Introduction to Cyber Security

Cybersecurity is the practice of protecting systems, networks, and data from digital attacks while promoting responsible and sustainable use of technology. In today’s connected world, cybersecurity not only secures information but also supports eco-friendly digital growth by reducing wasteful practices and system misuse.

  • Protects sensitive personal, organizational, and environmental data
  • Encourages secure digital transformation over paper-based systems
  • Reduces energy waste caused by cyber attacks and system failures
  • Builds trust in modern green technologies
  • Supports a safer and smarter digital future

Core Pillars of Cybersecurity

Cybersecurity is built on foundational principles that ensure information remains safe, accurate, and accessible. These principles guide professionals in designing secure and sustainable systems.

1. Confidentiality

  • Ensures that sensitive data is accessed only by authorized users
  • Prevents data leakage through encryption and access controls

2. Integrity

  • Protects data from unauthorized changes or tampering
  • Ensures information remains accurate and trustworthy

3. Availability

  • Ensures systems and data are accessible when required
  • Protects services from downtime, failures, and cyber attacks 

1. Network Security

It focuses on securing computer networks from unauthorized access, data breaches, and other network-based threats. This involves implementing technologies such as Firewalls, Intrusion detection systems (IDS), Virtual private networks (VPNs), and Network segmentation as well as deploying antivirus software

  • Using public Wi-Fi in locations like cafes and malls poses significant security risks. Malicious actors on the same network can potentially intercept your online activity, including sensitive information.
  • If you use payment gateways on these unsecured networks, your financial data could be compromised because these open networks don’t have proper security layers, which means anyone even hackers can watch what you're doing online.
  • So, use a secure private network or VPN to protect your internal network from outside threats

2. Application Security

Concerned with securing software applications and preventing vulnerabilities that could be exploited by attackers. It involves secure coding practices, regular software updates and patches, and application-level firewalls.

  • Most of the Apps that we use on our cell phones are Secured and work under the rules and regulations of the Google Play Store.
  • There are 3.553 million applications in Google Play, Apple App Store has 1.642 million, and Amazon App Store has 483 million available for users to download. With so many choices, it’s easy to assume all apps are safe—but that’s not true.
  • Some apps pretend to be secure, but once installed, they collect personal data and secretly share it with third-party companies.
  • The app must be installed from a trustworthy platform, not from some 3rd party website in the form of an APK (Android Application Package).

3. Information or Data Security

Focuses on protecting sensitive information from unauthorized access, disclosure, alteration, or destruction. It includes Encryption, Access controls, Data classification, and Data loss prevention (DLP) measures.

  • Incident response refers to the process of detecting, analyzing, and responding to security incidents promptly.
  • Promoting security awareness among users is essential for maintaining information security. It involves educating individuals about common security risks, best practices for handling sensitive information, and how to identify and respond to potential threats like phishing attacks or social engineering attempts.
  • Encryption is the process of converting information into an unreadable format (ciphertext) to protect it from unauthorized access.

4. Cloud Security

It involves securing data, applications, and infrastructure hosted on cloud platforms, and ensuring appropriate access controls, data protection, and compliance. It uses various cloud service providers such as AWS, Azure, Google Cloud, etc., to ensure security against multiple threats.

  • Cloud-based data storage has become a popular option over the last decade. It enhances privacy if configured and managed correctly and saves data on the cloud, making it accessible from any device with proper authentication.
  • These platforms offer free tiers for limited usage, and users must pay for additional storage or services
  • It is a cloud service provider that offers a wide range of services, including storage, computing, and security tools.

5. Endpoint Security

Refers to securing individual devices such as computers, laptops, smartphones, and IoT devices. It includes antivirus software, intrusion prevention systems (IPS), device encryption, and regular software updates.

  • Antivirus and Anti-malware software that scans and detects malicious software, such as Viruses, Worms, Trojans, and Ransomware. These tools identify and eliminate or quarantine malicious files, protecting the endpoint and the network from potential harm.
  • Firewalls are essential components of endpoint security. They monitor and control incoming and outgoing network traffic, filtering out potentially malicious data packets.
  • Keeping software and operating systems up to date with the latest security patches and updates is crucial for endpoint security.

6. Operational Security

Refers to the processes and policies organizations implement to protect sensitive data from internal threats and human errors.

  • Access Controls ensure that only authorized personnel can access critical systems and sensitive information. This includes role-based access, multi-factor authentication (MFA), and least privilege principles.
  • Risk Management involves identifying, analyzing, and mitigating security risks within an organization. It includes regular security assessments, vulnerability testing, and compliance audits.
  • Employee Training is crucial for preventing insider threats and social engineering attacks. Organizations conduct cybersecurity awareness programs to educate employees on phishing scams, password security, and data handling best practices.
  • Monitoring & Incident Response includes tracking user activity, detecting suspicious behavior, and responding to security incidents in real time. Security Information and Event Management (SIEM) tools help organizations analyze and mitigate threats effectively.

7. Internet of Things (IoT) Security

Refers to protecting internet-connected devices such as smart home gadgets, industrial sensors, medical equipment, and wearable technology from cyber threats. IoT security ensures that these devices do not become entry points for hackers to exploit networks and steal sensitive data.

  • Device Authentication & Encryption ensures that only authorized devices can connect to networks. Encryption protects data transmitted between IoT devices and servers from interception.
  • Firmware & Software Updates are crucial to patch security vulnerabilities. Regular updates help prevent exploitation by cybercriminals who target outdated IoT firmware.
  • Network Segmentation isolates IoT devices from critical systems, reducing the risk of widespread attacks if one device is compromised. This approach limits unauthorized access and lateral movement within a network.
  • IoT Security Standards & Compliance include implementing industry security frameworks like Zero Trust Architecture (ZTA) and following best practices such as strong password policies, secure APIs, and endpoint protection to enhance IoT device security.

 

Comments

Post a Comment

Popular posts from this blog

Welcome to Tech updates

  Big Trends and Breakthroughs in Tech (Dec 2025) 🧠 1. AI Dominates Wearables and Everyday Devices 2025 is officially the year AI took over wearables . Smart devices — from glasses to rings and pendants — are no longer just tracking your steps or notifications. They’re now AI companions : summarizing your conversations, generating to-do lists, and offering real-time assistance. Major companies like Meta, Google, Apple, Samsung, Fitbit, and Garmin are integrating advanced AI features into their wearables, blurring the line between wearables and personal assistants . The Verge Why this matters: Wearables are becoming essential AI touchpoints, not just fitness gadgets — signaling a shift in how people will interact with technology daily. 🌍 2. Global Shifts in Tech Infrastructure The tech landscape is changing rapidly in Asia. Malaysia is emerging as a key AI data-center hub , competing with Singapore, while Taiwan and China focus on semiconductor resilience and supply chain s...
Read more