{"id":263647,"date":"2024-04-26T12:09:52","date_gmt":"2024-04-26T12:09:52","guid":{"rendered":"https:\/\/imarticus.org\/blog\/?p=263647"},"modified":"2024-08-21T18:16:34","modified_gmt":"2024-08-21T18:16:34","slug":"securing-and-defending-digital-infrastructure-essentials-concepts-of-cybersecurity","status":"publish","type":"post","link":"https:\/\/imarticus.org\/blog\/securing-and-defending-digital-infrastructure-essentials-concepts-of-cybersecurity\/","title":{"rendered":"Securing and Defending Digital Infrastructure: Essentials Concepts of Cybersecurity"},"content":{"rendered":"

Today\u2019s industry is digital-reliant. Any organisation creates a network of physical and software-based components to store, consume and share digital products, services and information from one point to the desired one. Some of the common digital assets used frequently are hardware like data centres, personal computers, digital communication suits etc.<\/span><\/p>\n

It needs to be understood that with the advancement of data-sharing technology, cyber threats have become an automatic by-product. So, it is essential to protect our digital infrastructure in such a way that the stored or shared data can never be breached or accessed by any third party for whatsoever intent. Organisations are now looking forward to training their key manpower with a suitable<\/span> cybersecurity course<\/strong><\/a> containing the most modern remedies for cyber-attacks.\u00a0<\/span><\/p>\n

Digital Infrastructure and Cyber Security<\/span><\/h2>\n

Digital infrastructure and cyber security are connected like two sides of the same coin. Digital infrastructure comprises the software and the hardware ecosystems that transfer data and establish intra-system and inter-system communication. Any digital transaction owes the risk of cyber threats like hacks, viruses, malware<\/strong><\/a>, spurious software etc. and needs to be protected. That is where the role of cyber security comes to play.\u00a0\u00a0<\/span><\/p>\n

A collective body of processes, practices and technology that aims to protect the programs, networks, servers, devices and data of an organisation from unauthorised access, damage, attack or theft is known as cybersecurity.\u00a0<\/span><\/p>\n

Basic Terminology of Cybersecurity<\/span><\/h2>\n

Beginners to the subject must understand the following terms for a holistic grip on the subject. The most commonly used terms are as follows:<\/span><\/p>\n

Internet Protocol (IP) address\u00a0<\/span><\/h3>\n

An IP address is a unique hardware identification number. Different computers and other devices either over the intranet or the internet, may communicate within the usage of these numbers.<\/span><\/p>\n

Virtual Private Network (VPN)\u00a0<\/span><\/h3>\n

VPN is an additional security service over secured WiFi. The purpose is to provide an additional layer of protection to an IP address by making their online activities virtually untraceable by cyber criminals and other snoopers who tend to outwit users by luring them to click on malicious links. Thus, VPN prevents both loss of money and data.<\/span><\/p>\n

Firewall\u00a0<\/span><\/h3>\n

This is the first guard in data screening<\/strong><\/a> both for incoming and outgoing network traffic. In other words, a Firewall acts as a wall between the primary or basic internet and an organisation\u2019s private internal internet. A firewall obstructs any seemingly harmful element and obstructs an internal user from sending sensitive information to the outside world.<\/span><\/p>\n

World Wide Web (WWW)\u00a0<\/span><\/h3>\n

It is the elaborate order menu or exhaustive catalogue of all web addresses available across the world internet.<\/span><\/p>\n

Uniform Resource Locator (URL)\u00a0<\/span><\/h3>\n

A unique identifier applied to locate the desired resources on the internet is known as a URL. It is also named a web address.<\/span><\/p>\n

Domain Name Server (DNS)\u00a0<\/span><\/h3>\n

Domain Name Server acts as a virtual phone book of the internet. Its job is to convert the web address or URL of a resource to its numeric IP address.<\/span><\/p>\n

Encryption and Decryption\u00a0<\/span><\/h3>\n

When plain text is converted into code format using a ciphertext algorithm, the process is known as encryption. Decryption is the process of reverse engineering i.e. converting codes into readable texts.<\/span><\/p>\n

Encryption Key\u00a0<\/span><\/h3>\n

This key is a tool that decrypts encrypted data. These keys are unique for specific encryption codes.\u00a0\u00a0\u00a0<\/span><\/p>\n

Authentication\u00a0<\/span><\/h3>\n

This is a standard procedure of digitally identifying or recognising a person and ensuring that he or she has access to the concerned files or data. Generally, password, finger scan or retina scan are the tools, used either in standalone mode or in combination.<\/span><\/p>\n

Botnet\u00a0<\/span><\/h3>\n

This word is derived from robot and network and refers to a series of devices or computers which have been already hacked and working as per the hacker\u2019s command.\u00a0 \u00a0 <\/span>\u00a0\u00a0\u00a0<\/span><\/p>\n

Rootkit\u00a0<\/span><\/h3>\n

It is a collection of software aimed to control and operate a user\u2019s computer. Though this tool aims to provide remote technical support to its users, hackers may also use this tool with evil intentions.<\/span><\/p>\n

Types of Cybersecurity<\/span><\/h2>\n

Depending on the various applications adapted by the organisation to fulfil different goals, the types of cybersecurity also differ. They are as follows:<\/span><\/p>\n

Endpoint security\u00a0<\/span><\/h3>\n

Remote data storage may be vulnerable since they may be accessed by criminals as well. Endpoint security measures protect remote data stored by VPNs, Firewalls and other modern tools.<\/span><\/p>\n

Identity management<\/span><\/h3>\n

With this tool, data is made available to the authorised user\/s only, thus minimising the risk of leakage or fraud.<\/span><\/p>\n

Application security\u00a0<\/span><\/h3>\n

Cell phone apps have become a common usage platform for many consumers. Thus, Apple and Google fortify Apple Store and Google Play respectively with apt cybersecurity methods. Most of the apps available in these two platforms are end-to-end encrypted for the user data.\u00a0\u00a0<\/span><\/p>\n

Data security\u00a0<\/span><\/h3>\n

Encryption, access controls, data classifications and data loss prevention methods are some of the usual techniques deployed to make data secure.<\/span><\/p>\n

Cloud Security\u00a0<\/span><\/h3>\n

Nowadays many organisations prefer to store their data in clouds or remote third-party servers or cloud providers like One Drive and Google Clouds. This necessitates using secure cloud protection systems.\u00a0\u00a0<\/span><\/p>\n

Data infrastructure security\u00a0<\/span><\/h3>\n

Physical infrastructure housing the database also needs to be protected from attack or theft.<\/span><\/p>\n

Mobile security\u00a0<\/span><\/h3>\n

In today\u2019s world, many activities may be performed by a few clicks on the mobile phone. Banking transactions or UPI payments are widely used. These transactions are protected by using suitable security systems. Furthermore, a data backup system helps to retrieve data in case of damage, theft or device malfunction.<\/span><\/p>\n

Disaster recovery services\u00a0<\/span><\/h3>\n

This is another data security response system or data assurance when the infrastructure gets damaged by natural calamities like fire, flood, tornado or hurricane.\u00a0<\/span><\/p>\n

IoT security\u00a0<\/span><\/h3>\n

With plenty of devices connected to a server or a specific network, it is important to secure the transmission of data every time. Sometimes connected devices are left with factory-set passwords, which are easy guess and to crack. This security adapts prevention techniques from these lapses keeping the network secure.<\/span><\/p>\n

Intrusion detection system\u00a0<\/span><\/h3>\n

A fortified security system must contain this tool built to alert the key cyber security personnel of the organisation (through a mail or text message) when the system is breached. The purpose is to stop further damage and work towards resolution.\u00a0\u00a0\u00a0<\/span><\/p>\n

Four Pillars of Cyber Security<\/span><\/h2>\n

The National Institute of Standards and Technology (NIST) has provided voluminous guidelines and protocols for digital data protection. Accordingly, the four pillars of cyber security are as follows:<\/span><\/p>\n

Prevention\u00a0<\/span><\/h3>\n

Going by the proverb that prevention is better than cure, the implementation of intrusion detection systems, firewalls and access controls prevents unauthorised usage.<\/span><\/p>\n

Detection\u00a0<\/span><\/h3>\n

This is the process of locating loopholes in the network\/system by utilisation of advanced security tools and technologies.<\/span><\/p>\n

Response\u00a0<\/span><\/h3>\n

This is the process of developing incident-based tailor-made response plans and procedures to address security lapses.<\/span><\/p>\n

Recovery\u00a0<\/span><\/h3>\n

This is the concluding and the most important functional pillar. The system must be restored to its original functionality and integrity.\u00a0\u00a0\u00a0<\/span><\/p>\n

CIA Triad in Cybersecurity<\/span><\/h2>\n

For any organisation, it is important to follow these three principles in a cybersecurity system:<\/span><\/p>\n

Confidentiality\u00a0<\/span><\/h3>\n

This principle ensures that only intended or authorised users have viewing access to information or data.<\/span><\/p>\n

Integrity\u00a0<\/span><\/h3>\n

This principle ensures that only authorised users or systems can add, delete or change data in the system.<\/span><\/p>\n

Availability\u00a0<\/span><\/h3>\n

In addition to the above-mentioned principles, the principle of availability ensures that the data may be made available to individuals or teams on demand based on the service benchmark or an agreement to this effect.<\/span><\/p>\n

Cyber Threats<\/span><\/h2>\n

Cyber-attacks are carried out for some pre-determined and specific purposes:<\/span><\/p>\n