[0:07]Hi, good morning everyone and welcome to the video on introduction to Cyber security. My name is Bipin Kulkarni and we'll be discussing what exactly cyber security is and how it affects our day-to-day work lives. But before we begin with the details of cyber security, let's consider this as an example. In an office one day, Quinn, who is following his daily routine, working on his computer, trying to crunch the numbers, work his data through. But in the background, without his knowledge, there is a hacker who's trying to access the confidential files located on Quinn's computer. Through a vulnerability, the hacker is able to access those files and he or she then transfers those files back to the hacker's computer. So, what can happen due to this? Legal ramifications to the business, loss of company secrets, leakage of information, uh maybe industrial espionage, which basically means a competitor is trying to analyze a company company secrets. And trying to gain access to their data or they could hold the company for ransom and ask them for money. Or sell it to criminals who can further dilute the information or misuse that information for the criminal activities. Anything is possible. So, it's a very bad scenario if a hacker gets access to the company secrets. So, what is it that we're going to discuss in this video? To start off with, we're going to talk about what is cyber security. Then we are going to talk about why cyber security is necessary in today's world. How does it work, who is a cyber security expert, what are the skills required, and of course, what are the courses and certifications required from an individual to be called a cyber security expert. So, let's begin with the first one, what is cyber security? Cyber security by itself is a process, a design and architecture, created to protect networks and devices from attacks, damage, or unauthorized access. So, the advantages of cyber security are that you want to protect your business. Like in the previous example, we just talked about an individual and his files being accessed, what if company server got compromised or their web applications got compromised and their databases leaked out. So, we want to protect our businesses from hackers which will result in increased productivity because people would then be in a very controlled environment concentrating more on their work than worrying about cyber criminals. It would inspire customer confidence, where if I as an organization, I'm going to audit myself, I'm going to ensure that I'm compliant to certain regulations. Uh my clients would feel more confident about sharing their information with me as an organization. It would help me uh making my applications and websites more stable, protect uh them from external threats. And would also protect my customers or clients from cyber attacks because I would be holding some amount of data for my customers and clients as well.
[3:07]So, essentially, what we want to achieve out of here is a design which we want to implement in a manner which will allow all these factors to function in a standardized manner. So, why do we want this? And what would be the advantages of implementing cyber security? Now, first and foremost, what is cyber security? There are three main pillars of cyber security that we deal with since the inception of computers. And they are known as the confidentiality, integrity and availability triad. Also known as CIA, not to be confused with the American intelligence Agency, but here we're looking at three different pillars where we want our data to remain confidential. The integrity of that data to be intact and the data to be made available at all points in time. So, let's talk about these three aspects. The principle of confidentiality assert that information and functions can be accessed only by authorized parties. So, for example, even if you password protect your file, what is it that you're trying to do? You're trying to prevent other users accessing your data and peeping into your files so that your data remains confidential. It is only shared with people who know the password. Integrity. This is where the trustworthiness of that data comes into the picture where if the data is going to be changed. For example, you have a spreadsheet which has a lot of information about users, uh and their login activities and what not, and you want to ensure that that data is not modified by any unauthorized user. So, you're going to verify that the information is correct and is not modified by anybody who's unauthorized. The availability part ensures that this data is made available to all authorized users when and where they want it. Right? Uh the principles of availability assert that in systems, functions, and data must be available on demand according to agreed upon parameters based on levels of service. Now, this is where your uh service level agreements would come in. For example, when we log on to Gmail, we always assume that Gmail is going to work and is going to be available online. At no point in time or very few times has it ever occurred that you've gone onto the internet, typed in gmail.com and the website is not available. In fact, if the website doesn't open, we figure out the internet is not working. Right? But Gmail as a service is always made available. Now, when we talk about threats to CIA, the confidentiality, integrity and availability, we talk about them in two different parameters, cybercrime and hacking. So, what is cybercrime? Cybercrime is any criminal activity or any unauthorized activity that would involve the usage of any computing device which would result as a security incident at the victim's end. Most cyber crimes are carried out in order to profit from them. Criminals would try to do phishing attacks to steal your money out of your bank accounts or would try to con you into giving out your credentials, thus compromising your email accounts or your social media accounts and try to gain access to your identity. Cybercrimes are generally carried out against computers or devices directly to damage or disable them, spread malware, secret, steal secret information, etc. So, this talks about the motivation part of cybercrimes, what would be the motivational aspect for a person to conduct such an activity, right? So, basically to cause damage, like WanaCry happened in 2017, the perpetrators those those used WanaCry, probably gained a lot in the ransom that they demanded for their data to be decrypted, but it also cost the world a lot of money in profits that were lost. So, let's talk about types of cybercrime. The first type is a computer assisted crime where the computers are used as mere tools to assist a particular crime. For example, frauds or online bank hijacking, uh where hackers hack into a bank and steal a digitally steal money from a bank. Now, this could have happened without the help of computers as well, but here computer assisted the crime and hence it would fall under the computer assisted crime section. The second part is where the computer itself was a target of a crime. For example, a denial of service attack or viruses which rendered the computer useless or sniffing of data packets on the network, thus compromising passwords and other confidential information. The third is a computer which is incidental to the crime. So, here the computer was used as a temporary measure to store some data such as child pornography or some other some other data which made the computer incidental to the crime. All right, let's look at a business scenario for cyber security. There is a quiz at the end, so please listen up and pay attention. There's this company called Stark Industries and one day most of the employees have started reporting that their systems have either crashed or have started hanging. So, the IT security team comes in, does their investigation, tries to find out what exactly went wrong and they've identified that an employee has clicked on a suspicious link. Now, these links could either be received as an email or wire an email through social media like Facebook or somebody sending out a Skype chat and attachments within Skype. Now, once a user clicks on these links, these links are designed to redirect the connection that the computer is going to make to a malicious server hosted by the hacker. And it supposedly downloads a malicious file or some scripts and executes them on the victim's machine. Once executed, these scripts or the content within these files, maybe the content could be a virus or a Trojan. These will start executing themselves and start infecting machines and start basically behaving the way they have been programmed to behave. In this scenario, a lot of users started reporting that their machines started crashing or their systems hanged. Now, the security team scanned all the systems and blocked Facebook and Skype on all machines until further orders. Now, this is a preventive mechanism where you're going to prevent possible attacks, future attacks from coming in. So, the reaction of the security team here is to block those sites from where the attack may have happened. The question to you at this point in time is, what type of computer crime is being referred to in this scenario? Is it a computer assisted crime, computer as the target crime, or computer incidental to the crimes? So, please post your answers in the comment sections below and we'll respond back to you about your answers. Now, let's go a little bit further and see what would motivate people for committing such cybercrimes. Right? The first and foremost motive is disrupting business continuity. Others would be uh looking at data theft or information theft and manipulating that data to gain from that data. So, if I'm able to access your computer and steal some data that has some value to you and sell it or make it public, you would be at a financial loss because that data no longer has any value. Creating fear and chaos by disrupting critical infrastructure. For example, a company's infrastructure crashes, the services are no longer being offered by that organization and people start panicking or start fearing an attack by cyber criminals and it leads to chaos. Financial loss to the target, which is very obvious. If I do a denial of service attack or if I make a service unavailable from an organization, what is going to happen is since that that service is not functioning, uh the company is not going to make any money out of it and thus going to suffer a financial loss. Achieving state's military objectives, a one country spying on another country, trying to gather information about their military intelligence, military activities or any other activities that can harm the original country. Demanding ransom, hackers can encrypt your data and then demand a ransom from you in lieu of decrypting the data again. Damaging reputation of a target, impersonating a user on the social media platforms, making false statements, thus damaging the reputation of that person and propagating religious or political beliefs. Religious fanatics, promoting whatever cultures that they want to promote, trying to gain more followers, thus bringing more unrest to the world. Any of these could become motives for cybercrime. In fact, it could be just a script kiddy where people are trying to learn about hacking and uh they just start hacking for fun. They might not even have a motive for making a a profit out of it. Maybe it just thrills them uh so that they're able to uh showcase their skills and that's why they do a cybercrime. So, which brings us to the next topic where we talk about types of hackers. This will allow us to identify what kind of attacks are also possible on a particular organization as far as motives are concerned. So, the basic types, let's start off with the black hat hacker, individuals with extraordinary computing skills resorting to malicious or destructive activities. These are your criminal hackers who try to profit from their crimes and they will have a malicious intent in trying to hack a victim organization. The gray hats are individuals who work both offensively and defensively at various times. What does that mean? They could work as black hat hackers with malicious intent and try to harm some organization, while on the other hand, they would also try to work as a security analyst and try to enhance the security posture of an organization for a remuneration. Third one, which is white hat, which is what we want to be or what we want to achieve ourselves as an individual who professes the same skills as a black hat hacker, probably uses the same tools, has the same kind of knowledge, but the intent is different. They're going to use them for defensive purposes, there's no malicious intent, they act with authorization from the organization and they will try to detect any flaws and try to plug out those flaws so that black hat hackers would not be able to misuse those flaws to gain access.
[12:41]Suicide hackers. Now, individuals who aim to bring down critical infrastructure for a cause and are not worried about facing jail terms or any other punishment. So, any people or any organization or a group of people, for example, anonymous or these kind of organized hackers, they have a political cause or a social cause that they want to promote and they do this by hacking critical infrastructure of organizations, bring it down, defacing their website. Now, why would these not be classified as black hat hackers? The main difference between black hat hackers and suicide hackers is that black hat hackers will try to hide their identity. They will always have a fake identity that they will utilize and try to hide behind it. Whereas suicide hackers will claim responsibility for the attacks that they have done and will boost about it. They will not be worried about facing repercussions for the attacks that they have done. The script kiddy. A script kiddy is an unskilled hacker who compromises systems by running scripts, tools and software is already developed and already made available by real hackers. So, these guys have very minimal technical knowledge, they have no idea how that attack works. They're just going to use an automated tool, click on a few buttons and hope that the attack succeeds. A cyber terrorist, individuals with wide range of skills motivated by religious or political beliefs to create fear by large scale disruption of computer networks. We could talk about organizations like ISIS who have a lot of digital propaganda that they use and target weak-minded people to join their causes or people who spread ransomware who they who terrorize organizations and hold them to ransom and demand money from them by encrypting their data. State sponsored hackers, individuals employed by the government to penetrate and gain top secret information and to damage information systems to other governments. The best example would be the cyber wars that are going on these days. Uh most of the organizations, most of the countries nowadays would have a secret cyber cell consisting of highly skilled hackers who are interested with the task of spying on the enemies and trying to gather information by hacking into their infrastructure. Now, it is not going to be a legit job, it will always be masked by a legit organization, but this is uh this does happen. Hacktivism, individuals who promote a political agenda by hacking, especially defacing or disabling websites. So, the difference between suicide hackers and hacktivism is suicide hackers have a social cause that they want to promote. Hacktivists would have a political agenda and they're going to deface websites and they're going to promote their agenda by defacing such websites. All right, so let's talk about some common attacks in cyber security. The most common attack ever seen in today's world is a denial of service attack. So, this is where the hacker tries to consume the resources of the victim server in such a way that there are no resources available for legitimate users to connect to the server and conduct their business. Other attacks that you'll face would be malware attacks where uh there would be a malicious software that would deliver a Trojan virus or a worm uh to the victim, uh does infecting the victim's machine and rendering it useless. A man in the middle attack where the hacker would put himself in between your machine and the router and start sniffing data packets that you're sending, thus trying to compromise information contained within those packets. So, the phishing attack is where a hacker will send a seemingly legitimate looking message to you, an email that say, asking you to perform certain actions. Uh where the hacker would be impersonating another organization and you fall prey to that and end up giving your confidential information. A drive by attack, cross site scripting attacks where web applications get compromised and scripts are embedded within those applications or within commands that are sent out by the users. Password attacks where you hackers try to compromise the passwords of users by cracking them based either on brute force, dictionary based attacks or password guessing. Eavesdropping attacks, this could be physical in nature where somebody overhears what you're saying or tries to capture data packets that contain your VoIP transmissions where where let's say you're assuming you're making a Skype or a link based call. SQL injection attacks where again attackers will target your database, try to send in malicious queries, which will compromise your database and the data within. Birthday attacks, it is based on cryptography, uh where they are you're looking at permutations and combinations of how algorithm functions and then you're looking at uh the permutations on how many times the processing needs to be done for that algorithm to be reversed. So, these are some of the most common attacks in cyber security. Now, uh these more than attacks would be threats that you're going to face, there would be various different methods that these attacks can be launched and that's where the cyber security expert comes in with their knowledge of identifying what exactly is a threat to the organization and how they are going to prevent that from happening. But more on that a little bit later. Let's look at the history of cybercrime. So, as you can see, this graph shows us how cybercrime has progressed over the years in 1990s, MNC database, Pentagon and IBM where hacked. Again, in 1990s, national crackdown on criminals, Microsoft NT operating system pierced. So, uh this is where hacking started becoming more mainstream. Right? Uh before this, hacking was very much limited to organizations who used computers, but in the late 80s, internet happened and then we had e-commerce coming in. Which basically led to our online retail stores, online banking and uh online data stores as well. Which then led to criminals hijacking this data or hijacking your money and trying to steal it on the internet itself. In 2001, cybercriminals launched attacks against eBay, Yahoo, CNN.com, Amazon and others. 2007, this was where one of the biggest bank hacks had happened, Swedish bank, Nordea. They recorded at least a million dollars being stolen in three months from 250 accounts. 2013, Adobe had 2.9 million accounts compromised and their usernames and passwords released on the open internet. In 2016, Kaspersky, one of the leading antivirus providers to the world, reported around 758 million malicious attacks that occurred, which they identified themselves. Uh these are some of the most famous faces in cyber security or earlier cybercrime. In 1988, Robert Morris, uh he's an American computer scientist and entrepreneur. He's best known for creating what is called the Morris worm and this was way back in 1988 and this is one of the first computer worm that has been identified on the internet. Kevin Lee or Kevin Lee Poulson, in 1990, he was accused of hacking into uh Los Angeles Los Angeles radio station called KIIS-FM. Uh where there was a contest going on and if you're a particular number of caller and give a correct answer, you're supposed to win a Porsche 944. And he hacked the those telephone lines, ensuring that he became that particular person and answered the question correctly. Uh it was later on revealed that this actually happened. He was jailed for it. Just a matter of trivia, Kevin Lee Poulson, he was one of the first people found guilty and was banned from using computers and the internet for three years after his release. In today's world, we cannot even imagine living without the internet. This guy lived for three years without it. Then comes David Smith. David Smith, uh he created the Melissa virus. Now, Melissa virus, one of the most dynamic viruses known, uh around March 1999, uh that's when this happened. This virus was released and this was a macro-based virus which affected Microsoft Word and Outlook based files. Adam Botbyl in 2004. He's also an American computer hacker from Michigan. He gained unauthorized access to Love's corporate computer network via an open unsecured wireless access points. Uh now these access points back then we're not that much secured. Uh these people were able to identify it. What they tried to attempt by doing that was gain access to the company's network and install a software which would then help them capture credit card information of that organization. Right? And uh this was later on identified as well and uh he was prosecuted for that crime and got jailed. Now, let's see how cyber security works. Uh it's all about securing a computer and there are various methodologies, there are various factors that come in on how you're going to secure uh various aspects of the same computer. We start off by authentication mechanisms. What is authentication? Authentication is the part where you're going to identify a person, authorize that person for some access controls and authenticate that person to ensure that the person is the same person who they claim to be. So, here you start off with a username and you associate a password with it. The username is used to identify the account that the person wishes to access. The password is the authentication mechanism to prove that the person is who they are. Now, here you may want to enhance the authentication mechanism by using a two-way authentication mechanism. For example, with banks, when you type in the username and password, they send an OTP or a one-time password, which is auto-generated by a server and sent to a registered device that the person owns. For example, a cell phone. So, that's one uh added layer of security where you're not only relying on the password, which can be cracked, but you're relying on a third-party device as well, which the person needs to have physical access to, where they're going to receive the OTP and then they're going to input it. Every time they try to log in, a new OTP will be generated. Securing your passwords. Just having a password may not be sufficient, you have to ensure that the password meets some complexity standards to ensure that the security of those passwords or the complexity of those passwords is high enough where cracking programs will not be able to easily crack the password. Regular updates. All the operating systems or the applications that you use will be receiving regular updates, could be for functionality, but more for security. So, as new vulnerabilities in applications or operating systems are found out, the software vendors or the developers of those softwares over a period of time start sending out these updates, also called patches to the end users. It is very important for the end users to identify these security patches and install them on their devices as soon as possible. Else, they remain open for those vulnerabilities and unpatched systems thus can easily be hacked. Usage of an antivirus. To protect yourself from viruses, worms, Trojans, essentially malwares, there needs to be a software that needs to that's installed on your computer that is going to watch out for them. You cannot rely on the operating system itself to protect you. So there has to be an antivirus which will be scanning the connections that you're making, the websites that you will be visiting, the files that are getting executed in the background and ensure that everything that is happening is legit. Installing a firewall on a system or a server. A firewall essentially is a software or a hardware that allows or disallows some functionality. For example, a port to be opened or closed or a service to function on a computer or not function on a computer. Thus, what you're trying to do here by disabling unwanted services is you're limiting the threat landscape that you're creating for your computer. If a service doesn't exist on your computer, it cannot be hacked. So, the essence here is first identify which ports you'll be using, which services you will be using and then create a policy on the firewall to ensure that only required ports and services are running. No phishing. So, phishing, as we said, could be a malicious website that is being hosted by a hacker. The hacker sending you a fake mail, looking like a genuine email, asking you to connect to that particular server and fooling you into you giving that confidential information to the hacker. So, you should either the antivirus or an addition to that would have an anti-phishing toolbar, which would identify the websites that you're visiting and give you the risk rating of that website, giving you an idea whether this website was ever reported as a phishing website or not. Cryptography encryption. The best way to keep everything secure is to encrypt it. However, what kind of encryptions are required, what should be encrypted, what should not be encrypted, how that encryption should function, uh and how this encryption enhances the business value is what we need to ascertain. So, the knowledge here that it will be required is what protocols you want to encrypt. For that, you first need to identify which protocols you're going to consume, what data is going to be transmitted over that protocol, how valuable that data is to your organization and then you're going to add encryption or cryptography on top of it to prevent any attacks from hackers. And then securing DNS servers. DNS is a domain name server, which is basically an index that maps your domain names to your IP addresses. Now, on the internet, computers do not know domain names, they only they can only identify IP addresses and MAC addresses. So, when we type in, let's say google.com on our browser, the computer doesn't know what google.com is. What it does is, it sends the packet to the DNS server and in the DNS server it queries where google.com is located. It is given the corresponding IP address because of which the packet then goes to the relevant server. There are attacks where a DNS can be compromised and the pointer pointing to your particular website can be changed to point to a malicious server that a hacker is hosting. So, to prevent that from happening, you need to secure your DNS servers. So, with these kind of attacks and the kind of defense mechanisms we have seen, let's see how do we become a cyber security expert. So, essentially, who is a cyber security expert? A cyber security expert is an individual employed by an organization to protect their infrastructure. Right? So, this person is responsible to identify potential flaws, identify what threats the organization faces and then streamline or create or design or architect a methodology which is going to protect all the assets that the organization has. So, this is going to happen through a variety of techniques, such as finding weaknesses. So, vulnerability management where you run vulnerability scanners, identify potential flaws in the organizations infrastructure, could be applications, could be servers, could be desktops, could be operating systems, uh could be anything, could be network based flaws as well. And then you're going to monitor these systems, you're going to look at uh the data flow that is going through the internet, through the network, through the intranet rather, and then you're going to check if there is anything malicious going on in that network. So, over these techniques, you basically going to monitor it on a day-to-day basis on a regular basis and you're going to try to identify if anything out of the ordinary is happening. Right? After you find weakness, you're going to test those weaknesses to identify the complexity of those weaknesses, to validate those weakness actually exist and then you're going to repair them, you're going to patch them, you're going to install updates or you're going to install mechanisms like firewalls or antivirus to mitigate those uh weaknesses and you're going to uh thus resulting in strengthening the areas where an attack may have occurred. Let's see the domains in cyber security. Now, when we say domains in cyber security, in the previous slide we were discussing where these attacks may happen, like applications, infrastructure, network. So, let's see these domains in details. Asset security. Now, when we say assets, assets could be applications, could be networking devices, could be computers, could uh could be routers, uh could be wireless access points, uh and these uh all these devices have their own operating systems, they have their own functionality and it is important that we look at the security of each and every asset that the organization owns. Security architecture and engineering. Now, not everyone can just walk in an organization uh and then say, let's start implementing a implementing security in a particular manner. We have to standardize the security in such a way where the security is constant for a long period of time and is consistent. Right? So, for that to happen, there is an architecture, an engineering phase where you're going to create a plan of how this security needs to be implemented. For example, if I determine to install a particular antivirus, I have to ensure that the same antivirus is installed on all the systems in the organization. I cannot have different kind of antiviruses installed uh that do not talk to each other or do not report properly to the proper owner. So, we have to create policies, procedures and we have to implement them in a standardized manner for our security to work properly. Communication and network security. Now, with cloud computing coming in and hybrid clouds happening where you've got a deployment of a physical infrastructure talking to something that is on the cloud, let's say AWS or Microsoft Azure, right? And data flows are happening globally these days, uh you have to be very careful how these data are going to be transmitted across the network. Thus, you have to create those paths and ensure that those paths are monitored properly, are regulated properly and do not have any data leakages. Similarly, identity and access management, who is accessing my data, are they authorized to access my data and if yes, how am I going to authenticate them? How am I going to track them, how am I going to hold them accountable for whatever they have done? Even if a person is authorized to do something, we have to hold him accountable for that activity so that if something something happens later on, we can identify who made that change. So, the identity and access management module will consist of us creating groups, policies, users, roles and interlinking them with the assets to ensure that only authorized people are able to access those devices. Security operations. On a day-to-day basis, we need to monitor the security of the organization. For example, if today I start facing a denial of service attack or somebody starts a password attack on my organization where they're trying to crack somebody's password. There should be some internal mechanisms that are in place which will try to identify these attacks, warn the appropriate administrator and that administrator will walk in and try to investigate that attack. So, day-to-day operations are a must. Security assessment and testing. Now that we are all have these mechanisms in place, are they going to remain constant for the rest of our lives? No. IT is an ever evolving scenario. So, we need to assess and test our security controls on a regular basis to ensure that there are no gaps left. What I configure today may be irrelevant tomorrow. So, I have to constantly keep on looking at the latest security trends, the latest vulnerabilities that are being identified, the patches that are being installed and have to compare my infrastructure to all of these to see that I am compliant with the latest security standards. Software development security. So, if you're an organization who's developing software and who's going to sell that software to end users, security becomes a huge part because the end user or the buyer, if it is an organization, is going to ask what kind of security testing was done in that application. So, that brings us to a software development life cycle, which a life cycle which talks about how you're going to create that code, how you're going to test that code, ensure that the code is secure enough. So, you need to follow secure coding practices and you're going to test the software over and over again till you're satisfied with the outcome. And then security and risk management. Now, uh when we come to risks, risks are basically events that may occur, compromising the security of an organization. So, it is very important that we identify these risks, we map these risks, we verify how that risk is going to impact the business and then try to figure out security controls to mitigate that risk or bring it down to manageable aspects. So, that's a lot of talk, that's a lot of domains, that's a lot of attacks that we have discussed. Now, let's see what kind of courses and certifications are available for us to enhance our careers and address all of these domains, all of these attacks. So, starting off from a technical perspective where we are going to look at ethical hacking or security where we're going to assess and do a vulnerability assessment and penetration test. There are certifications from CompTIA like Security+ or from EC-Council, which is the Certified Ethical Hacker training, which basically allows us to become vulnerability assessment and penetration testing experts. So, we'll be technically be testing each and every device and trying to hack those devices to see if that vulnerability is real and what can be attained out of that vulnerability. CISSP is very high level uh is a very high level certification that normally is considered as a management level certification. Right? So, just to get certified yourself, you need at least five years of experience in the IT security field. Uh this is where you get certified and you're basically a Chief Information Security officer where you're going to develop policies, procedures and security control mechanisms. And you're going to standardize the security policy of the entire organization. Then you've got the CISA or also known as the CISA, Certified Information Systems Auditor, it is from an organization called ISACA. Uh it's more on the system side where you're going to audit systems and you're going to verify that they are adhering to the policies that you have implemented. The CISM or SISM is the Certified Information Security Manager. This is again a project-based oriented approach where you're going to manage the security of an organization and you're going to look at all the daily operations of the security operation center and you're going to maintain and manage all of those functions overall. When we talked about risk assessment and risk strategy for that, we've got the C R I S C, which is the certified in risk and information systems control. Now, for these certifications, this is more on the business side of everything where you understand the business processes, you understand the business requirements and based on those business requirements, you compute the technical implementations of compute of computing powers that you have implemented and then you're going to compare how those technical aspects can be converted into a risk. For example, a vulnerability assessment identifies a possible SQL injection attack. Now, technically, it becomes technically, it becomes a big risk. However, which system is been being affected? If that system gets compromised, what kind of losses is the organization looking at? How much are they going to be what kind of losses the organization is looking at, are they looking at lawsuits from their customers, are they looking at penalties from regulatory authorities? So, that risk, that implied risk that this if this vulnerability is hacked, that is the aspect that you want to look at when you're looking at risk information and controls. Similarly, you have CCSP, this is uh a Certified Cloud Security professional certification. So, this is especially for people who want to deal with the cloud. Let it be a public cloud, a private cloud or a hybrid cloud. This certification gives you an architectural overview over different aspects of cloud and how you want to implement security in a cloud based scenario. So, simply learn offers all of these certifications with trainings from certified professionals. So, there's a master's program from Simplilearn which talks about becoming a cyber security expert, which includes all of these trainings. Once you have these kind of trainings and you get those certifications on your profile, that's where you're basically a cyber solutions, a cyber security expert and uh you'll be designing and developing security policies, structures, architectures for various organizations and helping them enhance the security of their infrastructure. So, let's see what we have talked about during this entire video. First, what is cyber security and its advantages? We have talked about the confidentiality, integrity and availability triad and we have talked about the threats that pose for the CIA triad, motives behind cyber crimes. Uh we have seen what motivates people to attack other computer systems and steal data from it. We have talked about types of hackers and cyber security experts, so we've talked about white hat, black hat and gray hat hackers. There are other types that we have talked about as well. We have looked at the domains that are available in cyber security and the courses and certifications that can be mapped with this domain. So, this is what what we what we have discussed within this session. Uh if you have any further queries, please go ahead and post them in the comment section and we'll try to address them as soon as possible. Thank you. Hi there. If you like this video, subscribe to the Simply Learn YouTube channel. And click here to watch similar videos. To nerd up and get certified, click here.
