OVERVIEW OF

CYBERSECURITY
BY

VIVEK ARORA
IMPORTANCE OF CYBERSECURITY IN
TODAY’S DIGITAL WORLD
• In the modern digital age, cybersecurity is more critical than ever.With the rapid expansion of
internet usage, cloud computing, and digital transformation, businesses and individuals face an
increasing number of cyber threats. Below are key reasons why cybersecurity is essential
today:
1. Protection Against Cyber Threats Cyberattacks such as malware, ransomware, phishing, and data
breaches have become more sophisticated. Effective cybersecurity measures help prevent
unauthorized access, data theft, and financial losses.

2. Safeguarding Personal and Sensitive Data With businesses and individuals storing vast amounts of
sensitive information online, including financial records, personal details, and intellectual property,
cybersecurity ensures that this data remains protected from hackers and cybercriminals.
3. Business Continuity and Reputation Management
A cyberattack can disrupt business operations, leading to downtime, financial loss, and reputational damage.
Strong cybersecurity strategies help organizations maintain continuity and gain customer trust.

4. Compliance with Regulatory Requirements

Many industries must adhere to cybersecurity regulations such as GDPR, HIPAA, and CCPA. Compliance
ensures legal protection and helps businesses avoid heavy fines and legal actions.
GDPR (GENERAL DATA PROTECTION
REGULATION) – EUROPE
GDPR is a European Union (EU) regulation that came into effect on May 25, 2018, designed to enhance the privacy and
security of personal data of EU residents. It applies to any organization that processes or handles data of EU citizens, regardless of
where the company is located.
• Key Requirements:
User Consent – Organizations must obtain clear and explicit consent from users before collecting their data.
Right to Access & Erasure – Users can request access to their personal data and demand its deletion (Right to be
Forgotten).
Data Protection by Design – Companies must integrate security measures in their systems from the outset.
Breach Notification – Organizations must report data breaches to authorities within 72 hours.
Heavy Fines for Non-Compliance – Fines can be up to €20 million or 4% of annual global revenue, whichever is
higher.
• Who Must Comply?
Any business worldwide that processes the personal data of EU citizens.
Large companies, online services, and cloud-based businesses handling EU customer data.
Example: In 2023, Meta (Facebook) was fined €1.2 billion for violating GDPR by transferring user data to the U.S. without
adequate protections.
HIPAA (HEALTH INSURANCE PORTABILITY
ACCOUNTABILITY ACT) – USA
HIPAA is a U.S. law enacted in 1996 to protect sensitive health information (Protected Health Information - PHI) from being
disclosed without patient consent. It applies to healthcare providers, insurers, and any business handling medical data.
• Key Requirements:
Privacy Rule – Ensures that PHI is protected and limits its disclosure without patient consent.
Security Rule – Mandates safeguards for electronic PHI (ePHI), including encryption, access control, and audit logs.
Breach Notification Rule – Organizations must notify affected individuals and authorities in case of a data breach.
Business Associate Agreement (BAA) – Third-party vendors handling PHI must comply with HIPAA rules.
Fines for Violations – Non-compliance can lead to penalties ranging from $100 to $50,000 per violation, with annual fines
up to $1.5 million.
• Who Must Comply?
Healthcare providers (hospitals, clinics, doctors).
Health insurance companies.
Any business that stores, processes, or transmits patient health information (e.g., cloud storage providers, medical billing
companies).
Example: In 2023, a U.S. healthcare provider was fined $1.25 million for failing to secure patient data, which led to
unauthorized access.
CCPA (CALIFORNIA CONSUMER PRIVACY
ACT) – USA
CCPA is a U.S. state law that took effect on January 1, 2020, designed to protect California residents' personal information. It gives consumers greater
control over their data and imposes strict rules on businesses collecting personal information.

• Key Requirements:

Right to Know – Consumers can request details on what personal data is collected, used, or shared.
Right to Delete – Consumers can request deletion of their personal data.
Right to Opt-Out – Users can prevent companies from selling their personal information.
Non-Discrimination – Businesses cannot deny services or charge higher prices to users who exercise their CCPA rights.
Fines for Violations – Penalties can be up to $7,500 per intentional violation and $2,500 per unintentional violation.

• Who Must Comply?

Any business operating in California or handling personal data of California residents that meets one of the following criteria:

• Annual revenue exceeds $25 million

• Processes data of 100,000+ consumers

• Generates 50% or more revenue from selling personal data

Example: In 2022, Sephora was fined $1.2 million under CCPA for selling user data without proper disclosures or opt-out options.
Comparison of GDPR, HIPAA, and CCPA

HIPAA (USA - CCPA (USA -

Feature GDPR (EU)
Healthcare) California)
Protects health data Protects personal data
Scope Protects all personal data
(PHI) of CA residents
Healthcare providers & Any business meeting
Applies To Any business handling EU data
partners revenue/data thresholds
Right to access own Right to access, delete,
User Rights Right to access, correct, delete data
health records opt-out of data sales
Required, depending on Required in case of a
Breach Notification Required within 72 hours
severity data breach
Up to $7,500 per
Fines/Penalties Up to €20M or 4% of revenue Up to $1.5M per year
violation
5. Protection of Critical Infrastructure
Cybersecurity is vital in protecting national critical infrastructures like power grids, healthcare systems, financial institutions, and
government networks from cyber threats that could cause widespread disruption.

6. Prevention of Financial Losses

Cybercrimes cost businesses billions of dollars annually. Investing in cybersecurity minimizes the risk of financial losses due to fraud, data
breaches, and system downtime.

7. Growth of Remote Work and Cloud Computing

The shift to remote work and cloud-based systems has increased cyber risks. Organizations need strong cybersecurity policies, endpoint
protection, and secure access protocols to safeguard their digital assets.

8. Rise of IoT and Smart Devices

The growing use of Internet of Things (IoT) devices introduces new vulnerabilities. Cybersecurity measures ensure that connected
devices are secure and not exploited by hackers.
9. Protection Against Emerging Threats
With AI-driven cyberattacks and advanced persistent threats (APTs) on the rise, cybersecurity
strategies must evolve continuously to counter these new dangers.

10. Enhancing National Security

Cyber warfare and state-sponsored cyberattacks pose threats to national security. Governments and
organizations need to implement strong cybersecurity frameworks to defend against espionage and
cyberterrorism.
 RECENT CYBERSECURITY INCIDENTS UNDERSCORE THE CRITICAL
IMPORTANCE OF ROBUST DIGITAL DEFENSES IN TODAY'S
INTERCONNECTED WORLD. NOTABLE EVENTS INCLUDE:
1. U.S. Treasury Department Breach (December 2024): In December 2024, the U.S. Treasury
Department disclosed a significant cyber intrusion attributed to a state-sponsored actor from China.
The attackers exploited vulnerabilities in third-party software to access unclassified documents and
employee workstations. This breach highlights the vulnerabilities in supply chain security and the
need for stringent third-party risk management.

2. Healthcare Sector Under Siege (Throughout 2024): The healthcare industry faced a surge in
cyberattacks, with 567 data breaches exposing the health information of nearly 170 million
individuals.These incidents disrupted medical services and compromised sensitive patient data,
prompting U.S. regulators to propose stricter cybersecurity measures for healthcare providers. The
proposed regulations aim to enhance defenses but raise concerns among smaller providers about
compliance costs.
3. Telecommunications Targeted by Chinese Hackers (August 2024): A sophisticated hacking
campaign, attributed to China's "Salt Typhoon" group, compromised major U.S. telecommunications firms,
including Verizon and AT&T. Attackers accessed metadata of calls and text messages, affecting government
officials and private citizens.The FBI and the Cybersecurity and Infrastructure Security Agency (CISA)
have urged telecom companies to bolster their network security in response.

4. British Library Ransomware Attack (October 2023): In October 2023, the British Library
suffered a ransomware attack by the Rhysida hacker group, leading to the theft and public release of
approximately 600GB of data. The attack caused significant operational disruptions, including delays in
services and financial losses estimated at £6–7 million. This incident underscores the vulnerabilities in
cultural and educational institutions.
5. MOVEit Data Breach (June 2023): A vulnerability in the MOVEit file transfer software led to
a widespread data breach affecting thousands of organizations and nearly 100 million individuals.
Exploited by cybercriminals, the breach involved unauthorized access to sensitive data, emphasizing
the need for regular software updates and vigilant security practices.
 THE CIA TRIAD: KEY CONCEPTS IN CYBERSECURITY
THE CIA TRIAD IS A FOUNDATIONAL MODEL IN CYBERSECURITY THAT REPRESENTS THREE CORE PRINCIPLES
ESSENTIAL FOR SECURING INFORMATION AND SYSTEMS: CONFIDENTIALITY, INTEGRITY, AND AVAILABILITY.
THESE PRINCIPLES ENSURE THAT DATA REMAINS SECURE, ACCURATE, AND ACCESSIBLE TO AUTHORIZED USERS.

1. Confidentiality
• Confidentiality ensures that sensitive information is protected from unauthorized access. It prevents
data breaches, identity theft, and exposure of confidential information.
• Key Measures:
• Encryption: Converts data into unreadable formats without the correct decryption key.
• Access Controls: Role-based access control (RBAC) and multi-factor authentication (MFA) restrict access to
authorized users.
• Data Masking: Hides sensitive information to protect privacy (e.g., masking credit card numbers).
• Network Security: Firewalls,VPNs, and secure communication protocols (TLS/SSL) prevent unauthorized
interception of data.

• Example: A banking website encrypting user transactions to prevent attackers from stealing financial
information.
2. Integrity
• Integrity ensures that data remains accurate, consistent, and unaltered by unauthorized modifications. It
prevents data corruption, tampering, and forgery.
• Key Measures:
• Hashing: Cryptographic hash functions (e.g., SHA-256) ensure data integrity by generating a unique fingerprint of data.
• Digital Signatures: Verifies the authenticity and integrity of messages, documents, and software.
• Checksums & Parity Bits: Used to detect errors in transmitted data.
• Version Control & Audit Logs: Keeps track of changes to prevent unauthorized alterations.

• Example: A healthcare database ensuring that patient records remain unchanged unless updated by
authorized personnel.
3. Availability
Availability ensures that systems, applications, and data are accessible to authorized users when needed. It
prevents downtime and service disruptions caused by cyberattacks or technical failures.
• Key Measures:
• Redundancy & Failover Systems: Backup servers and load balancing prevent single points of failure.
• DDoS Protection: Firewalls and anti-DDoS mechanisms mitigate denial-of-service attacks.
• Regular Maintenance & Updates: Ensures systems are patched and optimized for reliability.
• Disaster Recovery & Business Continuity Plans: Helps restore operations after cyber incidents or natural
disasters.

• Example: A cloud storage provider ensuring that users can access their data even if one server goes
down.
BALANCING THE CIA TRIAD

• A strong cybersecurity strategy must balance all three elements of the CIA Triad.
Overemphasizing one aspect may weaken another:

Too much confidentiality? May restrict access and slow down workflows.

Too much integrity? Can increase complexity and reduce system performance.

Too much availability? May expose systems to security risks.

 CYBER THREATS ARE CONTINUALLY EVOLVING, POSING SIGNIFICANT CHALLENGES TO INDIVIDUALS,
ORGANIZATIONS, AND GOVERNMENTS. BELOW IS AN OVERVIEW OF FOUR PREVALENT TYPES OF CYBER THREATS—
MALWARE, PHISHING, DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS, AND INSIDER THREATS—
ALONG WITH RECENT INCIDENTS ILLUSTRATING EACH:

1. Malware
• Definition: Malware, short for malicious software, encompasses various forms of harmful
software designed to damage, disrupt, or gain unauthorized access to computer systems.
• Recent Incident: In August 2024, cybersecurity firm Mandiant reported that a subgroup of Russia's
Sandworm unit, known as BadPilot, expanded its operations beyond Ukraine to target Western
networks, including those in the U.S., U.K., Canada, and Australia. BadPilot exploited vulnerabilities in
software such as Microsoft Exchange and Fortinet FortiClient EMS to breach systems in critical sectors
like energy and telecommunications.
2. Phishing
• Definition: Phishing involves deceptive attempts to obtain
sensitive information by masquerading as a
trustworthy entity through emails, messages, or websites.

• Recent Incident: In February 2024, Change Healthcare

experienced a significant breach affecting over 100 million users.
The ALPHV/BlackCat ransomware group gained access
to the company's systems using login credentials obtained through
phishing attacks.
3. Distributed Denial of Service (DDoS) Attacks
• Definition: DDoS attacks aim to
overwhelm a network, service, or
website by flooding it with excessive traffic,
rendering it inaccessible to legitimate users.

• Recent Incident: In December 2024, Italy's Foreign Ministry and Milan's two airports
experienced temporary website outages due to a DDoS attack. The pro-Russian hacker group
Noname057(16) claimed responsibility, stating it was in retaliation against Italy's perceived
"Russophobia."
4. Insider Threats
• Definition: Insider threats originate from within an
organization, involving employees or associates who
intentionally or accidentally compromise security,
leading to data breaches or system damage.

• Recent Incident: In late 2024, the U.S. Treasury’s

threat intelligence team identified members of Elon Musk’s
Department of Government Efficiency (DOGE) as
"insider threats." These individuals accessed sensitive
Treasury payment systems without proper authorization, prompting
concerns about potential unauthorized activities and data integrity.
CAREERS IN CYBERSECURITY: ROLES,
SKILLS, AND OPPORTUNITIES
1. Cybersecurity Analyst
• Role:
• Monitors and analyzes security threats.
• Investigates security breaches.
• Implements security controls to protect systems.

• Skills Required:
• Threat detection and analysis.
• SIEM tools (e.g., Splunk, IBM QRadar).
• Incident response and forensics.

• Example Career Path: IT Support → Security Analyst → SOC Analyst → Senior Security Analyst
2. Penetration Tester (Ethical Hacker)
• Role:
• Simulates cyberattacks to identify vulnerabilities.
• Conducts penetration testing on networks and applications.
• Provides remediation recommendations.
• Skills Required:
• Proficiency in hacking tools (Metasploit, Burp Suite).
• Programming (Python, Bash, PowerShell).
• Knowledge of security frameworks (OWASP, NIST).

• Example Career Path: IT Security Specialist → Ethical Hacker → Senior Penetration Tester → Red
Team Lead
3. Security Engineer
• Role:
• Designs and implements secure systems.
• Develops security automation solutions.
• Works with DevOps and cloud security.
• Skills Required:
• Secure software development (SDLC).
• Network security and cloud security (AWS, Azure, GCP).
• Automation and scripting (Python, Terraform).

• Example Career Path: Network Engineer → Security Engineer → Cloud Security Architect
4. Incident Response Analyst
• Role:
• Responds to cybersecurity incidents.
• Investigates breaches and mitigates damage.
• Works with law enforcement and forensic teams.
• Skills Required:
• Digital forensics and malware analysis.
• Incident response frameworks (MITRE ATT&CK).
• SIEM and threat intelligence tools.

• Example Career Path: SOC Analyst → Incident Responder → Threat Intelligence Analyst → CISO
5. Cloud Security Specialist
• Role:
• Secures cloud environments (AWS, Azure, Google Cloud).
• Implements security controls for cloud workloads.
• Ensures compliance with cloud security standards.
• Skills Required:
• Cloud security architecture and identity management.
• Cloud security certifications (AWS Certified Security, CCSK).
• DevSecOps and infrastructure-as-code (Terraform, Kubernetes).

• Example Career Path: Cloud Engineer → Cloud Security Engineer → Cloud Security Architect
6. Security Consultant
• Role:
• Advises businesses on cybersecurity best practices.
• Conducts risk assessments and audits.
• Develops security strategies for organizations.
• Skills Required:
• Risk management frameworks (ISO 27001, NIST).
• Compliance and governance (GDPR, HIPAA).
• Strong communication and business acumen.

• Example Career Path: IT Auditor → Security Consultant → Cybersecurity Director

7. Cyber Threat Intelligence Analyst
• Role:
• Gathers intelligence on cyber threats.
• Analyzes attacker tactics and techniques.
• Works with security teams to prevent attacks.

• Skills Required:
• Open-source intelligence (OSINT) analysis.
• Threat hunting methodologies.
• Cyber threat frameworks (MITRE ATT&CK, Cyber Kill Chain).

• Example Career Path: SOC Analyst → Threat Analyst → Cyber Threat Intelligence Lead
8. Chief Information Security Officer (CISO)
• Role:
• Leads an organization's cybersecurity strategy.
• Manages cybersecurity teams and budgets.
• Ensures regulatory compliance and risk management.

• Skills Required:
• Leadership and strategic planning.
• Enterprise risk management.
• Cybersecurity frameworks and compliance.

• Example Career Path: Security Manager → Director of Security → CISO

THANK YOU