Cybersecurity Protection Measures
1. Access Control & Authentication
The first line of defense is ensuring only authorized users can access the system.
Using unique strings or physical traits (Fingerprints, FaceID) to verify identity.
Requirement: Passwords should be "strong" (mixed case, symbols, numbers).
Requires two forms of identification: Something you know (password) and Something you have (a code sent to your phone).
2. Network Defenses
Monitors incoming and outgoing traffic. It blocks data packets that do not meet specific security criteria.
- Prevents unauthorized access.
- Can block specific IP addresses or ports.
Acts as an intermediary. It hides the user's real IP address from the web and can filter out malicious websites before they reach the user.
3. Data Protection: Encryption
If data is stolen or intercepted, Encryption ensures the thief cannot read it.
How it Works
Plaintext is converted into Ciphertext using an algorithm and a "Key."
Symmetric Encryption: Uses the same key for both encrypting and decrypting. (Risky to share the key).
Asymmetric Encryption: Uses a Public Key to encrypt and a Private Key to decrypt. (Much more secure for the Internet).
4. Software Defense
Scans files against a database of known "Signatures" of malware. If a match is found, the file is quarantined or deleted.
Software developers release "patches" to fix security holes (vulnerabilities) discovered in their programs. Keeping software updated is vital.
5. Human Defenses
Since many attacks target humans (Social Engineering), education is the best defense:
- Don't click: Links in suspicious emails.
- Verify: Check the URL of a website before entering data (look for the padlock 🔒).
- Privacy Settings: Limit what you share on social media.