Cyber Security also known as Computer security or IT security is the protection of computer systems from the theft or damage to the hardware, software or the information on them, as well as from disruption or misdirection of the services they provide.
ICT has permeated many industries and insecurity of data and ICT components is becoming a major point of concern.
The goal of Cyber Security course is to equip learners with knowledge on contemporary issues on ICT security, so that the users can achieve information confidentiality, integrity and availability.
Introduction to Cyber Security
Key Threats to Data Security
Data can be
- lost or damaged during a system crash – especially one affecting the hard disk
- corrupted as a result of faulty disks, disk drives, or power failures
- lost by accidentally deleting or overwriting files
- lost or become corrupted by computer viruses
- hacked into by unauthorised users and deleted or altered
- destroyed by natural disasters, acts of terrorism, or war
- deleted or altered by employees wishing to make money or take revenge on their employer
The Security Triad
ICT security policies address the risk of destruction or corruption of data due to an attack or some other unexpected incident.
The three types of risks addressed by enterprises having a formally defined ICT security policy correspond essentially to the core elements of the ICT security definition, i.e. integrity, confidentiality and availability of data and systems.
The CIA triad of confidentiality, integrity, and availability is at the heart of information security
Confidentiality: – Only authorized users can access the data resources and information.
Integrity: – Only authorized users should be able to modify the data when needed.
Availability: – Data should be available to users when needed.
Threats to Computing environments in the global village
The Global village is a view that people are connected by easy travel, mass media and electronic communications, and have become a single community.
Hardware Security
This refers to the protection of physical systems from harm.
Equipment destruction attacks, for example, focus on computing devices and networked non-computing devices such as the ever-increasing number of connected devices IoT (Internet of Things) environments.
These environments are bringing connectivity and communications to large numbers of hardware devices that must be protected through either hardware- or software-based security.
Software Security
Software Security – Software security is an idea implemented to protect software against malicious attack and other hacker risks so that the software continues to function correctly under such potential risks.
Any compromise to integrity, authentication and availability makes a software insecure. Software systems can be attacked to steal information, monitor content, introduce vulnerabilities and damage the behavior of software. Malware can cause DoS (denial of service) or crash the system itself.
Personnel Security
Personnel Security – is used to provide a level of assurance as to the honesty, trustworthiness, in the use of ICT resources.
The aim is to reduce the risk of loss, damage or compromise of ICT resources, create an environment where those accessing ICT resources are aware of the responsibilities that come with that access and abide with their obligations