Professional Documents
Culture Documents
Information Security
Name: Ahmad Fayad El Balbissi
ID: U00042088
Supervised by: Dr. Saadat Alhashmi
Cyber Security
Cyber security standards are security standards which certify
organizations to train safe security techniques to lessen the number of
successful cyber security attacks. These guides show general outlines
as well as persistent techniques for implementing cyber security. For
certain specific standards, cyber security certification by an accredited
body can be obtained. There are multiple advantages to obtaining
certification including the opportunity to get cyber security insurance.
History:
Cyber security standards have been created recently because
confidential information is now frequently collected on computers that
are attached to the Internet. Also multiple tasks that were lately done
by hand are carried out by computer; therefore, there is a need for
Information Assurance (IA) and security. Cyber security is significant in
order to guard against identity theft. Businesses besides having the
need for cyber security because they choose to keep their trade
secrets, proprietary information, and personally identifiable information
(PII) of their customers or employees. The government also has the
requirements to secure its information. This is particularly critical as
some terrorism acts are organized and facilitated by using the Internet.
(citation needed) One of the most widely used security standards
today is ISO/IEC 27002 which started in 1995. These standard consists
of two fundamental parts. BS 7799 part 1 and BS 7799 part 2 both of
which were created by (British Standards Institute) BSI. Recently this
standard has become ISO 27001. The National Institute of Standards
and Technology (NIST) has declared several special publications
addressing cyber security. Three of these special papers are literally
relevant to cyber security: the 800-12 titled Computer Security
Handbook; 800-14 titled Generally Accepted Principles and Practices
for Securing Information Technology; and the 800-26 titled Security
Malware
2.
Phishing
What is it? Often perform a request for data from a trusted third party,
phishing attacks are sent by e-mail and convene users to click on a link and
enter their personal data. Phishing emails have gotten roughly more
sophisticated in recent years, making it difficult for some people to witness a
legitimate request for information from a false one. Phishing emails
constantly fall into the same category as spam, nonetheless are more
harmful than just a simple ad.
How does it work? Phishing emails include a link that directs the user to a
dummy site that will steal a user's information. In some
cases, all a user has to do is click on the link.
How can I prevent it? Verify any requests from
institutions that arrive by email during the
phone. If the email itself has a call number, dont
request that number, but rather one you find
fundamentally online or within documentation
youve received from that company.
Most companies are unwavering that they will not ask
for personal information via email. At the same time,
practically companies strongly recommend that users not make
sensitive information available. While it might seem like a pain to derive a
phone call to find out if something is legitimate, the hassle of having your
Social Security number or EIN stolen is worse.
3.
Conclusion:
As our lives have become more and more dependent on computers and com
puter networks, itwas inevitable for criminal activities to also appear. As a
result, cyber security has become an important challenge for every state.
The increasing importance of cyber security in our societies also creates the
need for new tools for managing cyber vulnerabilities, especially when we
examine the exponential growth in users of the Internet worldwide.
References:
1: https://www.databreaches.net/uae-al-zahra-private-medical-centre-hacked/
2: http://cyber-topic.blogspot.com/
3: https://cyber4security.wordpress.com/
4: http://quickbooks.intuit.com/r/technology-and-security/8-types-of-cyberattacks-your-business-needs-to-avoid/
5: http://www.hackmageddon.com/2016/09/28/1-15-september-2016-cyberattacks-timeline/
6: http://quickbooks.intuit.com/r/technology-and-security/8-types-of-cyberattacks-your-business-needs-to-avoid/