Cyber Security or Why is Cyber Security Important
Toady I Tell You Why need Cyber security and What is Cyber Security Important us'
During a Senate hearing in March 2013, the nation's top intelligence officials warned that cyber attacks and digital spying are the top threat to national security, eclipsing terrorism.
What is Cyber Security?
Cyber security, also referred to as information technology security, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction.Why is Cyber Security Important?
Governments, military, corporations, financial institutions, hospitals and other businesses collect, process and store a great deal of confidential information on computers and transmit that data across networks to other computers. With the growing volume and sophistication of cyber attacks, ongoing attention is required to protect sensitive business and personal information, as well as safeguard national security.During a Senate hearing in March 2013, the nation's top intelligence officials warned that cyber attacks and digital spying are the top threat to national security, eclipsing terrorism.
Cyber Security Glossary of Terms
Learn cyber speak by familiarizing yourself with cyber security terminology.1
Access −
The ability and means to communicate with or otherwise interact with a
system, to use system resources to handle information, to gain knowledge of the
information the system contains or to control system components and functions.
Active Attack −
An actual assault perpetrated by an intentional threat source that attempts
to alter a system, its resources, its data or its operations.
Blacklist −
A list of entities that are blocked or denied privileges or access.
Bot −
A computer connected to the Internet that has been surreptitiously/secretly
compromised with malicious logic to perform activities under the remote command
and control of a remote administrator.
Cloud Computing −
A model for enabling on-demand network access to a shared pool of
configurable computing capabilities or resources (e.g., networks, servers,
storage, applications and services) that can be rapidly provisioned and
released with minimal management effort or service provider interaction.
Critical Infrastructure −
The systems and assets, whether physical or virtual, so vital to society
that the incapacity or destruction of such may have a debilitating impact on
the security, economy, public health or safety, environment or any combination
of these matters.
Cryptography −
The use of mathematical techniques to provide security services, such as
confidentiality, data integrity, entity authentication and data origin
authentication.
Cyber Space −
The interdependent network of information technology infrastructures, that
includes the Internet, telecommunications networks, computer systems and
embedded processors and controllers.
Data Breach −
The unauthorized movement or disclosure of sensitive information to a party,
usually outside the organization, that is not authorized to have or see the
information.
Digital Forensics −
The processes and specialized techniques for gathering, retaining and
analyzing system-related data (digital evidence) for investigative purposes.
Enterprise Risk Management −
A comprehensive approach to risk management that engages people, processes
and systems across an organization to improve the quality of decision making
for managing risks that may hinder an organization's ability to achieve its
objectives.
Information Assurance −
The measures that protect and defend information and information systems by
ensuring their availability, integrity and confidentiality.
Intrusion Detection −
The process and methods for analyzing information from networks and
information systems to determine if a security breach or security violation has
occurred.
Key −
The numerical value used to control cryptographic operations, such as
decryption, encryption, signature generation or signature verification.
Malware −
Software that compromises the operation of a system by performing an
unauthorized function or process.
Passive Attack −
An actual assault perpetrated by an intentional threat source that attempts
to learn or make use of information from a system but does not attempt to alter
the system, its resources, its data or its operations.
Penetration Testing −
An evaluation methodology whereby assessors search for vulnerabilities and
attempt to circumvent the security features of a network and/or information
system.
Phishing −
A digital form of social engineering to deceive individuals into providing
sensitive information.
Root −
A set of software tools with administrator-level access privileges installed
on an information system and designed to hide the presence of the tools,
maintain the access privileges and conceal the activities conducted by the
tools.
Software Assurance −
The level of confidence that software is free from vulnerabilities, either
intentionally designed into the software or accidentally inserted at any time
during its lifecycle, and that the software functions in the intended manner.
Virus −
A computer program that can replicate itself, infect a computer without
permission or knowledge of the user and then spread or propagate to another
computer.
White list −
A list of entities that are considered trustworthy and are granted access or
privileges.
Source: National Initiative for Cybersecurity Careers and Studies, Department of Homeland Security
Comments