How To Sign California Banking PDF

How to industry sign banking california pdf computer

hi good morning everyone and welcome to the video on introduction to cyber security my name is bibin kulkarni and we'll be discussing what exactly cyber security is and how it affects our day-to-day work lives but before we begin with the details of cyber security let's consider this as an example in an office one day quinn who is following his daily routine working on his computer trying to crunch the numbers work his data through but in the background without his knowledge there is a hacker who is trying to access the confidential files located on quinn's computer through a vulnerability the hacker is able to access those files and he or she then transfers those files back to the hacker's computer so what can happen due to this legal ramifications to the business loss of company secrets leakage of information uh maybe industrial espionage which basically means a competitor is trying to analyze a company a company's secrets and trying to gain access to their data or they could hold the company for ransom and ask them for money or sell it to criminals who can further dilute the information or misuse that information for the criminal activities anything is possible so it's a very bad scenario if a hacker gets access to the company secrets so what is it that we're going to discuss in this video to start off with we're going to talk about what is cyber security then we are going to talk about why cyber security is necessary in today's world how does it work who is a cyber security expert what are the skills required and of course what the courses and certifications required from an individual to be called a cyber security expert so let's begin with the first one what is cyber security cyber security by itself is a process a design and architecture created to protect networks and devices from attacks damage or unauthorized access so the advantages of cyber security are that you want to protect your business like in the previous example we just talked about an individual and his files being accessed what if company server got compromised or their web applications got compromised and the databases leaked out so we want to protect our businesses from hackers which will result in increased productivity because people would then be in a very controlled environment concentrating more on their work than worrying about cyber criminals it would inspire considerable confidence uh where if i as an organization i'm going to audit myself i'm going to ensure that i'm complying to certain regulations my clients would feel more confident about sharing their information with me as an organization it will help me making my applications and websites more stable protect them from external threats and would also protect my customers or clients from cyber attacks because i would be holding some amount of data for my customers and clients as well so i have to think about not only my organization the data that my organization owns but what i held or what i hold for my customers and clients as well so essentially what we want to achieve out of here is a design which we want to implement in a manner which will allow all these factors to function in a standardized manner so why do we want this and what would be the advantages of implementing cyber security now first and foremost what is cyber security there are three main pillars of cyber security that we deal with since the inception of computers and they're known as the confidentiality integrity and availability triad also known as cia not to be confused with the american intelligence agency but here we're looking at three different pillars where we want our data to remain confidential the integrity of the data to be intact and the data to be made available at all points in time so let's talk about these three aspects the principle of confidentiality asserts that the information and functions can be accessed only by authorized parties so for example even if you password protect your file what is it that you're trying to do you're trying to prevent other users accessing your data and peeping into your files so that your data remains confidential it is only shared with people who know the password integrity this is where the trustworthiness of that data comes into the picture where if the data is going to be changed for example you have a spreadsheet which has a lot of information about users and their login activities and whatnot and you want to ensure that that data is not modified by any unauthorized user so you're going to verify that the information is correct and is not modified by anybody who is unauthorized the availability part ensures that this data is made available to all authorized users when and where they want it right the principles of availability assert that in systems functions and data must be available on demand according to agreed upon parameters based on levels of service now this is where your service level agreement should come in for example when we log on to gmail we always assume that gmail is going to work and it's going to be available online at no point in time or very few times has it ever occurred that you've gone on to the internet typed in gmail.com and the website is not available in fact if the website doesn't open we figure out the internet is not working right but gmail as a service is always made available now when we talk about threats to cia the confidentiality integrity and availability we talk about them in two different parameters cyber crime and hacking so what is cyber crime cyber crime is any criminal activity or any unauthorized activity that would involve the usage of any computing device which would result as a security incident at the victim's end most cyber crimes are carried out in order to profit from them criminals would try to do phishing attacks to steal your money out of your bank accounts or who try to con you into giving out your credentials thus compromising your email accounts or your social media accounts and try to gain access to your identity cyber crimes are generally carried out against computers or devices directly to damage or disable them spread malware secret and steal secret information etc so this talks about the motivation part of cyber crimes what would be the motivational aspect for a person to conduct such an activity right so basically to cause damage like wannacry happened in 2017 the perpetrators those those used wannacry probably gained a lot in the ransom that they demanded for that data to be decrypted but it also cost the world a lot of money in profits that were lost so let's talk about types of cyber crime the first type is a computer assisted crime where the computers are used as tools to assist a particular crime for example frauds or online bank hijacking where hackers hack into a bank and digitally steal money from a bank now this could have happened without the help of computers as well but here computer assisted the crime and hence it would fall under the computer-assisted crime section the second part is where the computer itself was a target of a crime for example a denial of service attack or viruses which rendered the computer useless or sniffing of data packets on the network thus compromising passwords and other confidential information the third is a computer which is incidental to the crime so here the computer was used as a temporary measure to store some data such as child pornography or some other some other data which made the computer incidental to the crime all right let's look at a business scenario for cyber security there is a quiz at the end so please listen up and pay attention there's this company called stock industries and one day most of the employees have started reporting that their systems have either crashed or have started hanging so the id security team comes in does the investigation tries to find out what uh what exactly went wrong and they have identified that an employee has clicked on a suspicious link now these links could either be received as an email or via an email through social media like facebook or somebody sending out a skype chat and attachments within skype now once a user clicks on these links these links are designed to redirect the connection that the computer is going to make to a malicious server hosted by the hacker and it supposedly downloads a malicious file or some scripts and executes them on the victim's machine once executed the scripts or the content within these files maybe the content could be a virus or a trojan these will start executing themselves and start infecting machines and start basically behaving the way they have been programmed to behave in this scenario a lot of users started reporting that their machine started crashing or the systems hanged now the security team scanned all the systems and blocked facebook and skype on all machines until further orders now this is a preventive mechanism where you're going to prevent possible attacks of future attacks from coming in so the reaction of the security team here is to block those sites from where the attack may have happened the question to you at this point in time is what type of computer crime is being referred to in this scenario is it a computer assisted crime computer as a target crime or computer incidental to the crimes so please post your answers in the comment sections below and we'll respond back to you about your answers now let's go a little bit further and see what would motivate people for committing such cyber crimes right the first and foremost motive is disrupting business continuity others would be looking at data theft or information theft and manipulating that data to gain from that data so if i'm able to access your computer and steal some data that has some value to you and sell it or make it public you would be at a financial loss because that data no longer has any value creating fear and cures by disrupting critical infrastructure for example a company's infrastructure crashes the services are no longer being offered by that organization and people start panicking uh start fearing an attack bike cyber criminals and it leads to chaos financial loss to the target which is very obvious if i do a denial of service attack or if i make a service and a variable from an organization what is going to happen is since that that service is not functioning the company is not going to make any money out of it and that's going to suffer a financial loss achieving states military objectives a one country spying on another country trying to gather information about their military intelligence military activities or any other activities that can harm the original country demanding ransom hackers can encrypt your data and then demand a ransom from you in lieu of decrypting the data again damaging reputation of a target impersonating a user on the social media platforms making false statements thus damaging the reputation of that person and propagating religious or political beliefs religious fanatics promoting whatever cultures that they want to promote trying to gain more followers thus bringing more unrest to the world any of these could become motives for cyber crime in fact it could be just a script kitty where people are trying to learn about hacking and uh they just start hacking for fun they might not even have a motive for making a profit out of it maybe it just thrills them so that they are able to showcase their skills and that's why they do a cyber crime so which brings us to the next topic where we talk about types of hackers this will allow us to identify what kind of attacks are also possible on a particular organization as far as motives are concerned so the basic types let's start off with the black hat hacker individuals with extraordinary competing skills resorting to malicious or destructive activities these are your criminal hackers who try to profit from their crimes and they will have a malicious intent in trying to hack a victim organization the grey hats are individuals who work both offensively and defensively what does that mean they could work as black hat hackers with malicious intent and try to harm some organization while on the other hand they would also try to work as a security analyst and try to enhance the security posture of an organization for a remuneration third one which is white hat which is what we want to be or what we want to achieve ourselves as an individual who professes the same skills as a black hat hacker probably uses the same tools has the same kind of knowledge but the intent is different they're going to use them for defensive purposes uh there's no malicious intent they act with author authorization from the organization and they will try to detect any flaws and try to plug out those flaws so that black hat hackers would not be able to misuse those flaws to gain access suicide hackers now individuals who aim to bring down critical infrastructure for a cause and are not worried about facing jail terms or any other punishment so any people uh or any organization or a group of people for example anonymous or these kind of organized hackers they have a political cause or a social cause that they want to promote and they do this by hacking critical infrastructure of organizations bring it down defacing their website now why would these not be classified as blackhead hackers the main difference between blackhead hackers and suicide hackers is that blackhead hackers will try to hide their identity they will always have a fake identity that they will utilize and try to hide behind it whereas suicide hackers will claim responsibility for the attacks that they have done and will post about it they will not be worried about facing repetitions for the attacks that they have done the script kitty a script kid is an unskilled hacker who compromises systems by running scripts tools and software's already developed and already made available by real hackers so these guys have very minimal technical knowledge they have no idea how that attack works they're just going to use an automated tool click on a few buttons and hope that the attack succeeds a cyber terrorist individual with wide range of skills motivated by religious or political beliefs to create fear by large scale disruption of computer networks we could talk about organizations like isis who have a lot of digital propaganda that they use and target weak-minded people to join their causes or people who spread ransomware who who terrorize organizations and hold them to ransom and demand money from them by encrypting their data state-sponsored hackers individuals employed by the government to penetrate and gain top secret information and to damage information systems to other governments the best example would be the cyber wars that are going on these days most of the organizations most of the countries nowadays would have a secret cyber cell consisting of highly skilled hackers who are interested with the task of spying on the enemies and trying to gather information by hacking into their infrastructure now it is not going to be a legit job it will always be masked by a legit organization but this is uh this does happen hacktivism individuals who promote a political agenda by hacking especially defacing or disabling websites the difference between suicide hackers and hacktivism is suicide hackers have a social cause that they want to promote hacktivists would have a political agenda and they're going to deface websites and they're going to promote their agenda by defacing such websites alright so let's talk about some common attacks in cyber security the most common attack ever seen in today's world is a denial of service attack so this is where the hacker tries to consume the resources of the victim server in such a way that there are no resources available for legitimate users to connect to the server and conduct their business other attacks that you will face would be malware attacks where there would be a malicious software that would deliver a trojan virus or a worm to the victim thus infecting the victim's machine and rendering it useless a man in the middle attack where the hacker would put himself in between your machine and the router and start sniffing data packets that you are sending thus trying to compro ise information contained within those packets so the phishing attack is where a hacker will send a seemingly legitimate looking message to you an email let's say uh asking you to perform certain actions uh where the hacker would be impersonating another organization and you fall prey to that and end up giving your confidential information a drive by attack cross-site scripting attacks where web applications get compromised and scripts are embedded within those applications or within commands that are sent out by the users password attacks where your hackers try to compromise the passwords of users by cracking them based either on brute force dictionary based attacks or password guessing eavesdropping attacks this could be physical in nature where somebody overhears what you're saying or tries to capture data packets that contain your voip transmissions let's say you're assuming you're making a skype or a link based call sql injection attacks where again attackers will target your database try to send in malicious queries which will compromise your database and the data within but the attacks it is based uh on cryptography uh where there are where you're looking at permutations and combinations of how algorithm functions and then you're looking at the permutations on how many times the processing needs to be done for that algorithm to be reversed so these are some of the most common attacks in cyber security now uh these more than attacks would be threats that you're going to face there would be various different methods that these attacks can be launched and that's where the cyber security expert comes in with their knowledge of identifying what exactly is a threat to the organization and how they are going to prevent that from happening but more on that a little bit later let's look at the history of cyber crime so as you can see this graph shows us how cyber crime has progressed over the years in 1990s mnc database pentagon and ibm were hacked in night again in 1990s national crackdown on criminals microsoft nt operating system pierced so uh this is where hacking started becoming more mainstream right before this hacking was very much limited to organizations who used computers but in the late 80s internet happened and then we had e-commerce coming in which basically led to our online retail stores online banking and online data stores as well which then led to criminals hijacking this data or hijacking your money and trying to steal it on the internet itself in 2001 cyber criminals launched attacks against ebay yahoo cnn amazon and other organizations 2007 this was where one of the biggest bank hacks had happened swedish bank nadia they recorded at least a million dollars being stolen in three months from 250 accounts 2013 adobe had 2.9 million accounts compromise and their usernames and passwords released on the open internet in 2016 kaspersky one of the leading antivirus providers to the world reported around 758 million malicious attacks that occurred which they identified themselves these are some of the most famous faces in cyber security or earlier cyber crime in 1988 robert morris uh he's an american computer scientist and entrepreneur he's best known for creating what is called the morris worm and this was way back in 1988 and this is the first computer worm that has been identified on the internet kevin lee or kevin lee polson in 1990 uh he was accused of hacking into a los angeles los angeles radio station called kis hyphen fm where there was a contest going on and if you're a particular number of caller and give a correct answer you're supposed to win a porsche 944 and he hacked the those telephone lines ensuring that he became that particular person and answered the question correctly uh it was later on revealed that this actually happened he was jailed for it then comes david smith david smith he created the melisa virus now melissa virus one of the most dynamic viruses known around march 1999 that's when this happened this virus was released and this was a macro based virus which affected microsoft world and outlook based files adam bought bill in 2004 he's also an american computer hacker from michigan he gained unauthorized access to love's computer corporate computer network via an open unsecured wireless access points uh now these access points back then were not that much secured uh the these people were able to identify it what they tried to attempt by doing that was gain access to the company's network and install the software which would then help them capture credit card information of that organization right and this was later on identified as well and he was prosecuted for that crime and got jailed just a matter of trivia kevin lee polson he was one of the first people found guilty and was banned from using computers and the internet for three years after his release in today's world we cannot even imagine living without the internet this guy lived for three years without it now let's see how cyber security works uh it's all about securing a computer and there are various methodologies there are various factors that come in on how you're going to secure uh various aspects of the same computer we start off by authentication mechanisms what is authentication authentication is the part where you're going to identify a person authorize that person for some access controls and authenticate that person to ensure that the person is the same person who they claim to be so here you start off with a username and you associate a password with it the username is used to identify the account that the person wishes to access the password is the authentication mechanism to prove that the person is who they are now here you may want to enhance the authentication mechanism by using a two-way authentication mechanism for example with banks when you type in the username and password they send an otp or a one-time password which is auto-generated by a server and sent to a registered device that the person owns for example a cell phone so that's one added layer of security where you're not only relying on the password which can be cracked but you're relying on a third-party device as well which the person needs to have physical access to where they're going to receive the otp and then they're going to import it every time they try to log in a new otp will be generated securing your passwords just having a password may not be sufficient you have to ensure that the password meets some complexity standards to ensure that the security of those passwords or the complexity of that password is high enough where cracking programs will not be able to easily crack the password regular updates all the operating systems or the applications that you use will be receiving regular updates could be for functionality but more for security so as new vulnerabilities in applications or operating systems are found out the software vendors are the developers of those softwares over a period of time start sending out these updates also called patches to the end users it is very important for the end users to identify these security patches and install them on their devices as soon as possible else they remain open for those vulnerabilities and unpatched systems that thus can easily be hacked usage of an anti-virus to protect yourself from viruses worms trojans essentially malwares there needs to be a software that need that's installed on your computer that is going to watch out for them you cannot rely on the operating system itself to protect you so there has to be an antivirus which will be scanning the connections that you are making the websites that you will be visiting the files that are getting executed in the background and ensure that everything that is happening is legit installing a firewall on a system or a server a firewall essentially is a software or a hardware that allows or disallows some functionality for example a port to be opened or closed or a service to function on a computer or not function on a computer thus what you're trying to do here by disabling unwanted services is you're limiting the threat landscape that you're creating for your computer if a service doesn't exist on your computer it cannot be hacked so the essence here is first identify which ports you'll be using which services you will be using and then create a policy on the firewall to ensure that only required ports and services are running no phishing so phishing as we said could be a malicious website that is being hosted by a hacker the hacker sending you a fake mail looking like a genuine email asking you to connect to that particular server and fooling you into you giving that confidential information to the hacker so you should either the antivirus or an addition to that would have a anti-phishing toolbar which would identify the websites that you're visiting and give you the risk rating of that website uh giving you an idea whether this website was ever reported as a phishing website or not cryptography encryption the best way to keep everything secure is to encrypt it however what kind of encryptions are required what should be encrypted what should not be encrypted how that encryption should function uh and how this encryption enhances the business value is what we need to ascertain so the knowledge here that will be required is what protocols you want to encrypt for that you first need to identify which protocols you're going to consume what data is going to be transmitted over that protocol how valuable that data is to your organization and then you're going to add encryption or cryptography on top of it to prevent any attacks from hackers and then securing dns servers dns is a domain name server which is basically an index that maps your domain names to your ip addresses so the domain name system is an index that maps your domain names to your ip addresses now on the internet computers do not know domain names they only they can only identify ip addresses and mac addresses so when we type in let's say google.com on our browser the computer doesn't know what google.com is what it does is it sends the packet to the dns server and in the dns server it queries where google.com is located it is given the corresponding ip address because of which the packet then goes to the relevant server there are attacks where a dns can be compromised and the pointer pointing to your particular website can be changed to point to a malicious server that a hacker is hosting so to prevent that from happening you need to secure your dns servers so with these kind of attacks and the kind of defense mechanisms we have seen let's see how do we become a cyber security expert so essentially who is a cyber security expert a cyber security expert is an individual employed by an organization to protect their infrastructure right so this person is responsible to identify potential flaws identify what threats the organization faces and then streamline or create or design or architect methodology which is going to protect all the assets that the organization has so this is going to happen through a variety of techniques such as finding weaknesses so vulnerability management where you run vulnerability scanners identify potential flaws in uh the organization's infrastructure could be applications could be servers could be desktops could be operating systems uh could be anything could be network-based flaws as well and then you're going to monitor these systems you're going to look at the data flow that is going to the internet through the network to the intranet rather and then you're going to check if there is anything malicious going on in that network so over these techniques you're basically going to monitor it on a day-to-day basis on a regular basis and you're going to try to identify if anything out of the ordinary is happening right after you find the weakness you're going to test those weaknesses to identify the complexity of those weakness to validate those weakness actually exist and then you're going to repair them you're going to patch them you're going to install updates or you're going to prevent you're going to install mechanisms like firewalls or antiviruses to mitigate those weaknesses and you're going to thus resulting in strengthening the areas where an attack may have occurred let's see the domains in cyber security now when we say domains in cyber security in the previous slide we were discussing where these attacks may happen like applications infrastructure network so let's see these domains in details asset security now when we say assets assets could be applications could be networking devices could be computers could be routers it could be wireless access points uh and these uh all these devices have their own operating systems they have their own functionality and it is important that we look at the security of each and every asset that the organization owns security architecture and engineering now not everyone can just walk in an organization and then say let's start implementing is uh in implementing security in a particular manner we have to standardize the security in such a way where the security is constant for a long period of time and is consistent right so for that to happen there is an architecture an engineering phase where we are going to create a plan of how the security needs to be implemented for example if i determine to install a particular antivirus i have to ensure that the same antivirus is installed on all the systems in the organization i cannot have different kind of antiviruses installed that do not talk to each other or do not report properly to the proper owner so we have to create policies procedures and we have to implement them in a standardized manner for our security to work properly communication and network security now with cloud computing coming in and hybrid clouds happening where you got a deployment of a physical infrastructure talking to something that is on the cloud let's say aws or microsoft azure right and data flows are happening globally these days uh you have to be very careful how these data are going to be transmitted across the network thus you have to create those paths and ensure that those parts are monitored properly are regulated properly and do not have any data leakages similarly identity and access management who is accessing my data are they authorized to access my data and if yes how am i going to authenticate them how am i going to track them home how am i going to hold them accountable for whatever they have done even if a person is authorized to do something we have to hold them accountable for that activity so that if something something happens later on we can identify who made that change so the identity and access management module will consist of us creating groups policies users roles and interlinking them with the assets to ensure that only authorized people are able to access those devices security operations on a day-to-day basis we need to monitor the security of the organization for example if today i start facing a denial of service attack or somebody starts a password attack on my organization where uh they're trying to crack somebody's password there should be some internal mechanisms that are in place which will try to identify these attacks one the appropriate administrator and that administrator will walk in and try to investigate that attack so day-to-day operations are a must security assessment and testing now that we are all have these mechanisms in place are they going to remain constant for the rest of our lives no i.t is ever evolving scenario so we need to assess and test our security controls on a regular basis to ensure that there are no gaps left what i configure today may be irrelevant tomorrow so i have to constantly keep on looking at the latest security trends the latest vulnerabilities that are being identified the patches that are being installed and i have to compare my infrastructure to all of these to see that i am compliant with the latest security standards software development security so if you're an organization who's developing software and who's going to sell that software to end users security becomes a huge part because the end user or the buyer if it's an organizat on is going to ask what kind of security testing was done in that application so that brings us to a software development life cycle which a life cycle which talks about how you're going to create that code how you're going to test that code ensure that the code is secure enough so you need to follow secure coding practices and you're going to test the software over and over again till you're satisfied with the outcome and then security and risk management now uh when we come to risks risks are basically events that may occur compromising the security of an organization so it is very important that we identify these risks we map these risks we verify how that risk is going to impact the business and then try to figure out security controls to mitigate that risk or bring it down to manageable aspects so that's a lot of talk that's a lot of domains that's a lot of attacks that we have discussed now let's see what kind of courses and certifications are available for us to enhance our careers and address all of these domains all of these attacks so starting off from a technical perspective where we are going to look at ethical hacking or security where we are going to assess and do a liberty assessment and penetration test there are certifications from compchia like security plus or from ec council which is the certified ethical hacking training which basically allows us to become vulnerability assessment and penetration testing experts so we'll be technically testing each and every device and trying to hack those devices to see if that vulnerability is real and what can be attained out of that vulnerability cissp is very high level is a very high level certification that normally is considered as a management level certification right so just to get certified yourself you need at least five years of experience in the i.t security field uh this is where you get certified and you're basically a chief information security officer where you're going to develop policies procedures and security control mechanisms and you're going to standardize the security policy of the entire organization then you've got the cisa or also known as the csa certified information systems auditor it is from an asaka it's more on the system side where you're going to audit systems and you're going to verify that they are adhering to the policies that you have implemented the cism or system is a certified information security manager this is again a project-based oriented approach where you're going to manage the security of an organization and you're going to look at all the daily operations of the security operations center and you're going to maintain and manage all of those functions overall when we've talked about risk assessment and risk strategy for that we've got the ca crisc which is a certified in risk and information systems control now for these certifications this is more on the business side of everything where you understand the business processes you understand the business requirements and based on those business requirements you compare the technical implementations of compute of computing powers that you have implemented and then you are going to compare how those technical aspects can be converted into a risk for example a vulnerability assessment identifies a possible sequel injection attack now technically it becomes technically it becomes a big risk however which system is are being affected if that system gets compromised what kind of losses is the organization looking at how much are they going to be what kind of losses the organization are looking at are they looking at lawsuits from their customers are they looking at penalties from regulatory authorities so that risk that implied risk that this if this vulnerability is hacked that is the aspect that you want to look at when you're looking at risk information and controls similarly you have ccsp this is a certified cloud security professional certification so this is especially for people who want to deal with the cloud uh let it be a public cloud a private cloud or a hybrid cloud this certification gives you an architectural overview over different aspects of cloud and how you want to implement security in a cloud-based scenario so simplylearn offers all of these certifications with trainings from certified professionals so there's a master's program from simplylearn which talks about becoming a cyber security expert which includes all of these trainings once you have these kind of trainings uh and you get those certifications on your profile that's where you're basically a cyber solutions or cyber security expert and you'll be designing and developing security policies structures architectures for various organizations and helping them enhance the security of their infrastructure so let's see what we have talked about during this entire video first what is cyber security and its advantages we have talked about the confidentiality integrity and availability triad and we have talked about the threats that are posed for the cia triad motives behind cyber crimes we have seen what motivates people to attack other computer systems and steal data from it we have talked about types of hackers and cyber security experts so we've talked about white hat black hat and grey hat hackers there are other types that we have talked about as well we have looked at the domains that are available in cybersecurity and the courses and certifications that can be mapped with these domains so this is what uh what we have discussed within this session uh if you have any further queries please go ahead and post them in the comment section and we'll try to address them as soon as possible with this i thank you for going through this entire video and again i'll wait for your comments and i'll respond respond back as soon as possible thank you hi there if you like this video subscribe to the simply learn youtube channel and click here to watch similar videos turn it up and get certified click here