Cyber security theory
Information security
�What is cyber security ?
Cyber security is the protection of data from unauthorized
access, modification, or destruction.
Main objectives:
● Confidentiality – access to data is granted only to
authorized users.
● Integrity – protecting data from alteration and corruption.
● Accessibility – ensuring the flawless operation of systems.
Cyber security
�The main threats to cyber security
Cyber attacks - account Unauthorized access – the use
hacking attempts, virus of someone else's credentials or
attacks, and phishing lack of protection
Malware – viruses, spyware, Human factor – user errors and
trojans accidental data leakage
Cyber security
�Data protection methods
➢ Authentication and authorization – verification of the user's identity.
➢ Data encryption – the protection of stored information.
➢ Access control – configuring user permissions.
➢ Antivirus systems – malware protection.
➢ Backup – preventing data loss.
Cyber security
�Protection from password guessing
Using complex passwords and multi-factor
authentication
Enabling rate limiting to prevent brute-force
attacks
Automatic account suspension after multiple failed
login attempts.
Example:
If someone tries to log into a bank account and enters the wrong password 5 times, the system
will temporarily block the login.
Cyber security
�Secure network connection
Using VPNs (virtual private networks) for remote
access.
Avoiding public Wi-Fi networks or using them only
with additional protection.
Regular software updates to protect against
vulnerabilities
Example:
An employee works from a cafe and connects to public Wi-Fi. If he or she doesn't use a VPN, an
attacker can intercept their data.
Cyber security
�Physical computer security
Automatic logout when user is inactive.
Screen lock in case of temporary user absence.
Using biometric authentication or smart cards.
Example:
An employee left an unlocked laptop in the office and the attacker gained access to it.
Cyber security
�Data encryption
Converting information into an encrypted form that can only be accessed
with a key. It is used to protect databases, files, and correspondence.
Basic methods:
Symmetric Asymmetric (public and
(one key) private keys).
Example:
Messengers use end-to-end encryption so that only the sender and recipient can read
the messages.
Cyber security
�Malicious attachments and
mail protection
Filters and antivirus scanners protect against viruses
in emails.
When receiving emails:
Do not open suspicious attachments, Use spam filters and verify the
even if you know the sender. sender's domain.
Example:
An employee received an email with an attachment "Invoice.ехе ". If the email is opened,
a virus is installed on the computer.
Cyber security
�Restrict access to systems
Differentiate user rights Log all user actions for security
(administrators, users, guests). monitoring.
Use the role-based access model (RBAC).
Example:
A company accountant can see employee salaries, but cannot edit them without
the approval of the executive.
Cyber security
�Security monitoring and auditing
Includes:
Regular check of logs Performing Updating passwords
for suspicious activity. penetration tests to and credentials for
find vulnerabilities. former employees.
Example:
A company conducts a security audit and discovers that many employees
have weak passwords.
Cyber security
�Human factor and user training
Training employees to recognize
Conducting cyber security trainings. phishing attacks.
Actions taken by management to protect information
Regularly remind employees of the rules for
handling confidential information.
Example:
A company sent test phishing emails to employees. Half of the employees have opened them,
which means additional training is needed.
Cyber security
�Modern protection technologies
Biometric authentication
(fingerprints, Face ID)
Artificial intelligence to analyze abnormal activity
Blockchain for secure data storage
Example:
An AI system notices that a user has logged into their account from a different country and
requests additional verification.
Cyber security
�What should be done
in the event of an incident?
Disconnect infected devices from the network.
Notify the IT service or the security administrator.
Perform a system check and restore the data.
Develop a plan to prevent similar incidents in the future.
Cyber security
�Results and key conclusions
Information security is a set of measures taken to protect data.
● It is important to use authentication, encryption, and access control.
● It is required to regularly update the software and to train the users.
● Automated systems help identify and prevent threats.
Cyber security
