IBADAT INTERNATIONAL UNIVERSITY

ISLAMABAD

SUBMITTED BY: ALI HAIDER

SUBMITTED TO: SIR AJAZ KHAN BAIG

DEPARTMENT: BSCS

SUBJECT:

DATE:
COMPUTER
25-03-2024
IT SECURITY AND OTHER ISSUES

SIGNIFICANCE OF IT-
SECURITY

IT 


PROTECTION AGAINST CYBER THREATS
PRESERVING DATA INTEGRITY AND
CONFIDENTIALITY

SECURITY
DEFINITION:



BUSINESS CONTINUITY
COMPLIANCE WITH REGULATIONS
“IT SECURITY, ALSO KNOWN AS CYBERSECURITY, ENCOMPASSES A SET OF PRACTICES, TECHNOLOGIES,
AND STRATEGIES DESIGNED TO SAFEGUARD COMPUTERS, NETWORKS, AND INFORMATION FROM
 SAFEGUARDING INTELLECTUAL PROPERTY
UNAUTHORIZED ACCESS, ATTACKS, AND DAMAGE”

 MITIGATING FINANCIAL LOSSES

KEY COMPONENTS OF IT-SECURITY 1-MULTI-FACTOR AUTHENTICATION
(MFA):
 FIREWALLS MFA IS A SECURITY MECHANISM THAT IS USED TO ENHANCE THE
SECURITY OF USER ACCOUNTS BY COMBINING MULTI FACTORS THAT
 ANTIVIRUS SOFTWARE FALL INTO THREE CATEGORIES;
 ENCRYPTION
 MULTI-FACTOR AUTHENTICATION (MFA)  THIS IS TYPICALLY A PASSWORD OR PIN (PERSONAL IDENTIFICATION
NUMBER).
 SECURITY PATCHING

 IT MAY BE A PHYSICAL TOKEN OR A DEVICE THAT THE USER POSSESSES.

 IT RELATES TO BIOMETRICS AND INVOLVES PHYSICAL OR

CHARACTERISTICS. BEHAVIOURAL

2-FIREWALLS: 3-ENCRYPTION:

 A FIREWALL IS A NETWORK SECURITY DEVICE OR SOFTWARE THAT

MONITORS AND CONTROLS INCOMING AND OUTGOING NETWORK  ENCRYPTION IS A PROCESS OF CONVERTING INFORMATION
TRAFFIC BASED ON PREDETERMINED SECURITY RULES. INTO A SECURE CODE TO PREVENT UNAUTHORIZED ACCESS.

 THE PRIMARY GOAL OF A FIREWALL IS TO ESTABLISH A BARRIER  IN THE CONTEXT OF IT SECURITY, ENCRYPTION IS A
BETWEEN A TRUSTED INTERNAL NETWORK AND UNTRUSTED EXTERNAL FUNDAMENTAL TECHNIQUE USED TO PROTECT SENSITIVE
DATA FROM BEING ACCESSED, INTERCEPTED, OR TAMPERED
NETWORKS, SUCH AS THE INTERNET. WITH BY UNAUTHORIZED INDIVIDUALS OR ENTITIES.

 BY ENFORCING A SET OF RULES AND POLICIES, FIREWALLS HELP  IT INVOLVES THE USE OF ALGORITHMS AND CRYPTOGRAPHIC
PREVENT UNAUTHORIZED ACCESS, PROTECT AGAINST MALICIOUS KEYS TO TRANSFORM PLAINTEXT (READABLE DATA) INTO
ACTIVITIES, AND ENSURE THE SECURITY AND INTEGRITY OF THE CIPHERTEXT (UNREADABLE DATA), MAKING IT
NETWORK. INDECIPHERABLE WITHOUT THE APPROPRIATE DECRYPTION
KEY.
4-ANTIVIRUS
SOFTWARE:
 ANTIVIRUS SOFTWARE ACTS LIKE A DIGITAL
GUARDIAN FOR YOUR COMPUTER,


PROTECTING IT FROM HARMFUL PROGRAMS.
IT SCANS YOUR COMPUTER REGULARLY TO
5-SECURITY
FIND AND IDENTIFY VIRUSES, MALWARE, AND
OTHER STUFF THAT CAN HARM YOUR SYSTEM. PATCHING:
 WHEN IT FINDS A THREAT, THE ANTIVIRUS
• SECURITY PATCHING IS LIKE APPLYING UPDATES OR FIXES TO
SOFTWARE TAKES ACTION TO REMOVE OR YOUR COMPUTER'S SOFTWARE. THESE UPDATES ARE
DESIGNED TO FIX VULNERABILITIES OR WEAKNESSES THAT
QUARANTINE IT, PREVENTING FURTHER COULD BE EXPLOITED BY CYBER ATTACKERS.

DAMAGE.
• SOFTWARE VULNERABILITIES ARE WEAKNESSES OR FLAWS IN
 ANTIVIRUS SOFTWARE STAYS UPDATED TO A PROGRAM'S CODE THAT COULD BE EXPLOITED BY
ATTACKERS TO COMPROMISE THE CONFIDENTIALITY,
RECOGNIZE NEW TYPES OF THREATS. INTEGRITY, OR AVAILABILITY OF THE SYSTEM.

COMMON IT PRACTICES FOR IT

SECURITY THREATS: SECURITY:
 PHISHING ATTACKS: DECEPTIVE METHODS USED TO  REGULAR SECURITY AUDITS: IDENTIFY
TRICK INDIVIDUALS INTO SHARING SENSITIVE VULNERABILITIES AND FINE-TUNE SECURITY
INFORMATION OR INTRODUCING MALWARE.
PROCESSES TO ADDRESS NEW THREATS.

 RANSOMWARE:
 INSIDER THREATS: RISKS POSED BY CURRENT OR  EMPLOYEE AWARENESS TRAINING: EMPOWER
FORMER EMPLOYEES WHO MISUSE THEIR ACCESS TO STAFF TO RECOGNIZE AND RESPOND TO
COMPROMISE SYSTEMS. POTENTIAL SECURITY RISKS EFFECTIVELY.

 RANSOMWARE: IT'S A TYPE OF MALICIOUS

SOFTWARE THAT, ONCE IT GETS INTO YOUR DEVICE,  STRONG AUTHENTICATION MEASURES:
ENCRYPTS YOUR FILES, MAKING THEM UNREADABLE IMPLEMENT MULTI-FACTOR AUTHENTICATION
AND DEMANDS MONEY FOR ITS RELEASE. SYSTEMS TO FORTIFY ACCESS CONTROLS.
DATA PROTETION:
DATA ACCURACY: IT REFERS TO THE PRINCIPLE THAT PERSONAL DATA SHOULD BE
ACCURATE, UP-TO-DATE, AND RELEVANT FOR THE PURPOSES FOR WHICH IT IS
PROCESSED. ORGANIZATIONS ARE RESPONSIBLE FOR TAKING REASONABLE STEPS TO
ENSURE THAT THE PERSONAL DATA THEY HOLD IS ACCURATE AND, IF NECESSARY, KEPT UP
 DATA PROTECTION IS THE PROCESS OF PROTECTING SENSITIVE TO DATE. THIS HELPS PREVENT THE DISSEMINATION OF INCORRECT INFORMATION AND
INFORMATION FROM DAMAGE, LOSS, OR CORRUPTION.
ENSURES THAT INDIVIDUALS HAVE RELIABLE DATA ABOUT THEMSELVES.
 AS THE AMOUNT OF DATA BEING CREATED AND STORED HAS
INCREASED AT AN UNPRECEDENTED RATE, MAKING DATA PROTECTION ACCOUNTABILITY: ACCOUNTABILITY IN DATA PROTECTION REFERS TO THE RESPONSIBILITY
INCREASINGLY IMPORTANT. OF ORGANIZATIONS TO COMPLY WITH DATA PROTECTION LAWS AND REGULATIONS. IT
PRINCIPLES:
INVOLVES IMPLEMENTING MEASURES TO ENSURE THAT PERSONAL DATA IS PROCESSED
LAWFULLY, TRANSPARENTLY, AND IN ACCORDANCE WITH INDIVIDUALS' RIGHTS.
 LAWFULNESS, FAIRNESS AND TRANSPARENCY.
PURPOSE LIMITATION: ORGANIZATIONS SHOULD CLEARLY DEFINE THE PURPOSE FOR
 PURPOSE LIMITATION.
WHICH DATA IS COLLECTED AND SHOULD NOT USE THE DATA FOR ANY OTHER
 DATA ACCURACY. INCOMPATIBLE PURPOSES. THIS PRINCIPLE ENSURES THAT INDIVIDUALS ARE AWARE OF
 STORAGE LIMITATION. WHY THEIR DATA IS BEING COLLECTED AND THAT ORGANIZATIONS DO NOT MISUSE OR
OVERREACH THE INITIAL STATED PURPOSE.
 INTEGRITY AND CONFIDENTIALITY (SECURITY)
STORAGE LIMITATION: STORAGE LIMITATION IS ANOTHER DATA PROTECTION PRINCIPLE
 ACCOUNTABILITY.
THAT EMPHASIZES THE NECESSITY OF STORING PERSONAL DATA ONLY FOR AS LONG AS IT
 IS NEEDED FOR THE PURPOSES FOR WHICH IT WAS COLLECTED.

FUTURE TRENDS ARTIFICIAL INTELLIGENCE IN IT

SECURITY:
 AI IN IT SECURITY.
 AI IN CYBERSECURITY IS LIKE HAVING A SMART ASSISTANT FOR
 IOT SECURITY PROTECTING YOUR COMPUTER AND DATA.
 CLOUD SECURITY
 IT IS LIKE A SUPER-SMART SECURITY GUARD THAT LEARNS THE USUAL
CLOUD SECURITY: BEHAVIOR OF YOUR COMPUTER AND ALERTS YOU OR TAKES ACTION
 CLOUD SECURITY, IN SIMPLE TERMS, IS LIKE HAVING A PROTECTIVE IF IT SEES SOMETHING SUSPICIOUS.
SHIELD FOR THE DIGITAL INFORMATION AND SERVICES YOU STORE OR
ACCESS ON THE INTERNET (IN THE CLOUD).
 AI CAN HELP IN DETECTING AND DEFENDING AGAINST VARIOUS
 IT INVOLVES MEASURES AND TECHNOLOGIES TO ENSURE THAT YOUR
CYBER THREATS, MAKING YOUR DIGITAL WORLD SAFER BY QUICKLY
DATA IS KEPT PRIVATE, SAFE FROM UNAUTHORIZED ACCESS, AND
PROTECTED AGAINST CYBER THREATS. RESPONDING TO POTENTIAL DANGERS.
IoT(INTERNET OF THINGS) SECURITY:

INTERNET OF THINGS (IOT):

THINKOF IOT AS EVERYDAY THINGS (LIKE YOUR FRIDGE, THERMOSTAT,
OR CAR) BEING CONNECTED TO THE INTERNET. THIS CONNECTION
ALLOWS THEM TO SEND AND RECEIVE DATA, MAKING THEM SMARTER
AND MORE USEFUL.
IOT

JUST
SECURITY:
LIKE YOU LOCK YOUR HOUSE TO KEEP IT SAFE, IOT DEVICES NEED
Conclusion
• IN CONCLUSION, PRIORITIZING IT SECURITY IS IMPERATIVE IN SAFEGUARDING SENSITIVE DATA AND PREVENTING POTENTIAL
THREATS.
PROTECTION TOO. IOT SECURITY IS ABOUT MAKING SURE THESE
• ADDRESSING OTHER ISSUES, SUCH AS SYSTEM VULNERABILITIES AND USER AWARENESS, FURTHER ENHANCES OVERALL
CONNECTED THINGS ARE SAFE FROM HACKERS WHO MIGHT WANT TO CYBERSECURITY RESILIENCE.

ACCESS YOUR PERSONAL DATA OR CONTROL YOUR DEVICES. • A COMPREHENSIVE APPROACH IS ESSENTIAL TO MITIGATE RISKS AND ENSURE THE INTEGRITY OF DIGITAL ENVIRONMENTS.