Kiberxavfsizlik tushunchasi, uning tashkil etuvchilarining xarakteristikalari


Download 1.78 Mb.
Sana18.06.2023
Hajmi1.78 Mb.
#1595427
Bog'liq
kiberetika 1

Kiberxavfsizlik tushunchasi, uning tashkil etuvchilarining xarakteristikalari


Bajardi:Egamberdiyev S.
Tekshirdi:Radjabova M.

Which is the third largest economy?

  • USA
  • China _ _
  • ????

Kiberxavfsizlikning ahamiyati

"Haqiqatan ham xavfsiz bo'lgan yagona tizim - bu o'chirilgan va elektr tarmog'idan uzilgan, titan seyfda qulflangan, beton bunkerga ko'milgan va asab gazi va juda yuqori haq to'lanadigan qurolli qo'riqchilar bilan o'ralgan tizimdir. Shunday bo'lsa ham, men qo'lga kiritmagan bo'lardim. mening hayotim unga bog'liq."


In security matters:
effectiveness & limitations
  • There is nothing like absolute security
  • We are only trying to build comfort levels, because security costs money and lack of it costs much more
  • Comfort level is a manifestation of efforts as well as a realization of them

Kiberxavfsizlikning ahamiyati

  • Internet tajovuzkorga sayyoramizning istalgan nuqtasidan ishlash imkonini beradi.
  • Xavfsizlik bilimi va amaliyoti tufayli yuzaga keladigan xavflar:
  • Shaxsni o'g'irlash
  • Pul o'g'irlash
  • Huquqiy oqibatlar (o'zingiz va tashkilotingiz uchun)
  • Agar siyosatga rioya qilinmasa, sanktsiyalar yoki tugatish
  • SANS instituti ma'lumotlariga ko'ra, kiber jinoyatchi uchun mavjud bo'lgan zaifliklarning asosiy vektorlari:
  • Veb-brauzer
  • IM mijozlari
  • Veb-ilovalar

Kiberxavfsizlik

  • Kiberxavfsizlik tarmoqlarni, qurilmalarni, dasturlarni va ma'lumotlarni hujum, shikastlanish yoki ruxsatsiz kirishdan himoya qilishga mo'ljallangan texnologiyalar, jarayonlar va amaliyotlar majmuasini anglatadi.

Cyber Security


https://www.varonis.com/blog/data-breach-statistics/

Kiberxavfsizlik - bu xavfsizlik

  • Xavfsizlik: Biz kompyuterlarimiz va ma'lumotlarimizni uylarimiz eshiklarini himoya qilgandek himoya qilishimiz kerak.
  • Xavfsizlik: Biz o'zimizni texnologiya bilan bog'liq xavf va tahdidlardan himoya qiladigan tarzda harakat qilishimiz kerak.

Cybe r Security Do m ai n s

Xavfsiz tizim nima? (CIA triadasi)


Availability
  • Maxfiylik - vakolatli shaxslarga kirishning cheklanganligiButunlik - ma'lumotlar ruxsat etilmagan tarzda o'zgartirilmaganMavjudlik - ma'lumotlarga vakolatli shaxslar tegishli vaqt oralig'ida kirishlari va o'zgartirishlari mumkin

C.I.A Triad


Protecting information from unauthorized access and disclosure
Example:
Criminal theft
customers' usernames, passwords, or credit card information
Confidentiality

C.I.A Triad


Protecting information from unauthorized modification
Example:
Someone alters payroll information or a proposed product design
Integri t y

C.I.A Triad


Preventing disruption in how information is accessed
Example:
Your customers are unable to access your online services
Availability

Tahdidlar va zaifliklar


 Biz o'zimizning va manfaatdor tomonlarimizning ma'lumotlarini nimadan himoya qilamiz?
 Tahdidlar: Axborot tizimini yo'q qilish, tizimda saqlangan ma'lumotlarni oshkor qilish, ma'lumotlarni salbiy o'zgartirish yoki tizimni ishlamay qoldirish orqali unga zarar etkazishi mumkin bo'lgan har qanday holatlar yoki hodisalar.
 Zaifliklar: foydalanish mumkin bo'lgan axborot tizimi yoki uning tarkibiy qismlarining zaifligi.

 Fishing va Spear-fishing hujumlari


QANDAY XAVFLAR BAR?
 Ijtimoiy muhandislik firibgarliklari
 Umumiy zararli dastur va to'lov dasturi
 Ishbilarmonlik elektron pochtasini buzish
 Maʼlumotlarni oʻgʻirlaydigan yoki qurilmalarni yuqtiruvchi soxta veb-saytlar
 Va yana ko'p narsalar

Phishing


 Phishing refers to the practice of creating fake emails or SMS that appear to come from someone you trust, such as: Bank, Credit Card Company, Popular Websites
 The email/SMS will ask you to "confirm your account details or your vendor's account details", and then direct you to a website that looks just like the real website, but whose sole purpose is to steal information.
 Of course, if you enter your information, a cybercriminal could use it to steal your identity and possibly make fraudulent purchases with your money.

Phishing Statistics


 Verizon DBIR 2020: Phishing is the biggest cyber threat for SMBs, accounting for 30% of SMB breaches
 KnowBe4: 37.9% of Untrained Users Fail Phishing Tests
 84% of SMBs are targeted by Phishing attacks
 A new Phishing site launches every 20 seconds
 74% of all Phishing websites use HTTPS
 94% of Malware is delivered via email

Example of Phishing

Social Engineering


 When attempting to steal information or a person's identity, a hacker will often try to trick you into giving out sensitive information rather than breaking into your computer.
 Social Engineering can happen:
 Over the phone
 By text message
Instant messaging
 Email

Thank you!


Download 1.78 Mb.

Do'stlaringiz bilan baham:




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©fayllar.org 2024
ma'muriyatiga murojaat qiling