SlideShare une entreprise Scribd logo

Introduction to cyber security

Télécharger en tant que PPTX, PDF
R
RaviPrashant5

Ø Information security is the protection of information from unauthorised access, use, disclosure or destruction through various means. This includes protecting both physical and electronic data. Ø Cyber security, also known as information security, aims to ensure the confidentiality, integrity and availability of information by protecting it from malicious attacks, damage or misuse when stored and accessed digitally. Ø As an employee, you are responsible for securing any information about customers, your organisation, colleagues and yourself to prevent misuse or unauthorized access according to the Data Protection Act 2018. This includes information stored electronically and in physical records.

Formation
1  sur  50
Introduction to Cyber Security
What is Cyber Security?
 The internet is an incredibly valuable tool for almost everyone, connecting us online on a 24/7 basis. You may use a laptop to shop online your phone to upload photos to Facebook, a computer to enter financial information at work or on tablet to send and receive emails from customers, patients or friends. But are you aware of the risks that come with these digital interactions?  Our constant connectivity, at work and at home presents many new data security risks. You may be unaware of them, but these risks are becoming increasingly common.  As an employee it's essential that you understand how to protect yourself. your company and your customers when working online. Throughout this course, you learn about common online security threats. Introduction The majority of us use the internet on a near-daily basis. According to the Office for National Statistics, 91% of adults in the UK were recent internet users in 2019.
The topics covered in this section are: What is information security? What is cyber security? Why is cyber security important? Who is at risk? Employee responsibilities Cyber security survey
You may have heard the phrases ‘information security’ and ‘cyber security’ being used interchangeably. Both refer to the processes that are put in place to ensure information in kept confidential and available only to those with authorised access. Information can include personal records as well as businesses data. It may be stored and accessed using computers or in written records but it must be kept safe wherever it is located. Information security can be divided into two categories:  The protection of the physical environment through physical measures and  The protection of the electronic data from being accessed without authorisation. This second category is what is referred to as cyber security. Information security is the protection of information from unauthorised access, use, disclosure or destruction through various means. This includes, but is not exclusive to, electronic data. What is Information Security?
What is Information Security? The acronym stands for:  Confidentiality: The information can only be read by those who are authorised and have been granted access.  Integrity: The information can only be altered by those people or processes that have been authorised.  Availability: The Information can be accessed and used when necessary (by those with authorised access). Information that is considered to be secure must meet all three criteria. If just one is compromised security has been breached and personal and/or private data may be at risk of a serious cyber attack. Therefore, it is crucial that all three principles are protected at all times. The main principles of information security are collectively known by the acronym CIA.
What is Cyber Security  cyber security is the means by which individuals and organisations protect their digital files data, networks and programs This is often done through good practices, including the safe storage of data.  The main function of cyber security is to protect both the devices we use (computer Laptops smartphones ,etc ) and the data we access from malicious attacks, damage or misuse.  Cyber security A form of data protection The information that protected may include:  Private and personal information.  Sensitive or private information about employees clients patients or Customers.  Confidential business integration.  Intellectual property. Cyber security also means presenting your work computer, home computer and personal device from being Infected with malware and viruses. The National Cyber Security Centre defines cyber security as the protection of internet connected systems, the data on them and the services they provide from unauthorised access harm or misuse.
Why is cyber–Security Important Britain is targeted by up to 1,000 cyber attacks every hour. Research by Beaming, a business internet service provider, found that on average, UK businesses were subjected to 119,659 internet-borne cyber attacks each in the first quarter of 2019. Action Fraud, the UK's National Fraud & Cyber Crime Reporting Centre reported that between October 2017 to March 2018, £ 706 million was lost by victims . During this same period 332,570 crimes were reported to Action Fraud. Of these 62% were from businesses and 39% from individuals . The Office for National Statistics (ONS) reported 535,000 cases of unauthorised access to personal information from July 2018 to June2019. The UK government found that 32% of all businesses have identified at least one cyber security breach or attack in the last 12 months (2018/9). The average annual cost to businesses as a result of information breaches In 2019 was £4,180. While for charities this cost was significantly higher at£9 470. You must be vigilant when online and take measures to prevent cyber attacks from being successful. The following statistics on cyber security demonstrate the scale of the threat
Who is at Risk  Anyone who accesses the internet is vulnerable to cyber attacks.  Attacks are performed by individuals who wish to gain unauthorised access to your information, usually for malicious intent. These people are often referred to as hackers.  Hackers develop and use complex computer programs that attack networks, usually at random.  Attacks can happen to any device that is connected to the internet whether via a fixed connection or over Wi-Fi (wireless internet). This includes desktop computers, laptops, tablets (such as iPads), smartphones and any other device that uses the internet.  Cyber attacks can happen at any time of day or night whether you're online for five minutes or five hours. They can affect just your individual network your whole offices network or the networks of hundreds of businesses around the world,
Employee Responsibilities Even if you don't work at a desk every day, most jobs will require you to carry out some tasks using the internet. Therefore, you have a responsibility to take basic internet safety precautions. As an employee, you must protect any information held about your customers or clients. your organisation your colleagues and yourself from misuse or unauthorised access. Under the Data Protection Act 2018 any information that you handle about customers patients or clients needs to be held securely and confidentially. The Includes names and addresses contact details banking information, medical records, etc. Similarly, you must ensure that any intellectual property belonging to the business, as well as any operational or financial information is kept secure and inaccessible to those who do not have access permissions. You should follow these same principles at home. Consider what information you store or share online including personal contact details, photos, usernames and passwords
Cyber Security Survey Consider the following questions and compare the behaviours to your current internal habits
Summary Ø Information security is the protection of information from unauthorised access, use disclosure or destruction through various means This Includes, but is not exclusive to, electronic data. Ø Cyber security is the means by which individuals and organisations protect their digital files data, networks and programs from malicious attacks, damage or misuse. Ø Under the Data Protection Act 2010, you must protect any information held about your customers, your organisation your colleagues and yourself from misuse or unauthorised access. Ø You should follow the same principles a home to ensure the information you store online including personal contact details photos and credit card details is secure
Types of Cyber Attacks
In this part of the course, we’ll take a look at different types of cyber attacks that you may come across in the workplace and at home. This module focuses on the most common cyber attacks in the UK, explaining what they are how they work and the possible consequences of each. Introduction As technology advances, so do cyber attacks, so it's important that you keep up to date with the latest developments and risks to information security
The topics covered in this section are:  Phishing  Spear phishing  Malware, viruses, worms and Trojans  Ransomware  Protecting yourself from a cyber attack
Phishing Phishing gets its name from ‘Fishing for Information’ meaning the process of getting people to disclose their personal information themselves. To do so, the hacker relies on people trusting messages or conversations as being genuine. Phishing is a popular method for cyber attackers because it's an easy way of targeting large groups of people and has a high success rate. It's known as a social engineering technique because it exploits human weakness by manipulating and deceiving people into sharing their confidential Information. Phishing is the most common type of cyber attack in the UK. It refers to any attempt made by cyber hackers to obtain information such as usernames. passwords or bank details.
Phishing The email could look as though it's from the technical support department of an organisation or a personal contact known to the target. Crucially, the email will often look legitimate. For example, you may receive an email that appears to be from your bank. Often, this fake email claims you have been hacked or there is an issue with your account. Messages like this make people incredibly worried and so they are more likely to act quickly and often somewhat irrationally You may be asked to confirm your credit card number and security code via Phishing attackers pretend to be a trustworthy party, usually through an email they send out.. a link to what seems to be a legitimate website. If you click this link and log in with your personal details, you’d effectively be handing over your bank details straight to the attacker. Once the hacker has your private details, there is a nigh risk of them accessing your data, including you savings. Even if you do get the money you have lost refunded, it can be incredibly stressful to try and do so
Spear Phishing  To increase their chances of success, the attacker may find out personal details about the target person or organisation to ensure that their emails look legitimate and trustworthy. They will often impersonate a company or a person that target knows. - For example, the attacker may send an email to each member of the finances team in your organisation asking for money to be forwarded to a specific bank account. The email will look realistic and appear to have been sent by the CEO, when, in reality, the employees would be sending money straight to the attacker  Many well-known companies such as Sony and Snapchat have fallen for spear phishing attacks. Spear phishing is a type of phishing attack that is directed at specific organisations or individuals, rather than large groups of people at random. It is becoming increasingly common.
Malware Malware is short for malicious software' and is designed to disrupt or damage data, software or hardware. Often, this means your device will no longer work as it should do. The attacker can install the malware onto your device using a variety of methods. All of them rely on you being tricked into downloading software for example: By clicking on an unsafe link or attachment in an email you may unknowingly download the malware. The malware may be attached to a link on a website which automatically downloads when you click on it. The malware may be packaged in with fake copies of normal software such as pirated copies of Microsoft Office. A You may download the malware by clicking on a pop-up window such as an advertisement. You may click on an unsafe link on a social media post that appears to have been posted by one of your friends
Viruses  This prevents the computer from running as it should do and can result in corrupted files and damaged software. It can even allow the attackers access to your computer by opening up a back door.  Viruses attach themselves to executable files. This means that the virus is not active until you open the file or application where it is stored. For example, if the virus attaches itself to the Microsoft Word application, the virus will activate every time you open up a Word document. Once active the virus can make a copy of itself somewhere else on your computer and this process repeats.  Viruses can spread from computer to computer using your internet connection or computer network as well as through file sharing or email attachments. 5o. If you have an infected Word document and you email to your ca league the virus will become active on their computer as soon as they open the file A virus is a type of malware that when you download it copies itself onto parts of data. computer applications or crucial parts of a computer's hard disk.
Worms Worms are similar to viruses in that they are also a type of malware that makes copies of itself to spread between devices. Unlike viruses, however, worms are standalone software and can copy themselves like clones: they do not need a host file or application to join onto, Worms don't tend to damage or corrupt data as viruses do either Instead. they aim to install a back door in the network that allows the attacker to access your device and Information. Worms spread through vulnerabilities or failures in the security of the devices system They spread across the network that you are connected to such as your office network and can quickly infect an entire workplace . Worm attacks have four stages: 1 The Worm probes machines to try and find any vulnerabilities that can be b led to copy itself onto. 2 Once the worm has located a vulnerability, it penetrates the machine and exploits this weakness 3 Next, the worm attaches itself to the remote math where stores 4 Finally, the worn will self replicate, identifying new devices and to try and probe to repeat the process and spread
Trojans disguise themselves as legitimate software or programs, such as a screensaver or an app, so that people are tricked into downloading them onto their devices. Once the Trojan has been downloaded the malware provides the attacker with access to your device. This means they can copy your files delete information, monitor what you are doing and activate and spread other malware, such as viruses. Trojans do not replicate themselves as viruses and worms do Instead, they are spread by device serial downloading infected attachments programs or files. Trojan A Trojan is another type of malware that can damage your device. It is named after the wooden horse that the Greeks hid inside to infiltrate and attack the city of Troy.
Ransomware The attacker will often threaten to publish the confidential files or permanently delete them unless the user pays the ransom within a certain amount of time. Potentially, all of the data stored on the infected device could be lost. Ransomware is usually disguised as a legitimate file, such as an email attachment tricking the user into downloading it onto their device. The WannaCry cyber attack mentioned in the previous module is an example of ransomware it infected thousands of computer networks around the world Including those used by the NHS. This ransomware was different to most because it didn't require user interaction to spread between computers Ransomware is malware that gains access to your files, locks them so they become inaccessible and then demands payment for their release or decryption.
Protecting Yourself from a Cyber Attack When it comes to protecting yourself and your device from potential cyber attacks: Don't click on any email attachments or links that you are uncertain of. Always be cautious when clicking on email attachments or downloading software or apps as this is often how malware infects devices. Keep all software up to date. One of the main reasons as to why the NHS was particularly vulnerable to the WannaCry ransomware attack was because advice to update software and systems was ignored. Protect your device with security software. Norton or MCAfee are recommended by cyber security experts as some of the best available. Keep all data securely backed up. This way, if you fall victim to cyber attack you will not lose all your important data However. this does not stop the attacker from gaining access and threatening to leak for that may be confidential Don't pay the ransom Paying it does not guarantee that the attacker will release your files back to you or that they' stop blackmailing you once they know you are want to pay.
Summary Ø Phishing is the process of getting people to disclose their personal information. The hacker relies on the trusting messages or conversations as being genuine. Ø Spear phishing is a type of phishing that is directed at specific organisation or individuals, rather than age groups of people at random. Ø Ransomware gains access to your files lose them so they become inaccessible and the demands payment for heir release or decryption. Ø Malware, such as viruses worms and Trojans, attack your device and prevent from working properly. The attacker gains access to your device when you click on an infected file link or attachment Ø Identity theft is a type of cyber attack the involves the theft of personal details becomes identity fraud when these details are used to commit fraud
Information Security
Introduction Information security includes physical forms of data as well as electronic For example, information that is printed or written out. Consider again the CIA acronym: central to information security is ensuring the confidentiality, integrity and availability of data is protected and maintained. If just one of these is compromised, then the security of personal and/or private data is at risk. You need to be aware of the internal and external threats to information security. This module will also explain how organisations can manage their vulnerabilities to these threats, as well as the specific areas that are most at risk The first module of this course introduced information security as the protection of information from unauthorised access, use, disclosure or destruction.
The topics covered in this section are:  Internal threats to information security.  External threats to information security.  Areas at risk of information security threats
Threats to Information Security § As well as understanding and managing the threats to cyber security, you need to protect information that is in a physical form. § Due to rapid developments in technology, the way we access, and store information has changed drastically. This means that in most workplaces, the majority of data is online rather than physically produced. § However, we do keep and rely on information that is written down or printed out and if confidential documents are left unattended at your desk, there is nothing stopping someone from taking them. For example, if a contractor has already been granted access to the premises, they may have the opportunity to steal the papers with relative ease. To prevent this from happening confidential physical documents should be safely secured, such as locked in a filing cupboard.
Internal Threats to Information Security Figures from the UK's Information Commissioner's Office (CO) show that of the personal data breaches reported to them in the first half of 2019: 43% occurred due to incorrect disclosure. 20% were a result of data being posted or faxed to the incorrect recipient. 18% were due to information being emailed to the incorrect recipient. Only 59% were a result of data being given due to a phishing attack.
Internal Threats to Information Security  Internal threats to information security originate from inside a company. They are the result of human action by an employee contractor or supplier. Internal threats to information security fall into two categories: 1. Accidental, such as data that is leaked due to human error. 2. Intentional, often a malicious action by a disgruntled employee.  Those working within a company already have much more access to the systems than any external threat does. They have physical access to the place where the information (physical or digital) is stored, and often the privileges to access it such as account passwords,  As a result insiders may misuse information west, information or commit fraud. This could be done either accidentally or intentionally, The difference between internal and external threats to information security is the identity of the attacker.
Internal Threats to Information Security The actions of insiders, who are largely internal staff, can pose a serious threat to information security. Arguably, they are the biggest cause of breaches, rather than external threats such as hacking by a cyber criminal. The main internal threats to information security are: Human Errors Employees may accidentally leak data, making what should be confidential accessible to an unauthorised party. For example, you may: Accidentally leave your work laptop on public transport or misplace a USB device. An opportunist attacker may then steal the device and gain access to the data. Accidentally send a sensitive email to the wrong person. Take work containing sensitive data home and access it on your home network. If there are any weaknesses in your network, there is a greater risk of a cyber attacker gaining access to your files. Social Engineering Cyber Attack As explained some cyber attacks rely on human action on behalf of the employee, this is what makes it an internal threat. Companies are often targeted by attackers who use the technique of spear phishing. You may receive an email that appears to be legitimate and seemingly sent by one of your colleagues. However, you click on a link to a document within the small, this could download harmful malware to your device. There is then the risk of this spreading to the whole network as well as threatening the information security of a business data.
Internal Threats to Information Security Further internal threats to information security include Employees Downloading Malicious Content Employees may access websites that have pop-ups on pages or have dangerous malware on them. They could be using the internet for work-related purposes or otherwise, such as surfing the web for personal use. Just going on certain websites alone can result in malicious content being unknowingly downloaded onto a device. Once here. It has the potential to infect the whole of the company's network Stolen or Leaked Data Employees and particularly those working in IT departments, often have easy access to confidential data. Therefore, a seriously disgruntled employee has the means to passwords, steal confidential data, or unleash malware onto the company network. An employee may do so if they were denied a promotion or bonus, they felt they deserved or due to their contract being terminated or they might have a new job with a competitor, and so be stealing confidential data, such as client information for this purpose. Some employees may also have infiltrated the company under false pretences. They could be hoping to access and sell information on the black market or be working for someone else's interests. This is why thorough background checks into a prospective employee are a necessary measure for jobs that require the handling of certain data
External Threat to Information Security External threats are those that come from outside of a company. Generally, the external threat to information security is from cyber attackers who intend to steal or damage some company's confidential data. Often, external attackers try to locate and then exploit any network vulnerabilities to security that are beyond the firewall. However, they may also try to gain access to your data by breaching the external defences that are in place to prevent such attacks, such as firewalls and anti-virus software. Another technique hackers may use is to release a virus. Trojan or worm into a network. You can return to the previous module if you require a refresher about the different types of cyber attack including the three above. if these attacks by external individuals or parties are successful they may be able to access confidential data. They might then steal company or customer data distribute further malware on prevent access to the data until a ransom is paid. Verizon's 2019 report concluded that 69% of cyber attacks were perpetrated by outsiders. Outsiders represent external threats to information security
External Threat to Information Security Often, money is not their motivation, Rather. they are driven by attempts to promote a certain agenda or religious. The international group Anonymous are one of the more well known hacktivist organisations. They frequently operate for political or social purposes, shutting down the websites of organisations through DDOS cyber attacks. For example, in 2016 the group claimed responsibility for a cyber attack of Narita Airport, Tokyo. The attack that shut down the airport's website, was in response to the detention of an American anti-whaling activist as he tried to enter japan. So-called 'hacktivists' are an external threat to the information security of some organisations
Areas at Risk of Information Security Threats Although all businesses are at risk of threats to their information security. some are targeted more frequently. There are also specific areas within an organisation that are most at risk. Certain industries are more prone to cyber attacks and other threats to information security than others .Data from Verizon's 2019 report concluded that of the breaches in 2018:  166 were within the public sector.  15% involved healthcare organisations OF 10% were within the financial sector. In addition, small businesses alone were victim to 43% of breaches
Summary Ø As well as understanding and managing the threats to cyber security, you need to protect information that farm in a physical. Ø Internal threats to information security originate from inside a company (such as employees) while external threats come from outside (cyber attackers). Ø Duplicate copies of data should be kept either on a hard drive or cloud-based storage such as Google Drive, Microsoft OneDrive or Dropbox Ø Measures to manage organisational vulnerabilities to threats include installing antivirus software, updating system encrypting data, monitoring internet usage. controlling access rights and training employer. Ø Although the majority of breaches occur within the public administration sector. a businesses need to protect in particular, that which is financial, personal or includes email and passwords combination is more at risk
How to Improve Information Security
Introduction  In this part of the course, we'll take a look at the actions you can take to improve your online security. Being cautious when online will reduce the likelihood of you falling victim to a cyber attack.  Throughout this module, you'll learn what signifies that a website is likely to be trustworthy, how to create a secure password, how to identify potentially unsafe emails and how to use social media safely.  The information in this section can be applied to your online presence both at work and at home helping you to stay safe whilst using the internet. Most of the practices we suggest can be implemented easily, so start to make the necessary changes as soon as possible
The topics covered in this section are: Sharing information Creating a strong password Password security Emails Social media
Sharing Information .Before doing so, consider: Who will have access to the information? What will happen to the information you have shared? Is the information one of the characteristics protected by the Equality Act? For example, does it refer to race, religion. sexuality, etc.? Do you have permission to share the information? How much information actually needs to be shared? Is sharing the information in line with your organisation's data protection policy? Are you sharing the information via the most secure method or is there a safer alternative You should always think carefully before sharing any sort of personal or confidential information online, whether it be with a person or a service
Before sharing any sort of information online, even if it's simply entering a username and password, you should always check that the website you re on is reputable and trustworthy Check the website URL begins with 'https The majority of website URLS begin with https but be cautious of those with just 'http, https means that communications between the user and the browser are encrypted converted to code to prevent unauthorised access. These sites are protected by an SSi certificate that prevents the information from being intercepted as it enters the site and goes to the server. While you should be looking out for sites with this URL be aware that it doesn't guarantee that a website is legitimate and secure, Nowadays anyone can apply for a basic SSL certificate and quite easily get an 'https URL meaning it's possible that fake domains may be used for phishing purposes. Look for a padlock icon next to the website address The closed padlock indicates that its connection is secure and means that the information shared between you and the website is private. You can click on the icon to see summary of how secure your browser believes the connection to be. Your browser such as Google Chrome will also alert you if you can't visit the site safely or privately. Always ensure the website URL is exactly what it should be: Before you click on any links have your mouse over and the URL shows up at the bottom left of your browser. Once on the website look at the address bar to make sure you on the site you intend to be on. Hackers often make subtle changes that can easily be missed, such as co-0perativebank.co.uk instead of co-operativebank.co.uk. You Unknowingly end up entering your username and password and other bark details into a phishing site
 Almost all websites require you to have a password to log in and access their services. When you turn on your computer, it's likely you'll have to enter a password to log in to you you'll have to enter several others to log into the various software that you will use in your workplace. When you enter your password, it is matched against the password stored by the website. Access is then granted if this authorisation takes Place.  However, coming up with various passwords and then remembering which is for what website can be difficult Therefore, many people often end up using the same, simple password for several websites. Passwords are a common way of authenticating individual users online. They allow websites to check your identity and authorise access to a resource (your account). Password A study by the UK'S National Cyber Security Centre (NCSC found that 123456 was the most widely used password for accounts that are hacked. The simple combination of numbers appeared in 23 million passwords, followed by other easily-guessed ones such as 123456789 password and qwerty
Creating a strong Password  One way in which hackers crack people's passwords is by using complex computer programs. Some of these programs automatically enter random word and number combinations until they find a match and can login to your account. The majority of computer systems allow a maximum number of unsuccessful login attempts, after which the account is locked This is a measure in place to try and prevent hacking from succeeding.  Therefore, using a password that is a combination of numbers or your favourite football team isn't very secure. To prevent unauthorised access to your accounts your password should be at least 10 characters long and contain a combination of:  Both upper- and lower-case letters.  Numbers.  symbols/.  You should avoid using:  Dictionary words.  Names Particularly the names of ends family or pets. A strong password needs to be memorable for the user, while also being difficult for anyone else to guess.
For your passwords to be more secure there are a few simple rules that you should follow, both at work and at home Don't write your password down Avoid keeping a written record of any of your passwords because you never know whose hands, they could end up in. In particular, never keep passwords on a note next to your computer Essentially, you a be handling access to your accounts straight to any potential hacker. The same goes for keeping your passwords saved in an online document without password protection Avoid using the same password for different accounts and change your password regularly . One of the main reasons as to why someone's account has been hacked is because they use the same password for a secure website as one that is less protected. This means that an attacker has been able to crack your password for an account on a website that has low Severity and then used this to access more secure website such as online banking Never share passwords with anyone else Each user should have their own individual account and you should keep the password to this confidential. If another employee needs to access the data , they should be given their own personal login. Don't Leave account signed in Although setting all your account to automatically login will make it easier for you to access them, it also make it very easy for someone else to access your information.
Emails It is likely you receive spam emails to your work and private mail accounts on a regular basis. Many of these automatically end up straight in your spam folder, so you may never actually see them as your email account usually deletes them after 30 days or so. However, some spam emails will slip through Into your inbox, so it's important to remain vigilant with all emails that you receive. There are various warning signs to look out for that may indicate an email has been sent by a cyber attacker. Remember to consider whether: You recognise the email address of the sender. You are expecting an email from the sender. The email has a normal genuine subject line or looks unusual. The subject line contains spelling punctuation or grammatical mistakes or unusual characters Previously, you learnt about phishing and how attackers can send out fake emails to try and gain access to confidential, personal or financial information.
Within the body of the email, you should specifically look out for Who the email is addressed to Many phishing emails simply say something generic such as Dear user or Dear customer. This is because it's much easier to send a mans spam email without having to personalize each one. However, be aware that some phishing emails will use your name to try and trick you into thinking them is genuine. Spelling and grammatical mistakes Phishing attacks are often sent from countries where English at the first language. As a result the email may be written in broken English and with errors. Calls to act urgently Spam emails ay request that you provide information quickly claiming that your accounts a risk. Genuine companies such as banks would never request information using this method. In fact your ever ask for all your account and security details over the internet or phone. Low quality images or logo Pixelated or blurry images , amateur – looking graphics or even colours that don’t seem quiet right may indicate a phishing email.
Social Media Social media is a very useful platform for cyber attackers to get hold of your personal details in order to commit identity theft. As result it's important that you give your social media accounts the same level of security as you would your email inbox or your bank account. You need to be careful to not overshare any information that could aid potential cyber criminals. You should do this by:  Making sure that you create and keep secure passwords for social media accounts, as previously explained.  Being cautious of what information you share and the passwords you use, if you work in a marketing department you will likely have access to and control of some company social media accounts.  Ensuring your privacy settings are secure. This means you can restrict who can see and access the content you've shared. The majority of people have at least one social media account. This may include Facebook, Twitter. LinkedIn. Instagram or Snapchat
Summary Ø Before sharing any sort of information online even if it's simply entering a username and password, you should always check that the website you're. Ø When you enter your password, it is matched against the password stored by the website Access is granted this authorisation successfully takes place. Ø A strong password needs to be memorable for the user while also being difficult for "anyone else to guess. Ø Before sharing any sort of information online even if it's simply entering a username and password, you should always check that the website youre on is reputable and trustworthy

Recommandé

Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
introduction to cyber security
introduction to cyber securityintroduction to cyber security
introduction to cyber securitySlamet Ar Rokhim
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awarenessJason Murray
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYPranjalShah18
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Cyber security
Cyber securityCyber security
Cyber securityChethanMp7
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptxkishore golla
 
Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Simon Salter
 

Recommandé

Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
introduction to cyber security
introduction to cyber securityintroduction to cyber security
introduction to cyber securitySlamet Ar Rokhim
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awarenessJason Murray
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYPranjalShah18
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Cyber security
Cyber securityCyber security
Cyber securityChethanMp7
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptxkishore golla
 
Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Simon Salter
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxChandanChandu928137
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Cyber security
Cyber securityCyber security
Cyber securityBhavin Shah
 
Cyber security
Cyber securityCyber security
Cyber securityDr. Kishor Nikam
 
Cyber security
Cyber security Cyber security
Cyber security Sachith Lekamge
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityVivek Agarwal
 
Cyber security
Cyber securityCyber security
Cyber securitySamsil Arefin
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepalICT Frame Magazine Pvt. Ltd.
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Cyber crime and Security
Cyber crime and SecurityCyber crime and Security
Cyber crime and SecurityHussain777
 
cyber security
cyber securitycyber security
cyber securityBasineniUdaykumar
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security AwarenessSurya Bathulapalli
 
Cyber security
Cyber securityCyber security
Cyber securityHarsh verma
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityAkash Dhiman
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityChitra Mudunuru
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecuritydivyanshigarg4
 
Ppt
PptPpt
PptGeetu Khanna
 
Team 3_Final Project.docx
Team 3_Final Project.docxTeam 3_Final Project.docx
Team 3_Final Project.docxMarcusBrown87
 
Cybersecurity awareness.pdf
Cybersecurity awareness.pdfCybersecurity awareness.pdf
Cybersecurity awareness.pdfCRO Cyber Rights Organization
 

Contenu connexe

Tendances

1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Cyber crime and Security
Cyber crime and SecurityCyber crime and Security
Cyber crime and SecurityHussain777
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityAkash Dhiman
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityChitra Mudunuru
 

Tendances (20)

1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptx
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security
Cyber security Cyber security
Cyber security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 
Cyber crime and Security
Cyber crime and SecurityCyber crime and Security
Cyber crime and Security
 
cyber security
cyber securitycyber security
cyber security
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecurity
 
Ppt
PptPpt
Ppt
 

Similaire à Introduction to cyber security

Team 3_Final Project.docx
Team 3_Final Project.docxTeam 3_Final Project.docx
Team 3_Final Project.docxMarcusBrown87
 
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...AwodiranOlumide
 
Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...
Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...
Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...Assignment Help
 
Cybersecurity Awareness E-book by Propelled Technologies
Cybersecurity Awareness E-book by Propelled Technologies Cybersecurity Awareness E-book by Propelled Technologies
Cybersecurity Awareness E-book by Propelled Technologies Anwar CHFI, SSCP, ITIL
 
Cybersecurity Vs Information Security.pptx
Cybersecurity Vs Information Security.pptxCybersecurity Vs Information Security.pptx
Cybersecurity Vs Information Security.pptxInfosectrain3
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfJazmine Brown
 
What is Importance of Cyber Security
What is Importance of Cyber Security What is Importance of Cyber Security
What is Importance of Cyber Security Wee Tang
 
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESE-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESIJNSA Journal
 
Most Important Data Security Concerns Troubling Enterprises
Most Important Data Security Concerns Troubling EnterprisesMost Important Data Security Concerns Troubling Enterprises
Most Important Data Security Concerns Troubling EnterprisesBryTech INC
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of CybercrimeRubi Orbeta
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
 
Cybersecurity in the Digital Age
Cybersecurity in the Digital AgeCybersecurity in the Digital Age
Cybersecurity in the Digital AgeAqdaskhan19
 

Similaire à Introduction to cyber security (20)

Team 3_Final Project.docx
Team 3_Final Project.docxTeam 3_Final Project.docx
Team 3_Final Project.docx
 
Cybersecurity awareness.pdf
Cybersecurity awareness.pdfCybersecurity awareness.pdf
Cybersecurity awareness.pdf
 
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
techalpha07
techalpha07techalpha07
techalpha07
 
Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...
Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...
Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...
 
Shailendra Pandey.ppt
Shailendra Pandey.pptShailendra Pandey.ppt
Shailendra Pandey.ppt
 
Cybersecurity Awareness E-book by Propelled Technologies
Cybersecurity Awareness E-book by Propelled Technologies Cybersecurity Awareness E-book by Propelled Technologies
Cybersecurity Awareness E-book by Propelled Technologies
 
Cybersecurity Vs Information Security.pptx
Cybersecurity Vs Information Security.pptxCybersecurity Vs Information Security.pptx
Cybersecurity Vs Information Security.pptx
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdf
 
What is Importance of Cyber Security
What is Importance of Cyber Security What is Importance of Cyber Security
What is Importance of Cyber Security
 
Cyber security
Cyber securityCyber security
Cyber security
 
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESE-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
 
Most Important Data Security Concerns Troubling Enterprises
Most Important Data Security Concerns Troubling EnterprisesMost Important Data Security Concerns Troubling Enterprises
Most Important Data Security Concerns Troubling Enterprises
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of Cybercrime
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdf
 
Cyber security
Cyber securityCyber security
Cyber security
 
Shailendra Pandey.ppt
Shailendra Pandey.pptShailendra Pandey.ppt
Shailendra Pandey.ppt
 
Cybersecurity in the Digital Age
Cybersecurity in the Digital AgeCybersecurity in the Digital Age
Cybersecurity in the Digital Age
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)
 

Plus de RaviPrashant5

Equality and diversity
Equality and diversityEquality and diversity
Equality and diversityRaviPrashant5
 
Health and safety in the workplace
Health and safety in the workplaceHealth and safety in the workplace
Health and safety in the workplaceRaviPrashant5
 
Business and corporate taxation
Business and corporate taxationBusiness and corporate taxation
Business and corporate taxationRaviPrashant5
 
Anti money laundering (aml) and financial crime
Anti money laundering (aml) and financial crimeAnti money laundering (aml) and financial crime
Anti money laundering (aml) and financial crimeRaviPrashant5
 

Plus de RaviPrashant5 (10)

Whistle blowing
Whistle blowingWhistle blowing
Whistle blowing
 
Equality and diversity
Equality and diversityEquality and diversity
Equality and diversity
 
Health and safety in the workplace
Health and safety in the workplaceHealth and safety in the workplace
Health and safety in the workplace
 
Risk Assessment
Risk AssessmentRisk Assessment
Risk Assessment
 
Employment Law
Employment LawEmployment Law
Employment Law
 
Customer Service
Customer ServiceCustomer Service
Customer Service
 
Data protection
Data protectionData protection
Data protection
 
Business and corporate taxation
Business and corporate taxationBusiness and corporate taxation
Business and corporate taxation
 
Anti money laundering (aml) and financial crime
Anti money laundering (aml) and financial crimeAnti money laundering (aml) and financial crime
Anti money laundering (aml) and financial crime
 
Anti bribery
Anti briberyAnti bribery
Anti bribery
 

Dernier

Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 

Dernier (20)

Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 

Introduction to cyber security

  • 2. What is Cyber Security?
  • 3.  The internet is an incredibly valuable tool for almost everyone, connecting us online on a 24/7 basis. You may use a laptop to shop online your phone to upload photos to Facebook, a computer to enter financial information at work or on tablet to send and receive emails from customers, patients or friends. But are you aware of the risks that come with these digital interactions?  Our constant connectivity, at work and at home presents many new data security risks. You may be unaware of them, but these risks are becoming increasingly common.  As an employee it's essential that you understand how to protect yourself. your company and your customers when working online. Throughout this course, you learn about common online security threats. Introduction The majority of us use the internet on a near-daily basis. According to the Office for National Statistics, 91% of adults in the UK were recent internet users in 2019.
  • 4. The topics covered in this section are: What is information security? What is cyber security? Why is cyber security important? Who is at risk? Employee responsibilities Cyber security survey
  • 5. You may have heard the phrases ‘information security’ and ‘cyber security’ being used interchangeably. Both refer to the processes that are put in place to ensure information in kept confidential and available only to those with authorised access. Information can include personal records as well as businesses data. It may be stored and accessed using computers or in written records but it must be kept safe wherever it is located. Information security can be divided into two categories:  The protection of the physical environment through physical measures and  The protection of the electronic data from being accessed without authorisation. This second category is what is referred to as cyber security. Information security is the protection of information from unauthorised access, use, disclosure or destruction through various means. This includes, but is not exclusive to, electronic data. What is Information Security?
  • 6. What is Information Security? The acronym stands for:  Confidentiality: The information can only be read by those who are authorised and have been granted access.  Integrity: The information can only be altered by those people or processes that have been authorised.  Availability: The Information can be accessed and used when necessary (by those with authorised access). Information that is considered to be secure must meet all three criteria. If just one is compromised security has been breached and personal and/or private data may be at risk of a serious cyber attack. Therefore, it is crucial that all three principles are protected at all times. The main principles of information security are collectively known by the acronym CIA.
  • 7. What is Cyber Security  cyber security is the means by which individuals and organisations protect their digital files data, networks and programs This is often done through good practices, including the safe storage of data.  The main function of cyber security is to protect both the devices we use (computer Laptops smartphones ,etc ) and the data we access from malicious attacks, damage or misuse.  Cyber security A form of data protection The information that protected may include:  Private and personal information.  Sensitive or private information about employees clients patients or Customers.  Confidential business integration.  Intellectual property. Cyber security also means presenting your work computer, home computer and personal device from being Infected with malware and viruses. The National Cyber Security Centre defines cyber security as the protection of internet connected systems, the data on them and the services they provide from unauthorised access harm or misuse.
  • 8. Why is cyber–Security Important Britain is targeted by up to 1,000 cyber attacks every hour. Research by Beaming, a business internet service provider, found that on average, UK businesses were subjected to 119,659 internet-borne cyber attacks each in the first quarter of 2019. Action Fraud, the UK's National Fraud & Cyber Crime Reporting Centre reported that between October 2017 to March 2018, £ 706 million was lost by victims . During this same period 332,570 crimes were reported to Action Fraud. Of these 62% were from businesses and 39% from individuals . The Office for National Statistics (ONS) reported 535,000 cases of unauthorised access to personal information from July 2018 to June2019. The UK government found that 32% of all businesses have identified at least one cyber security breach or attack in the last 12 months (2018/9). The average annual cost to businesses as a result of information breaches In 2019 was £4,180. While for charities this cost was significantly higher at£9 470. You must be vigilant when online and take measures to prevent cyber attacks from being successful. The following statistics on cyber security demonstrate the scale of the threat
  • 9. Who is at Risk  Anyone who accesses the internet is vulnerable to cyber attacks.  Attacks are performed by individuals who wish to gain unauthorised access to your information, usually for malicious intent. These people are often referred to as hackers.  Hackers develop and use complex computer programs that attack networks, usually at random.  Attacks can happen to any device that is connected to the internet whether via a fixed connection or over Wi-Fi (wireless internet). This includes desktop computers, laptops, tablets (such as iPads), smartphones and any other device that uses the internet.  Cyber attacks can happen at any time of day or night whether you're online for five minutes or five hours. They can affect just your individual network your whole offices network or the networks of hundreds of businesses around the world,
  • 10. Employee Responsibilities Even if you don't work at a desk every day, most jobs will require you to carry out some tasks using the internet. Therefore, you have a responsibility to take basic internet safety precautions. As an employee, you must protect any information held about your customers or clients. your organisation your colleagues and yourself from misuse or unauthorised access. Under the Data Protection Act 2018 any information that you handle about customers patients or clients needs to be held securely and confidentially. The Includes names and addresses contact details banking information, medical records, etc. Similarly, you must ensure that any intellectual property belonging to the business, as well as any operational or financial information is kept secure and inaccessible to those who do not have access permissions. You should follow these same principles at home. Consider what information you store or share online including personal contact details, photos, usernames and passwords
  • 11. Cyber Security Survey Consider the following questions and compare the behaviours to your current internal habits
  • 12. Summary Ø Information security is the protection of information from unauthorised access, use disclosure or destruction through various means This Includes, but is not exclusive to, electronic data. Ø Cyber security is the means by which individuals and organisations protect their digital files data, networks and programs from malicious attacks, damage or misuse. Ø Under the Data Protection Act 2010, you must protect any information held about your customers, your organisation your colleagues and yourself from misuse or unauthorised access. Ø You should follow the same principles a home to ensure the information you store online including personal contact details photos and credit card details is secure
  • 13. Types of Cyber Attacks
  • 14. In this part of the course, we’ll take a look at different types of cyber attacks that you may come across in the workplace and at home. This module focuses on the most common cyber attacks in the UK, explaining what they are how they work and the possible consequences of each. Introduction As technology advances, so do cyber attacks, so it's important that you keep up to date with the latest developments and risks to information security
  • 15. The topics covered in this section are:  Phishing  Spear phishing  Malware, viruses, worms and Trojans  Ransomware  Protecting yourself from a cyber attack
  • 16. Phishing Phishing gets its name from ‘Fishing for Information’ meaning the process of getting people to disclose their personal information themselves. To do so, the hacker relies on people trusting messages or conversations as being genuine. Phishing is a popular method for cyber attackers because it's an easy way of targeting large groups of people and has a high success rate. It's known as a social engineering technique because it exploits human weakness by manipulating and deceiving people into sharing their confidential Information. Phishing is the most common type of cyber attack in the UK. It refers to any attempt made by cyber hackers to obtain information such as usernames. passwords or bank details.
  • 17. Phishing The email could look as though it's from the technical support department of an organisation or a personal contact known to the target. Crucially, the email will often look legitimate. For example, you may receive an email that appears to be from your bank. Often, this fake email claims you have been hacked or there is an issue with your account. Messages like this make people incredibly worried and so they are more likely to act quickly and often somewhat irrationally You may be asked to confirm your credit card number and security code via Phishing attackers pretend to be a trustworthy party, usually through an email they send out.. a link to what seems to be a legitimate website. If you click this link and log in with your personal details, you’d effectively be handing over your bank details straight to the attacker. Once the hacker has your private details, there is a nigh risk of them accessing your data, including you savings. Even if you do get the money you have lost refunded, it can be incredibly stressful to try and do so
  • 18. Spear Phishing  To increase their chances of success, the attacker may find out personal details about the target person or organisation to ensure that their emails look legitimate and trustworthy. They will often impersonate a company or a person that target knows. - For example, the attacker may send an email to each member of the finances team in your organisation asking for money to be forwarded to a specific bank account. The email will look realistic and appear to have been sent by the CEO, when, in reality, the employees would be sending money straight to the attacker  Many well-known companies such as Sony and Snapchat have fallen for spear phishing attacks. Spear phishing is a type of phishing attack that is directed at specific organisations or individuals, rather than large groups of people at random. It is becoming increasingly common.
  • 19. Malware Malware is short for malicious software' and is designed to disrupt or damage data, software or hardware. Often, this means your device will no longer work as it should do. The attacker can install the malware onto your device using a variety of methods. All of them rely on you being tricked into downloading software for example: By clicking on an unsafe link or attachment in an email you may unknowingly download the malware. The malware may be attached to a link on a website which automatically downloads when you click on it. The malware may be packaged in with fake copies of normal software such as pirated copies of Microsoft Office. A You may download the malware by clicking on a pop-up window such as an advertisement. You may click on an unsafe link on a social media post that appears to have been posted by one of your friends
  • 20. Viruses  This prevents the computer from running as it should do and can result in corrupted files and damaged software. It can even allow the attackers access to your computer by opening up a back door.  Viruses attach themselves to executable files. This means that the virus is not active until you open the file or application where it is stored. For example, if the virus attaches itself to the Microsoft Word application, the virus will activate every time you open up a Word document. Once active the virus can make a copy of itself somewhere else on your computer and this process repeats.  Viruses can spread from computer to computer using your internet connection or computer network as well as through file sharing or email attachments. 5o. If you have an infected Word document and you email to your ca league the virus will become active on their computer as soon as they open the file A virus is a type of malware that when you download it copies itself onto parts of data. computer applications or crucial parts of a computer's hard disk.
  • 21. Worms Worms are similar to viruses in that they are also a type of malware that makes copies of itself to spread between devices. Unlike viruses, however, worms are standalone software and can copy themselves like clones: they do not need a host file or application to join onto, Worms don't tend to damage or corrupt data as viruses do either Instead. they aim to install a back door in the network that allows the attacker to access your device and Information. Worms spread through vulnerabilities or failures in the security of the devices system They spread across the network that you are connected to such as your office network and can quickly infect an entire workplace . Worm attacks have four stages: 1 The Worm probes machines to try and find any vulnerabilities that can be b led to copy itself onto. 2 Once the worm has located a vulnerability, it penetrates the machine and exploits this weakness 3 Next, the worm attaches itself to the remote math where stores 4 Finally, the worn will self replicate, identifying new devices and to try and probe to repeat the process and spread
  • 22. Trojans disguise themselves as legitimate software or programs, such as a screensaver or an app, so that people are tricked into downloading them onto their devices. Once the Trojan has been downloaded the malware provides the attacker with access to your device. This means they can copy your files delete information, monitor what you are doing and activate and spread other malware, such as viruses. Trojans do not replicate themselves as viruses and worms do Instead, they are spread by device serial downloading infected attachments programs or files. Trojan A Trojan is another type of malware that can damage your device. It is named after the wooden horse that the Greeks hid inside to infiltrate and attack the city of Troy.
  • 23. Ransomware The attacker will often threaten to publish the confidential files or permanently delete them unless the user pays the ransom within a certain amount of time. Potentially, all of the data stored on the infected device could be lost. Ransomware is usually disguised as a legitimate file, such as an email attachment tricking the user into downloading it onto their device. The WannaCry cyber attack mentioned in the previous module is an example of ransomware it infected thousands of computer networks around the world Including those used by the NHS. This ransomware was different to most because it didn't require user interaction to spread between computers Ransomware is malware that gains access to your files, locks them so they become inaccessible and then demands payment for their release or decryption.
  • 24. Protecting Yourself from a Cyber Attack When it comes to protecting yourself and your device from potential cyber attacks: Don't click on any email attachments or links that you are uncertain of. Always be cautious when clicking on email attachments or downloading software or apps as this is often how malware infects devices. Keep all software up to date. One of the main reasons as to why the NHS was particularly vulnerable to the WannaCry ransomware attack was because advice to update software and systems was ignored. Protect your device with security software. Norton or MCAfee are recommended by cyber security experts as some of the best available. Keep all data securely backed up. This way, if you fall victim to cyber attack you will not lose all your important data However. this does not stop the attacker from gaining access and threatening to leak for that may be confidential Don't pay the ransom Paying it does not guarantee that the attacker will release your files back to you or that they' stop blackmailing you once they know you are want to pay.
  • 25. Summary Ø Phishing is the process of getting people to disclose their personal information. The hacker relies on the trusting messages or conversations as being genuine. Ø Spear phishing is a type of phishing that is directed at specific organisation or individuals, rather than age groups of people at random. Ø Ransomware gains access to your files lose them so they become inaccessible and the demands payment for heir release or decryption. Ø Malware, such as viruses worms and Trojans, attack your device and prevent from working properly. The attacker gains access to your device when you click on an infected file link or attachment Ø Identity theft is a type of cyber attack the involves the theft of personal details becomes identity fraud when these details are used to commit fraud
  • 27. Introduction Information security includes physical forms of data as well as electronic For example, information that is printed or written out. Consider again the CIA acronym: central to information security is ensuring the confidentiality, integrity and availability of data is protected and maintained. If just one of these is compromised, then the security of personal and/or private data is at risk. You need to be aware of the internal and external threats to information security. This module will also explain how organisations can manage their vulnerabilities to these threats, as well as the specific areas that are most at risk The first module of this course introduced information security as the protection of information from unauthorised access, use, disclosure or destruction.
  • 28. The topics covered in this section are:  Internal threats to information security.  External threats to information security.  Areas at risk of information security threats
  • 29. Threats to Information Security § As well as understanding and managing the threats to cyber security, you need to protect information that is in a physical form. § Due to rapid developments in technology, the way we access, and store information has changed drastically. This means that in most workplaces, the majority of data is online rather than physically produced. § However, we do keep and rely on information that is written down or printed out and if confidential documents are left unattended at your desk, there is nothing stopping someone from taking them. For example, if a contractor has already been granted access to the premises, they may have the opportunity to steal the papers with relative ease. To prevent this from happening confidential physical documents should be safely secured, such as locked in a filing cupboard.
  • 30. Internal Threats to Information Security Figures from the UK's Information Commissioner's Office (CO) show that of the personal data breaches reported to them in the first half of 2019: 43% occurred due to incorrect disclosure. 20% were a result of data being posted or faxed to the incorrect recipient. 18% were due to information being emailed to the incorrect recipient. Only 59% were a result of data being given due to a phishing attack.
  • 31. Internal Threats to Information Security  Internal threats to information security originate from inside a company. They are the result of human action by an employee contractor or supplier. Internal threats to information security fall into two categories: 1. Accidental, such as data that is leaked due to human error. 2. Intentional, often a malicious action by a disgruntled employee.  Those working within a company already have much more access to the systems than any external threat does. They have physical access to the place where the information (physical or digital) is stored, and often the privileges to access it such as account passwords,  As a result insiders may misuse information west, information or commit fraud. This could be done either accidentally or intentionally, The difference between internal and external threats to information security is the identity of the attacker.
  • 32.
  • 33. Internal Threats to Information Security The actions of insiders, who are largely internal staff, can pose a serious threat to information security. Arguably, they are the biggest cause of breaches, rather than external threats such as hacking by a cyber criminal. The main internal threats to information security are: Human Errors Employees may accidentally leak data, making what should be confidential accessible to an unauthorised party. For example, you may: Accidentally leave your work laptop on public transport or misplace a USB device. An opportunist attacker may then steal the device and gain access to the data. Accidentally send a sensitive email to the wrong person. Take work containing sensitive data home and access it on your home network. If there are any weaknesses in your network, there is a greater risk of a cyber attacker gaining access to your files. Social Engineering Cyber Attack As explained some cyber attacks rely on human action on behalf of the employee, this is what makes it an internal threat. Companies are often targeted by attackers who use the technique of spear phishing. You may receive an email that appears to be legitimate and seemingly sent by one of your colleagues. However, you click on a link to a document within the small, this could download harmful malware to your device. There is then the risk of this spreading to the whole network as well as threatening the information security of a business data.
  • 34. Internal Threats to Information Security Further internal threats to information security include Employees Downloading Malicious Content Employees may access websites that have pop-ups on pages or have dangerous malware on them. They could be using the internet for work-related purposes or otherwise, such as surfing the web for personal use. Just going on certain websites alone can result in malicious content being unknowingly downloaded onto a device. Once here. It has the potential to infect the whole of the company's network Stolen or Leaked Data Employees and particularly those working in IT departments, often have easy access to confidential data. Therefore, a seriously disgruntled employee has the means to passwords, steal confidential data, or unleash malware onto the company network. An employee may do so if they were denied a promotion or bonus, they felt they deserved or due to their contract being terminated or they might have a new job with a competitor, and so be stealing confidential data, such as client information for this purpose. Some employees may also have infiltrated the company under false pretences. They could be hoping to access and sell information on the black market or be working for someone else's interests. This is why thorough background checks into a prospective employee are a necessary measure for jobs that require the handling of certain data
  • 35. External Threat to Information Security External threats are those that come from outside of a company. Generally, the external threat to information security is from cyber attackers who intend to steal or damage some company's confidential data. Often, external attackers try to locate and then exploit any network vulnerabilities to security that are beyond the firewall. However, they may also try to gain access to your data by breaching the external defences that are in place to prevent such attacks, such as firewalls and anti-virus software. Another technique hackers may use is to release a virus. Trojan or worm into a network. You can return to the previous module if you require a refresher about the different types of cyber attack including the three above. if these attacks by external individuals or parties are successful they may be able to access confidential data. They might then steal company or customer data distribute further malware on prevent access to the data until a ransom is paid. Verizon's 2019 report concluded that 69% of cyber attacks were perpetrated by outsiders. Outsiders represent external threats to information security
  • 36. External Threat to Information Security Often, money is not their motivation, Rather. they are driven by attempts to promote a certain agenda or religious. The international group Anonymous are one of the more well known hacktivist organisations. They frequently operate for political or social purposes, shutting down the websites of organisations through DDOS cyber attacks. For example, in 2016 the group claimed responsibility for a cyber attack of Narita Airport, Tokyo. The attack that shut down the airport's website, was in response to the detention of an American anti-whaling activist as he tried to enter japan. So-called 'hacktivists' are an external threat to the information security of some organisations
  • 37. Areas at Risk of Information Security Threats Although all businesses are at risk of threats to their information security. some are targeted more frequently. There are also specific areas within an organisation that are most at risk. Certain industries are more prone to cyber attacks and other threats to information security than others .Data from Verizon's 2019 report concluded that of the breaches in 2018:  166 were within the public sector.  15% involved healthcare organisations OF 10% were within the financial sector. In addition, small businesses alone were victim to 43% of breaches
  • 38. Summary Ø As well as understanding and managing the threats to cyber security, you need to protect information that farm in a physical. Ø Internal threats to information security originate from inside a company (such as employees) while external threats come from outside (cyber attackers). Ø Duplicate copies of data should be kept either on a hard drive or cloud-based storage such as Google Drive, Microsoft OneDrive or Dropbox Ø Measures to manage organisational vulnerabilities to threats include installing antivirus software, updating system encrypting data, monitoring internet usage. controlling access rights and training employer. Ø Although the majority of breaches occur within the public administration sector. a businesses need to protect in particular, that which is financial, personal or includes email and passwords combination is more at risk
  • 39. How to Improve Information Security
  • 40. Introduction  In this part of the course, we'll take a look at the actions you can take to improve your online security. Being cautious when online will reduce the likelihood of you falling victim to a cyber attack.  Throughout this module, you'll learn what signifies that a website is likely to be trustworthy, how to create a secure password, how to identify potentially unsafe emails and how to use social media safely.  The information in this section can be applied to your online presence both at work and at home helping you to stay safe whilst using the internet. Most of the practices we suggest can be implemented easily, so start to make the necessary changes as soon as possible
  • 41. The topics covered in this section are: Sharing information Creating a strong password Password security Emails Social media
  • 42. Sharing Information .Before doing so, consider: Who will have access to the information? What will happen to the information you have shared? Is the information one of the characteristics protected by the Equality Act? For example, does it refer to race, religion. sexuality, etc.? Do you have permission to share the information? How much information actually needs to be shared? Is sharing the information in line with your organisation's data protection policy? Are you sharing the information via the most secure method or is there a safer alternative You should always think carefully before sharing any sort of personal or confidential information online, whether it be with a person or a service
  • 43. Before sharing any sort of information online, even if it's simply entering a username and password, you should always check that the website you re on is reputable and trustworthy Check the website URL begins with 'https The majority of website URLS begin with https but be cautious of those with just 'http, https means that communications between the user and the browser are encrypted converted to code to prevent unauthorised access. These sites are protected by an SSi certificate that prevents the information from being intercepted as it enters the site and goes to the server. While you should be looking out for sites with this URL be aware that it doesn't guarantee that a website is legitimate and secure, Nowadays anyone can apply for a basic SSL certificate and quite easily get an 'https URL meaning it's possible that fake domains may be used for phishing purposes. Look for a padlock icon next to the website address The closed padlock indicates that its connection is secure and means that the information shared between you and the website is private. You can click on the icon to see summary of how secure your browser believes the connection to be. Your browser such as Google Chrome will also alert you if you can't visit the site safely or privately. Always ensure the website URL is exactly what it should be: Before you click on any links have your mouse over and the URL shows up at the bottom left of your browser. Once on the website look at the address bar to make sure you on the site you intend to be on. Hackers often make subtle changes that can easily be missed, such as co-0perativebank.co.uk instead of co-operativebank.co.uk. You Unknowingly end up entering your username and password and other bark details into a phishing site
  • 44.  Almost all websites require you to have a password to log in and access their services. When you turn on your computer, it's likely you'll have to enter a password to log in to you you'll have to enter several others to log into the various software that you will use in your workplace. When you enter your password, it is matched against the password stored by the website. Access is then granted if this authorisation takes Place.  However, coming up with various passwords and then remembering which is for what website can be difficult Therefore, many people often end up using the same, simple password for several websites. Passwords are a common way of authenticating individual users online. They allow websites to check your identity and authorise access to a resource (your account). Password A study by the UK'S National Cyber Security Centre (NCSC found that 123456 was the most widely used password for accounts that are hacked. The simple combination of numbers appeared in 23 million passwords, followed by other easily-guessed ones such as 123456789 password and qwerty
  • 45. Creating a strong Password  One way in which hackers crack people's passwords is by using complex computer programs. Some of these programs automatically enter random word and number combinations until they find a match and can login to your account. The majority of computer systems allow a maximum number of unsuccessful login attempts, after which the account is locked This is a measure in place to try and prevent hacking from succeeding.  Therefore, using a password that is a combination of numbers or your favourite football team isn't very secure. To prevent unauthorised access to your accounts your password should be at least 10 characters long and contain a combination of:  Both upper- and lower-case letters.  Numbers.  symbols/.  You should avoid using:  Dictionary words.  Names Particularly the names of ends family or pets. A strong password needs to be memorable for the user, while also being difficult for anyone else to guess.
  • 46. For your passwords to be more secure there are a few simple rules that you should follow, both at work and at home Don't write your password down Avoid keeping a written record of any of your passwords because you never know whose hands, they could end up in. In particular, never keep passwords on a note next to your computer Essentially, you a be handling access to your accounts straight to any potential hacker. The same goes for keeping your passwords saved in an online document without password protection Avoid using the same password for different accounts and change your password regularly . One of the main reasons as to why someone's account has been hacked is because they use the same password for a secure website as one that is less protected. This means that an attacker has been able to crack your password for an account on a website that has low Severity and then used this to access more secure website such as online banking Never share passwords with anyone else Each user should have their own individual account and you should keep the password to this confidential. If another employee needs to access the data , they should be given their own personal login. Don't Leave account signed in Although setting all your account to automatically login will make it easier for you to access them, it also make it very easy for someone else to access your information.
  • 47. Emails It is likely you receive spam emails to your work and private mail accounts on a regular basis. Many of these automatically end up straight in your spam folder, so you may never actually see them as your email account usually deletes them after 30 days or so. However, some spam emails will slip through Into your inbox, so it's important to remain vigilant with all emails that you receive. There are various warning signs to look out for that may indicate an email has been sent by a cyber attacker. Remember to consider whether: You recognise the email address of the sender. You are expecting an email from the sender. The email has a normal genuine subject line or looks unusual. The subject line contains spelling punctuation or grammatical mistakes or unusual characters Previously, you learnt about phishing and how attackers can send out fake emails to try and gain access to confidential, personal or financial information.
  • 48. Within the body of the email, you should specifically look out for Who the email is addressed to Many phishing emails simply say something generic such as Dear user or Dear customer. This is because it's much easier to send a mans spam email without having to personalize each one. However, be aware that some phishing emails will use your name to try and trick you into thinking them is genuine. Spelling and grammatical mistakes Phishing attacks are often sent from countries where English at the first language. As a result the email may be written in broken English and with errors. Calls to act urgently Spam emails ay request that you provide information quickly claiming that your accounts a risk. Genuine companies such as banks would never request information using this method. In fact your ever ask for all your account and security details over the internet or phone. Low quality images or logo Pixelated or blurry images , amateur – looking graphics or even colours that don’t seem quiet right may indicate a phishing email.
  • 49. Social Media Social media is a very useful platform for cyber attackers to get hold of your personal details in order to commit identity theft. As result it's important that you give your social media accounts the same level of security as you would your email inbox or your bank account. You need to be careful to not overshare any information that could aid potential cyber criminals. You should do this by:  Making sure that you create and keep secure passwords for social media accounts, as previously explained.  Being cautious of what information you share and the passwords you use, if you work in a marketing department you will likely have access to and control of some company social media accounts.  Ensuring your privacy settings are secure. This means you can restrict who can see and access the content you've shared. The majority of people have at least one social media account. This may include Facebook, Twitter. LinkedIn. Instagram or Snapchat
  • 50. Summary Ø Before sharing any sort of information online even if it's simply entering a username and password, you should always check that the website you're. Ø When you enter your password, it is matched against the password stored by the website Access is granted this authorisation successfully takes place. Ø A strong password needs to be memorable for the user while also being difficult for "anyone else to guess. Ø Before sharing any sort of information online even if it's simply entering a username and password, you should always check that the website youre on is reputable and trustworthy