We Want to Bring More Women into Cyber Security

Since 2013 every year we have arranged different cyber awareness programs nationwide. We have day-long programs or weekly programs to keep our youth safe in cyberspace. In 2021 our research says, of the COVID-19 pandemic cybercrime has increased. Most of the time we are in lockdown and we spend much time online. We received a lot of similar complaints from our youth and most of them belong to 14 to 24. It's an alarming sign for our nation. To keep our youth safe in cyberspace we have planned a 30 days campaign.

As part of our campaign, WID is going to arrange a two-hour-long program on "Cyber Security Awareness" on 14 September 2022 at Mohammadpur Kendriya College. All the students and teachers can take part in this program.

What is Cyber security !

The practice of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this. At least, that’s what the dictionary says. Do you agree? Over the years the term cybersecurity has been thrown around to the point where it is almost synonymous with terms like IT security or information security. It’s kind of like saying every square is a rectangle, but not every rectangle is a square.

Confused? Let’s break it down

Cybersecurity Defined

Every square IS a rectangle because a square is a quadrilateral with all four angles being right angles. Similarly, cybersecurity IS a part of the IT security umbrella, along with its counterparts, physical security and information security.

 But not every rectangle is a square, since the criteria to qualify as a square means all sides must be the same length. The point is, not all IT security measures qualify as cybersecurity, as cybersecurity has its own distinct assets to protect.

CompTIA’s Chief Technology Evangelist, James Stanger says it best when he defines cybersecurity as “focusing on protecting electronic assets – including internet, WAN and LAN resources – used to store and transmit that information.”

 Of course, the threat to these electronic assets are hackers who have malicious intent to steal proprietary data and information via data breaches. Thus, it would seem the fully realized definition should include an evolving set of cybersecurity tools designed to protect confidential data from unauthorized access. To do so, it’s necessary to consider how people, processes and technology all play equally important roles in keeping information safe.

Why Is Cybersecurity Important?

One of the many advantages to living in a world where every device is connected is convenience. It’s incredibly easy to conduct work, manage your social calendar, shop and make appointments from your smartphone or device. That’s why it’s become second nature to many of us.

But, of course, the convenience of connected data also means threats from bad actors can do a lot of damage. Cybersecurity initiatives are essential to protecting our data and thus, our way of life.

Types of Cybersecurity

Cybersecurity can be categorized into five distinct types:

● Critical infrastructure security

● Application security

 ● Network security

● Cloud security

● Internet of Things (IoT) security

To cover all of its bases, an organization should develop a comprehensive plan that includes not only these five types of cybersecurity, but also the three components that play active roles in a cybersecurity posture: people, processes and technology.

Types of Cybersecurity Threats

Staying ahead of cybersecurity threats isn’t an easy job. There’s a long list of threats that IT pros pay attention to, but the problem is that the list keeps growing. Today, cyberattacks happen on the regular. While some attacks are small and easily contained, others quickly spiral out of control and wreak havoc. All cyberattacks require immediate attention and resolution.

Cyber security professionals should have an in-depth understanding of the following types of cyber security threats.

1. Malware

Malware is malicious software such as spyware, ransomware, viruses and worms. Malware is activated when a user clicks on a malicious link or attachment, which leads to installing dangerous software. Cisco reports that malware, once activated, can:

• Block access to key network components (ransomware)
• Install additional harmful software
• Covertly obtain information by transmitting data from the hard drive (spyware)
• Disrupt individual parts, making the system inoperable

2. Emotet

The Cybersecurity and Infrastructure Security Agency (CISA) describes Emotet as “an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware.”

3. Denial of Service

A denial of service (DoS) is a type of cyber attack that floods a computer or network so it can’t respond to requests. A distributed DoS (DDoS) does the same thing, but the attack originates from a computer network. Cyber attackers often use a flood attack to disrupt the “handshake” process and carry out a DoS. Several other techniques may be used, and some cyber attackers use the time that a network is disabled to launch other attacks. A botnet is a type of DDoS in which millions of systems can be infected with malware and controlled by a hacker, according to Jeff Melnick of Netwrix, an information technology security software company. Botnets, sometimes called zombie systems, target and overwhelm a target’s processing capabilities. Botnets are in different geographic locations and hard to trace.

4. Man in the Middle

A man-in-the-middle (MITM) attack occurs when hackers insert themselves into a two-party transaction. After interrupting the traffic, they can filter and steal data, according to Cisco. MITM attacks often occur when a visitor uses an unsecured public Wi-Fi network. Attackers insert themselves between the visitor and the network, and then use malware to install software and use data maliciously.

5. Phishing

Phishing attacks use fake communication, such as an email, to trick the receiver into opening it and carrying out the instructions inside, such as providing a credit card number. “The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine,” Cisco reports.

6. SQL Injection

A Structured Query Language (SQL) injection is a type of cyber attack that results from inserting malicious code into a server that uses SQL. When infected, the server releases information. Submitting the malicious code can be as simple as entering it into a vulnerable website search box.

7. Password Attacks

With the right password, a cyber attacker has access to a wealth of information. Social engineering is a type of password attack that Data Insider defines as “a strategy cyber attackers use that relies heavily on human interaction and often involves tricking people into breaking standard security practices.” Other types of password attacks include accessing a password database or outright guessing.

Multi-Layered Cybersecurity

Businesses, governments and individuals store a whole lot of data on computers, networks and the cloud. A data breach can be devastating in a variety of ways for any of these entities.

The good news is that the importance of cybersecurity has been steadily increasing over the years to the point where executives outside of the IT department are taking notice and setting priority. In fact, International Data Corporation (IDC) predicts that global spending on security will hit $103.1 billion in 2019, then grow at a compound annual growth rate of 9.2% through 2022, eventually reaching $133.8 billion.

The key takeaway? Cybersecurity is a complex practice, and the best way to prevent attacks and protect your information is via a multi-layered cybersecurity approach that weaves together your people, processes and technology.