perform risk assessments

3. Ensure vulnerability management and software patch management/updates

4. Use the principle of least privilege

5. Enforce secure password storage and policies

6.  Implement a robust Business Continuity and Instance Response (BC-IR) plan

7.  Perform periodic security reviews

8.  Backup data

9.  Use encryption for data at rest and in transit

10. Design software and networks with security in mind

Want to know more about MIT College of Railway Engineering and Research Barshi, MH. 

Comments

Post a Comment

Popular posts from this blog

Mechanical Engineering as a Career Path: Reasons, Job Prospects & Opportunities Explored

Image
Engineering is regarded as one of the most sought after career options in India. Working across several industries, engineering graduates handle a vast array of operations from development and production to quality check and distribution. From banks to the automobile industry to IT firms – engineers are required in every domain, today. Like any other, the manufacturing sector also encompasses a skill set required for production and development. This demands a great deal of specialized knowledge and expertise. Hence, mechanical engineers come to the rescue here.  The manufacturing or mechanical engineers are recruited by all kinds of organizations which manufacture a variety of machines, robotics and other equipment. Responsibility for layout, production planning and control, as well as maintenance is also a vital job responsibility that mechanical engineers undertake. Defining Mechanical Engineering Mechanical Engineering deals with the construction, design, repai...
Read more

The Barsi Light Railway

      The Barsi Light Railway between Latur and Miraj in Maharashtra was a pre-independence private company.) And set up a private company with a share capital of Rs. 7,014,477. The company's office was permanently located at Winchester House, Broad street, London. The Narrow-Gauge Railway, 2 feet 6 inches wide, was started on March 1, 1897, just 9 feet wide along Kurduwadi Barshi Road. The company's India office was initially located in Barshi and later in Kurduwadi. A. L. Alexander was appointed chief manager and agent. The duo of Alexander and Calthrop brought BLR a golden day by night. His salary was 2200 and 1500 rupees per month. Initially built only for Barshi Road (Kurduwadi) to Barshi, it grew to 323 km from Latur to Miraj in 1927, becoming the largest private narrow gauge railway in India. Due to the Warakaris going to Pandharpur, this vehicle was called the vehicle of God. Even on Ashadi Ekadashi, people used to sit not only on the train tracks but also in fron...
Read more

Structural Engineering

Image
Structural engineering is the branch of Civil Engineering in which theory is based upon physical laws and empirical knowledge of the structural performance of different materials. Structural engineering design utilizes a number of simple structural elements to build complex structural systems. Structural engineering is a specialty within the field of civil engineering which focuses on the framework of structures, and on designing those structures to withstand the stresses and pressures of their environment and remain safe, stable and secure throughout their use. In other words, structural engineers make sure that buildings don't fall down and bridges don't collapse.  Critical skills that a person needs in structural engineering include an in-depth understanding of physics and mathematics. A structural engineer must also know the properties of various materials, such as their density, hardness, tensile strength, bulk modulus and bending strength. They need to be able to calculat...
Read more