FAQs

Cybersecurity is the practice of protecting your computer networks, user data and digitally accessible operational infrastructure from unauthorized access or theft.

Cybersecurity is critical for both personal and business use, as hackers can gain access to your computer systems to steal data or sabotage your operations. Several measures can be taken to protect your systems, including using strong passwords, installing antivirus software, and keeping your software up to date. But that is just the tip of the iceberg when it comes to protecting invaluable corporate data, infrastructure and investments.

Whichever way you look at it, cyber security is an important part of everyday life, and it is essential to have a plan in place to protect your company and its data.

There are many reasons why cyber security is important. For one, hackers are becoming increasingly sophisticated in their attacks, so it is important to have measures in place to protect yourself from their efforts. Additionally, businesses rely on computer networks for day-to-day operations, so it is important to ensure that these networks are protected from unauthorized access. Finally, cybercrime is on the rise, so it is important to take steps to protect yourself from increasing online threats.

Ultimately, cyber security is necessary to protect yourself and your data from online threats. By taking steps to secure your computer networks and user data, you can reduce the risk of being hacked, having your data stolen or your operations attacked through digital channels.

There are a few steps that one must implement in order to keep yourr computer secure. A few of these steps are:

• Implement a 2-way or multi-factor authentication
• Use uncommon alphanumeric passwords and secure them
• Update your computer regularly
• Install a good antivirus to protect your computer from malware
• Have a specialized firewall to keep attacks at a minimum
• Have anti-phishing software installed to identify fraudulent mails
• Use encryption to reduce data leakage and loss

Finally, it is very crucial to secure your DNS

Some of the common types of cyber-attacks are phishing, password attacks, malware, drive-by downloads, man-in-the-middle, rogue software, and malvertising.

Identity theft can be prevented by ensuring unique passwords, social media restrictions, shopping from trusted websites, installing spyware and malware protection tools, using only specialized security solutions for financial data, and always updating systems and software.

Managed security service providers (MSSP) deliver management and outsourced monitoring of systems and security devices. An MSSP can also handle upgrades, system changes, and modification. Opliciti is a MSSP.

An MSSP should provide a complete outsourced security solution for an organisation. The core of the MSSP business is providing security monitoring and incident response for an organisation’s enterprise networks and endpoints. However, as enterprise networks grow and evolve, support for other platforms, such as cloud-based infrastructure, has become a common component of MSSPs’ security portfolio.

Security Operation Center (SOC) is a centralized function within an organization employing people, processes, and technology to continuously monitor and improve an organisation’s security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents.

A SOC acts like the hub or central command post, taking in telemetry from across an organization’s IT infrastructure, including its networks, devices, appliances, and information stores, wherever those assets reside. The proliferation of advanced threats places a premium on collecting context from diverse sources. Essentially, the SOC is the correlation point for every event logged within the organization that is being monitored. For each of these events, the SOC must decide how they will be managed and acted upon.

DNS stands for Domain Name System. It maps the domain name into its corresponding IP address. The DNS server provides the website’s IP address.

It is software or hardware that blocks incoming or outgoing traffic from the internet to your computer. They are responsible for securing a network. A few common types of firewalls are:

Packet-filtering Firewalls: These are the most common type of firewalls that analyze packets and let them pass through only if they match an established security rule-set.

Proxy Firewalls: They filter network traffic at the application level.

Stateful Multilayer Inspection (SMLI) Firewalls: These filter packets at the network, transport, and application layers. Here, the packets are compared to the known trusted packets.

VPN is also called a Virtual Private Network; it connects a VPN server and a VPN client. It creates a safe encrypted tunnel across the internet.

The user has a VPN client installed on the machine. The VPN client then creates an encrypted tunnel to the VPN server; thus, information is received and sent to the internet securely.

Malware is a malicious software that harms the security of your device. The different sources of malware are:

• Pop-ups
• Removable media
• Documents and executable files
• Internet downloads
• Network connections
• Email attachments
• Malicious advertisements

There are several threats that a company can face; on a broader scale, we can classify them as:

• Natural Threats: These include natural disasters beyond human control, threats like a tornado, fire, floods, etc.
• Man-made: These are threats where humans are the cause, like theft, hacking, etc.
• Technical: These threats could be either a software bug or a server fail, or any technical failure.
• Supply System: Any electric outage or short circuit kind of problem falls under this category.

An SQL injection vulnerability enables an attacker to inject malicious input into an SQL statement. This attack allows the attackers to view, edit, and delete tables in a database. Additionally, attackers can also obtain administrative rights.

The types of SQL injection are:

• In-band SQLi: Error-based and Union-based
• Blind SQLi: Boolean-based and Time-based
• Out-of-bound SQLi

In spoofing, an attacker pretends to be another person or organization and sends you an email that appears to be legitimate. The email looks almost genuine, and it is hard to spot such a fake one. An example of such an email is as follows:

Ransomware blocks victims from accessing personal files and demands a ransom to regain access. It is a type of malware. There are three categories of ransomware:

• Scareware: It is a form of malware that uses social engineering to cause fear or anxiety to manipulate users into buying unwanted software.
• Screen Lockers: Here, the users’ computers are locked, and it displays an official-looking message. It thus prevents them from logging in to their computers.
• Encrypting Ransomware: The ransomware displays a message demanding payment in return for the private asymmetric key needed to decrypt the encrypted file’s symmetric keys.

Social engineering attacks manipulate people so that they end up sharing their confidential information. This attack has three categories:

• Phishing Attack: Here, the user opens the mail with the attachment and unknowingly downloads the virus.
• Spear Phishing Attack: Here, the attacker targets a specific individual or a group of people.
• Whaling Phishing Attack: Whaling Phishing attack is a type of attack that specifically targets wealthy, powerful, and prominent individuals.

Here, the attacking computer takes the IP address of the client. The server continues communicating with the attacker, unaware of this.

Phishing is a common cyber-attack where the cybercriminal acts like a trusted person and extricates sensitive and financial information from users or victims. Phishing attacks can be prevented by ensuring that firewalls are used, antivirus software and internet security are used and sensitive information is not included in web pages that cannot be trusted.

Black hat hackers are highly skilled individuals who illegally hack into a system. The motive behind this is mostly for monetary gain. These individuals are also known as security crackers.

White Hat Hackers, also called ethical hackers, are individuals who discover vulnerabilities in a computer network. Such a hacker works to defend organizations and governments.

Honeypots are computer systems that are used to lure attackers. It is used to deceive attackers and defend the real network from any attack. As seen below, the real network is safeguarded.

In black box testing, the tester has zero knowledge of the IT infrastructure. Here, the testers will be unaware of the application, and they would have to gather information all by themselves. Based on the gathered information, testers will identify system vulnerabilities, if any. It is important as it emulates the attack of an external hacker.

A white box attack emulates an insider who can be an employee in the organization trying to make unvalidated profits. In this form of testing, the tester has complete knowledge of the IT infrastructure.

A key set of guidelines used by most organizations for securing information is called the CIA Triad:  Confidentiality, Integrity, and Availability.

• Confidentiality: Accessible and readable only by authorized personnel.
• Integrity: Data is not manipulated by unauthorized personnel.
• Availability: Ensuring data is available to the user whenever it is required. It should also support hardware maintenance, regular upgrades, recovery, network bottleneck, and data backup.

Encryption and Hashing convert data in readable format into an unreadable format. In the case of encryption, data CAN BE converted into its original form by decryption. However, in the case of hashing, data CAN NOT be returned to the original format.

Vulnerability Assessment:
This is the process deployed to find out the flaws in the target itself.  This is because the organization has already determined the flaws or weaknesses and has to prioritize the issues for fixing.

Penetration Testing:
In this method, the attempt is to find the vulnerability of the target itself. The process is to establish if the security measures the organization has implemented are sufficient to protect it from being hacked and if the system and network are well protected.

SSL is defined as the method of secure socket layer for verifying the Identity of the center and nothing else. And SSL will help the person to ensure and track the person you are talking to but can also be tricked. TLS is a type of identification tool similar to SSL. But it ensures that there are improved security features and additional protection to the layer. These have to be used together.

Secure Sockets Layer (SSL) is the standard followed in the security knowledge industry to develop encrypted connections between the browser as well as the web server. This standard ensures that data privacy is maintained and that online transactions are protected from external attacks.

The following steps have to be followed to establish an SSL connection:

• The browser will connect to the web server which is secured by SSL.
• The browser will send a copy of the SSL certificate.
• The browser verifies if the SSL certificate is trustworthy. If trustworthy, the browser will send a message to the server requesting to establish an encrypted connection.
• The web server acknowledges and starts to build an SSL encrypted connection.
• The encrypted SSL communication begins between the browser and the web server.

Cognitive cyber security is the application of artificial intelligence technologies for the human thought process to identify threats and protect physical and digital systems.

When a number of related malicious program-carrying devices are connected to the  internet they are called a botnet. . These related devices are controlled by a common attacking party to perform malicious activities e.g. send spam.

Data leakage is defined as the unintentional or planned leakage of data of an organization to external users, those who do not have permission to access or view such data. It typically is the disclosure of confidential information to unauthorized users.

There are three ways in which such leakage can occur:

1. Accidental Breach: A user has unintentionally sent the data to a person who is not permitted to view it and is thus a personal error or blunder.
2. Intentional Breach: A user sends confidential data to an entity that is not permitted to view it, on purpose.
3. System Hack: Different techniques are used such that data leakage is triggered. The major solution to contain data leakage is to use preventive tools software and certain techniques or strategies called the data leakage prevention tools.