P. B.

Siddhartha College of Arts & Science, Vijayawada-10

Cybersecurity is even more significant now as most things that we enjoy today
are in the form of connected devices and systems. With IoT revolutionizing the
way the world operates, it has become imperative that Cybersecurity be
implemented in all systems that are prone to threats and attacks to prevent
extortion attempts, identity theft, loss of valuable data, misuse of sensitive
information, cyberstalking, etc. Critical infrastructures such as hospitals,
financial service companies, power plants, etc. possess sensitive data not only
pertaining to their consumers but also to themselves. This calls for serious
consideration for Cyber Security implementation to keep our society functioning
without disruptions.

1
Types of Cyber Threats:

Cyber threats are malicious activities that seek to disrupt the digital life in
general by stealing data and misusing it. These activities may include the
unauthorized accessing, changing, or destroying of sensitive information, money
extortion, or process interruptions.
Phishing: Phishing is a fraudulent attempt to send emails claiming to be from
reputable sources to obtain sensitive data such as credit card numbers,
usernames, passwords, etc. Phishing is the most common type of cyberattack. It
can be prevented if the public is educated on it and if the latest technology
solutions screen such malicious emails.
Ransomware: Ransomware is malicious software designed as a means to extort
money. Attackers block access to files or systems until a demanded ransom is
paid by the victim. However, paying the ransom does not necessarily guarantee
file recovery or system restoration, which can again be a huge setback.
Malware: Malware is a software that is designed to attain unauthorized access to
systems or cause damage. These types of malicious software include viruses,
worms, ransomware, and spyware. Clicking on malicious links or attachments
installs the software that activates the malware. Once activated, it can:
• Stealthily acquire data by transmitting it from the hard drive (spyware)
• Block users from accessing key network components (ransomware)

2
• Make systems inoperable by disrupting individual components
• Install malicious software that can cause harmful effects
Social Engineering: Social engineering is a tactic to manipulate people into
giving up confidential information, including bank information, passwords, or
access to their computer to covertly install malicious software that can steal such
information from the system. Social engineering may also work in conjunction
with other cyber threats to make it more likely for users to click on malicious
links, sources, or malware download links.
Man in the Middle (MITM): MITM attacks, self-evidently, occur when
hackers alter a two-party transaction and steal data. Any unsecured public Wi-Fi
network is prone to such kinds of attacks. The attackers who resort to such
tactics insert themselves between the visitor and the network and, with the help
of malware, carry out malicious activities.
Denial of Service (DoS): A Denial of Service (DoS) is intended to shut down a
machine or network so that it cannot respond to any requests and to make it
inaccessible for users. This type of attack is carried out by flooding the target
with traffic and triggering a crash

Types of Cyber Security:

Let’s now break down the different types of Cyber Security. Database and
Infrastructure Security Considering the fact that everything in a network

3
includes physical equipment and databases, securing these devices is vital.
Database and infrastructure security is for these cyber-physical systems, which
may include even water purification systems and electricity grids.
Network Security: Network security covers numerous technologies, devices,
and processes. It involves a designed set of rules and configurations
implemented for the protection of the confidentiality, integrity, and accessibility
of networks and data. Network security is intended to protect internal networks
from attackers by securing the infrastructure. The implementation of new, strong
passwords and two-factor authentication (2FA) are perfect examples of network
security.
Application Security: Application security uses software and hardware for the
protection and security against threats that may crop up during the development
stage of an application. For example, firewalls, antivirus programs, encryption,
etc. are kinds of application security.
Information Security: Information security or InfoSec helps in preventing
unauthorized access, disruption, disclosure, misuse, modification, inspection,
destruction, recording, or any other kind of malintent involving sensitive data or
information. Information security is typically built around three objectives—
CIA (confidentiality, integrity, and availability)—and aims to protect both
physical and digital information in any form.
Cloud Security: Cloud security refers to the technologies, services, controls,
and policies that aim to provide protection for cloud data, infrastructure, and
applications from cyber threats and attacks. It helps to do away with any risks
that are associated with on-premises attacks by constantly protecting and
monitoring the data in the cloud.
Data Loss Prevention: Data loss prevention focuses on coming up with
processes and policies designed to prevent and handle data loss, as well as
recovery policies as a countermeasure for successful Cyber Security breaches.

4
Data loss prevention involves having network permissions and policies in place
for data storage.
End-user Education: End-user education is the process of educating and
training users about the best security practices and safety measures (e.g., not to
click on unknown links, not to download suspicious attachments received in
emails, etc.) to avoid letting in malware or other malicious software. A good
end-user security training program can help enhance the security in an
organization when done properly. The training should be in a language and at a
technical level that can be understood and followed by everyone.
Identity Management and Access Control: Identity management and access
control can be crucial components in a security architecture, and it basically
involves the management of access to enterprise resources. This is a good
measure that can ensure the security of systems and data. This type of security
helps in the verification of users’ identities before granting them access to the
systems and sharing information with them.
Mobile Security: Mobile security, also known as wireless security, is the
protection that is in place for smartphones, laptops, tablets, and other portable
devices and the networks they are connected to from the threats and risks that
are involved in wireless computing.

5
CONCLUSION: Sound Cyber Security measures when implemented in
conjunction with an educated and informed user base make up the best defense
against cyber threats. One can always start small, focusing on the most valuable
assets, and eventually scale the efforts as the Cyber Security program matures.
The only way to battle malicious threats and attacks is to let the security
programs evolve so that they can fight the advancing and newest threats head-on
or, at the best, prevent these types of attacks from being a success in the first
place.

REFERENCES:
1.https://cltc.berkeley.edu/scenario-back-matter/
2.https://www.bitdegree.org/tutorials/what-is cyber-security/
3.https://www.google.com/search?q=what+are+the+conclusion+of+cyber+secur
ity%