Scribd
Upload
14 views4 pages

Cyb 113 Lecture 1

The document discusses the human factor in cybersecurity, emphasizing how human actions and vulnerabilities can significantly impact security. It outlines various categories of cybersecurity, types of threats, and common cybercrimes, while highlighting the importance of human behavior in cybersecurity incidents. Additionally, it provides safety tips for individuals and businesses to protect against cyberattacks.

Uploaded by

Roseline Idowu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
14 views4 pages

Cyb 113 Lecture 1

The document discusses the human factor in cybersecurity, emphasizing how human actions and vulnerabilities can significantly impact security. It outlines various categories of cybersecurity, types of threats, and common cybercrimes, while highlighting the importance of human behavior in cybersecurity incidents. Additionally, it provides safety tips for individuals and businesses to protect against cyberattacks.

Uploaded by

Roseline Idowu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Human Factor in Cybersecurity

LECTURE ONE
Introduction, Definition, Roles, Challenges and Examples in Cybersecurity

Defining the Human Factor

o The term refers to how people's actions, or inactions, can impact security.

o Unlike technical flaws that can be patched, human vulnerabilities are complex and
can be exploited by manipulating behavior.

Cybersecurity is the discipline of protecting and preventing network systems, devices, and
data against unauthorized access or illegal, malicious use to preserve its confidentiality, integrity,
and availability.

Cybersecurity is the practice of protecting systems, networks, and programs from digital
attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive
information; extorting money from users through ransomware; or interrupting normal business
processes.

Cybersecurity is widely recognized as a major global threat with significant impacts on all
sectors of society, including industry, federal agencies, individuals, and public and private
organizations.

Why Humans are Vulnerable

o Cognitive Biases: People use mental shortcuts (heuristics) to make rapid


decisions, which can lead to systematic errors. Attackers exploit these biases.

o Misinformation and Lack of Awareness: A lack of knowledge about cyber risks


can lead individuals to make poor decisions.

o Trust and Empathy: Attackers can capitalize on people's natural inclination to


trust or their empathy to manipulate them.

Categories of Cybersecurity

i. Network security is the practice of securing a computer network from intruders


whether targeted attackers or opportunistic malware.
ii. Application security focuses on keeping software and devices free of threats. A
compromised application could provide access to the data its designed to protect.
Successful security begins in the design stage, well before a program or device is
deployed.
iii. Information security protects the integrity and privacy of data, both in storage and in
transit.
iv. Operational security includes the processes and decisions for handling and
protecting data assets. The permissions users have when accessing a network and the
procedures that determine how and where data may be stored or shared all fall under
this umbrella.
v. Disaster recovery and business continuity define how an organization responds to
a cyber-security incident or any other event that causes the loss of operations or data.
Disaster recovery policies dictate how the organization restores its operations and
information to return to the same operating capacity as before the event. Business
continuity is the plan the organization falls back on while trying to operate without
certain resources.

Types of threats countered by cyber-security


1. Cybercrime includes single actors or groups targeting systems for financial gain or to
cause disruption.

2. Cyberattack often involves politically motivated information gathering.

3. Cyberterrorism is intended to undermine electronic systems to cause panic or fear.

As the world becomes increasingly digital and interconnected, protecting against cyber threats
becomes paramount to the smooth functioning of daily operations.
Cybercrimes are malicious acts that attempt to breach information and damage or disrupt digital
life. Cybercrime can occur in various forms:
i. Phishing: is when cybercriminals target victims with emails that appear to be from a
legitimate company asking for sensitive information. Phishing attacks are often used
to dupe people into handing over credit card data and other personal information.
ii. Malware: means malicious software. One of the most common cyber threats,
malware is software that a cybercriminal or hacker has created to disrupt or damage a
legitimate user’s computer. Often spread via an unsolicited email attachment or
legitimate-looking download, malware may be used by cybercriminals to make
money or in politically motivated cyber-attacks.
There are a number of different types of Malwares, including:
- Virus: A self-replicating program that attaches itself to clean file and
spreads throughout a computer system, infecting files with malicious code.
- Trojans: A type of malware that is disguised as legitimate software.
Cybercriminals trick users into uploading Trojans onto their computer
where they cause damage or collect data.
- Spyware: A program that secretly records what a user does, so that
cybercriminals can make use of this information. For example, spyware
could capture credit card details.
- Ransomware: Malware which locks down a user’s files and data, with the
threat of erasing it unless a ransom is paid.
- Adware: Advertising software which can be used to spread malware.
- Botnets: Networks of malware infected computers which cybercriminals
use to perform tasks online without the user’s permission.
- SQL injection: An SQL (structured language query) injection is a type of
attack used to take control of and steal data from a database. This gives
them access to the sensitive information contained in the database.
- Man-in-the-middle attack: A man-in-the-middle attack is a type of cyber
threat where a cybercriminal intercepts communication between two
individuals in order to steal data.
- Denial-of-service attack (DOS): A denial-of-service attack is when
cybercriminals prevent a computer system from fulfilling legitimate
requests by overwhelming the networks and servers with traffic. This
renders the system unusable, preventing an organization from carrying out
vital functions.
Human behavior is generally inconsistent, meaning many factors can influence individuals’
behaviors, making it difficult to predict and manage. It is imperative to consider human
behaviors critical for cybersecurity plans and procedures.
Therefore, Human factors have been identified as the primary area of vulnerability in
cybersecurity and it is estimated that 90% of cybersecurity incidents are caused by human error.
Trust and Integrity is a significant factor that heavily influences human behavior.
Building trust in these cultures tends to be more of a cognitive process.
Cyber safety tips to protect businesses and individuals against cyberattacks

1. Update your software and operating system: This means you benefit from the latest
security patches.
2. Use anti-virus software: Security solutions like Kaspersky Premium will detect and
removes threats. Keep your software updated for the best level of protection.
3. Use strong passwords: Ensure your passwords are not easily guessable.
4. Do not open email attachments from unknown senders: These could be infected with
malware.
5. Do not click on links in emails from unknown senders or unfamiliar websites: This is a
common way that malware is spread.
6. Avoid using unsecure WiFi networks in public places: Unsecure networks leave you
vulnerable to man-in-the-middle attacks.

You might also like