The world is going to be digital at a higher pace and the trend can be predicted to continue in the future because the benefits of digital transformation, including increased efficiency, convenience, and accessibility, become gradually apparent.
In current times the world is experiencing online shopping, online banking, and telemedicine, and even working from home has changed the entire approach to doing business. Therefore, it is extremely challenging for organizations that have stepped into the digital world, particularly in developing countries where organizations are in the transformation phase. The need of protecting digital assets has also increased.
In order to protect digital assets from cyber criminals who are well-skilled and have advanced tools to compromise the organization’s security. This blog is all about some basic terminologies in the domain of Cyber Security.
Cyber Security:
Cyber Security is a term that refers to the protection of the entire information system, including Hardware, Software, and associated infrastructure, that runs data on them and, services they provide from unauthorized access, misuse, and harm.
Information Security:
This refers to the protection of the Confidentiality, Integrity, and Availability security model. Confidentiality means protection of sensitive information from unauthorized access, or disclosure. Integrity ensures the data can not be altered or deleted by an unauthorized person while the data is at rest (Store) and in transit (transformation). Availability means the data should only be accessible to the authorized user when it is needed.
Vulnerability
Weakness in the computer system, network, or software that can be exploited by cyber criminals.
Ethical Hacking
These are the hacking techniques used to protect the information system by identifying the vulnerabilities in the system, network, and application that could be exploited by cybercriminals. Ethical Hacking or Penetration Testing drills ensure the better security of the organization, whereas, Ethical Hackers are the security professionals who are hired to test the system by simulating attacks and finding the loopholes or vulnerabilities in the system.
Malware
A type of software that is designed with the intention to harm or exploit computer systems, networks, or devices. This includes viruses, worms, Trojans, and ransomware.
Social Engineering
A kind of attack that trick individuals into revealing sensitive information or performing actions that cause to compromise their own security.
Phishing
A type of social engineering attack where attackers use fraudulent emails, websites, or texts to trick individuals into revealing sensitive information, such as passwords or financial information.
Data Breach
An authorized access to the information system in order to alter, damage, or steal sensitive information or intellectual property.
Botnet
A network of compromised computers or devices that are controlled by remote malicious actors to compromise the other systems.
Access Control
A techniques that implement the security policies that ensure who will access the data, application, and resources.
Encryption
It is the process of hiding the information by converting the plain text into a security code that could not be possible to read if someone capture such information
Zero Day Attack
A kind of Cyberattack that exploit the vulnerability which is not known by the cybersecurity community yet.
