Computer and Cyber Security
What is Computer Security?
Computer security is protecting the information that is stored in the computer from anyone stealing or harming it. It is a process of preventing a person who is not authorized, to access your computer.
Normally computer security is maintained in a stand-alone machine (personal computers) by having the system updated and patched regularly.
Different types of Computer Security
There are three different types of Computer Security. They are as follows –
- Physical Security
- Network Security
- Executable Security
Physical Security – This type of computer security is one of the simplest and easiest to interpret. Anyone who has access to the computer can access it.
Always we need to make sure not to share our passwords in-order to safeguard our system from data thefts. Our computers should not be left unattended, as others can access all our files.
Physical security is one of the basic securities that one must consider.
Network Security – Firewall is one of the most important computer security.
This firewall helps the network security by stopping any of the unauthorized networks that would attempt to access your computer.
Executable Security – Anti-virus security is known as executable security. This type of security is quite complex as it requires a team to code the anti-virus. Anti-virus is a must, to block the virus attacking the system.
These anti-virus securities are called executable security as they are executable files that need to be run on the computer, to be installed. With this, our computers would be more reliable.
Need for Computer Security
Computer security is one of the most important aspects, as it keeps all our data safe. Prevention helps to stop hackers (unauthorized users) from accessing our computers.
Today most of the transactions that we perform from shopping to banking are by accessing the websites (through a network).
The main intention of a hacker is to attack the system and get all the data stored in the system.
Once the hacker can access different computers, they can cause damage by formatting the hard drive.
Also, it would be easy for the hacker to attack other computers through your computer as they can hide their actual information.
Some of the objectives for computer security in any organization are –
- Confidentiality – This means that information should be accessed only by authorized users.
- Integrity – Here information should be added, modified or deleted only by an authorized user which means we need to protect information being modified.
- Availability – This means that the information should be available only to authorized people on demand.
How to secure our Computers –
- Secure passwords – Always we should keep in mind to create passwords that have at least 15 characters which include capital letters, special characters, and numbers.
- Anti-virus – Make sure to install and update the anti-virus regularly to prevent malware. Examples are Norton and McAfee.
- Two-way authentication – Here there would be two layers of authentication making it difficult for the hackers to get access to your accounts.
- Firewalls – Firewalls do not allow unauthorized users from accessing the network connected to the internet.
- Anti-phishing tactics – Attackers normally try to send an email with a malicious link or ask us to provide our data or send us any attached files. By doing this (by clicking on the malicious link, sending our personal data or clicking on any attachments) we fall in their trap and they would succeed to hack our computers.
- Encryption – This is a method of converting the plain text to secret text. Many applications follow this – Banking transactions, Computer passwords, etc.
Computer Security Threats
Computer Security threats are general risks that can harm the functioning of a computer.
Physical threat happens if someone steals the computer or does any physical damage to the computer and a non-physical threat happens if there is a virus attack on the computer.
These days cyber threats have increased in large numbers and one must be careful to prevent this.
What is Cyber Security?
Cyber Security is a way of protecting the computers, mobile devices, electronics systems from malicious attack, damage or unauthorized access. In other terms, it is known as Information Technology security.
The most common type of cyber attack is stealing sensitive data like credit card details, bank details or login information. Hence the integrity and privacy of the data must be protected ad it can be done by cybersecurity.
The main goal of cybersecurity is to have zero risks and protect our data.
Different types of Cyber Security
Below are the different types of cybersecurity that we need to be aware of-
- Network security – This type of security prevents any unauthorized users to intrude in the network.
- Application security – This type of security helps applications to be more secure by finding external threats.
- Information security – Information security is also called as data security. This keeps the data safe by securing it from unauthorized data when the user saves it or transfers it to another machine.
- Cloud security – This type of security protects and monitors the data in your cloud resources.
Is Computer Security and Cyber Security the same?
Computer Security mainly deals with the security of stand-alone systems. One major aspect of computer security is having stand-alone machines updated every time.
Cyber Security deals with the individual computers along with the networks they are connected to and with all those devices that the computer is communicating to such as mobile, printers, scanners.
Importance of Cyber Security
It is very crucial to understand the importance of cyber security in the current world.
With the internet and cloud computing controlling most of our data, we need to keep them protected from various internal and external threats.
Cybersecurity is very important for a company or organization as it would have critical information or data that needs to be maintained.
One of the ways cybersecurity is handled in these companies is that they train and educate the employees.
Also, most of the companies use tools provided by reliable services from cybersecurity provider companies like IBM Security, Cisco group.
Cyber Security in different organizations – Banks and others
Cybersecurity is very important in the Banking sector as customer assets are very confidential.
Most of the transactions these days are performed through online banking, so security experts have to include a security approach to prevent fraud and data breaches.
Most of the banks have cybersecurity in place. Good knowledge of threats and measures on controlling the same can help financial services firms to secure the system.
The most common type of threat that we observe in the banking domain is ATM malware and Mobile banking malware, fraudulent debit/credit card usage.
Cybercriminals are increasing day by day and we need to be more vigilant.
One more industry which is vulnerable to cyber threat is Health care. The cyber theft is happening with more complicated tools to attack the health care organization.
This sector must, therefore, have cybersecurity to protect the personal information of their patients.
As the hospitals would have all the information such as patient’s names, addresses, age, financial information, and Identity cards, hackers would get the needed data.
The online retail industry is one more industry that is vulnerable to cyber-attacks. Since most of the retail companies have their products online, there are high chances of theft happening over the network.
The first step to avoid this theft would be to educate the staff on cybersecurity and to invest in firewalls for the website to save the customer information from being hacked.
Education institutions are also one of the targets for cyber attacks. All the educational institutions contain large data of students, staff including sensitive details like name and address, which the hackers sell to the third party for money.
Financially as educational institutions handle a large amount of money as fees, they become the major targets for these cybercriminals.
Hence cybersecurity plays a very important role. Users should use a platform with extra security which prevents unauthorized access to the network.
15 Best practices of Computer Security and Cyber Security
People need to be smart and need to pay attention to the security of our personal computers. Few points that we need to keep in mind –
- Do not click on anything you are not sure to be safe.
- Do not open any attachments that show up in emails from an unknown person.
- Do not hand over your personal identification or debit card details, credit card details to strangers.
- Do not use unsecured public Wi-Fi networks as we don’t know if someone is looking at our data
- Always keep data back-up safe elsewhere.
- Make sure to keep changing the passwords often and follow the standards while choosing a password.
- Install a good Anti-virus on your computer and keep it up to date.
- Always enable the firewall
- Install the security software that helps to recognize the website that you be aware of.
- Do not use USBs or hard disks in other machines that you don’t trust.
- Make sure all the software is up to date.
- Lock your computers when you are not around.
- Do not run the programs that are unknown to you.
- Keep an eye on installed software and remove unnecessary software.
- Use a pop-up blocker.
Social Engineering and Cyber Attacks
When the network is secure, hackers fail to hack it and they in-turn target the users of that network. This is called Social Engineering.
In recent days these types of hackers have increased subsequently.
Following are different techniques used in social engineering attacks –
- Phishing – This is one of the oldest methods used. In this method, the Attacker sends an email expecting to get the information from the user back.
- Vishing – Here attackers attack in the form of voice phishing. They would contact over the phone and pretend to be from a bank or any other company.
- Smishing – Here attackers use SMS phishing and the person will receive a text message which looks like it is from the bank, asking for all the personal details.
- Whaling – In this form of phishing, the attackers attack the CEO or high-level person from the organization to get all the financial information.
- Smear Phishing – Here they target specific a person or business to get all the information. This is similar to Phishing except that the emails are designed in such a way that a single recipient is targeted.
Careers in Cyber Security
As the cyber threat is increasing day by day, there is a lot of scope for individuals with skills and awareness in cyber security (both software and hardware). Following IT professionals, are in much demand these days –
- Security engineer
- Security Analyst
- Security Architects