INTRODUCTION TO CYBERSECURITY

 WHAT IS CYBER AND CYBERSECURITY?

The prefix "cyber" is derived from "cybernetics," and it can be used to describe a wide range of topics
including virtual worlds, computers, and information technology. It is frequently used in conjunction with
words like "cybersecurity," which refers to safeguarding data, networks, and computer systems from
harm, unauthorised access, and attacks. "Cyber" is a general phrase that refers to a wide range of online
and digital activities.

In our present world, since digital technology is becoming more and more the norm in this era, there is a
great threat of cyberattacks. Indeed, to achieve the fundamental necessities such as security, availability,
integrity of banking details, core infrastructure data, and personal information, cyber security has
become a must. The persistence of the general security as well is a really important matter.

Last but not least, cyber security is one of the main requirements for ensuring

 stability,
 security,
 and prosperity in our digital world .

The constantly progressive features of cyberattacks compel a joint and unwavering aim of strengthening
our cyber infrastructure and creating a safe e-environment for a wide range of people, companies, and
nations.
2. PASSWORD SECURITY AND SOCIAL MEDIA
SAFETY
Secure passwords are essential for preventing unwanted access to sensitive and
personal data. When people and organizations don't use strong password
procedures, they run the danger of several problems. You can secure your password
by:

 Creating Strong Passwords:

 Try to use the combination of the upper, lower case, numeric, and special characters to make a
good password.

 Ponder on prolonged passwords, these ultimately improve your security position. Seek 12
characters minimum.
 Avoid Common Words: Try to avoid using unreliable words and numbers pets tend to foresee.
 Unique for Each Account: Learn not to reuse the same password for all of your profiles. As long
as one is safe, the other is okay, need no worry about the security.
 Regular Updates: To avoid compromise, change passwords regularly for increased security.

 Avoid Sharing Passwords

 . Security Risk: Disclosing passwords is also a dangerous thing since the

information they contain can be accessed by unauthorized users.

 Individual Accountability: Each user should be responsible for their account

security. Shared passwords make it challenging to trace any security incidents.

 Using Password Managers:

A password manager is a programme or online service made specifically to handle and
safely keep user passwords and other private login data. You can follow this tips on how
to manage your password:

 Generate and Store Secure Passwords: Password managers make it easy for users to
generate long and complex passwords for each account & manage them securely.
  Single Master Password: The users can store all their passwords under the protection of
a strong master password that would only be required to unlock access to them.

 Encrypted Storage: An added security advantage is the fact that password manager
databases are encrypted meaning that stolen sensitive info is not easily analyzed.

 Automatic Form Filling: By generating passwords and inputting the login information
automatically for different web pages, password managers speed up the process and
decrease the possibility of someone getting fooled by phishing.

 Cross-Platform Access: Multiple password managers familiar with numerous operational

devices play a role in boosting accessibility, without affecting the basic security levels.

By following these practices, individuals can significantly enhance the security of their online accounts,
reduce the risk of unauthorized access, and manage their passwords efficiently with the help of a
password manager.

 Updating Privacy Settings:

Privacy settings are programmable choices that let users manage who can see their personal data
on different websites and through different online services. These options control who has access
to, can view, or can interact with particular details that the user shares. Common privacy settings
include:

 Customize Profiles: Set up privacy options for social media networks to determine who
can see your personal information and posts.

 Review App Permissions: Often monitor and control the device’s app permissions so that
they would not be granted any access to your personal information.

 . Be Selective with Friends/Followers: Limit your contact with people from social
networks to those who trust you completely and know you in person. That way,
exposure will not exceed a certain number.
  Avoid Oversharing:

 Consider the Audience: Do not post sensitive information on social networks is the best way to
maintain privacy.

 Avoid Posting Sensitive Data: Do not communicate your private details like addresses, phone
numbers, or financial details being your confidential data.

 Think Before Posting: Considering the potential of your posts that remain online for an indefinite
period, it means that it would be hard to renege on what you shared online.

 Cyber Bullying

What is Cyber Bullying?

 Harassment: act of sending nasty or persistent threats or messages.
 Impersonation: Constructing false online personas in order to mislead or bug someone.
 Removal: The intentional removal of an individual from virtual communities or events.
 Public humiliation: is the act of sharing offensive or unpleasant information about someone
online.

How to handle Cyber Bullying

 Recognize Signs: Be knowledgeable of the cyberbullying indicators, that is the sudden changes in
mood and behavior.

 Report and Block: When defrauded by cyber targeting, immediately report such cases to the
platform and block the people concerned.

 Seek Support: Approach friends, relatives, or a professional counselor if you get affected by the
cyberbullying phenomenon. I want to remind you not to shy away from seeking care from
people who are professionally trained to do so.
 Handling Online Interactions Safely:
Take into account these pointers to manage online interactions safely:
 Be Skeptical: Verify the identity of online contacts, and be cautious of requests for personal
information or financial transactions.

 Use Strong, Unique Passwords: Use long passwords and store passwords safely using a password
manager to strengthen security measures.

 Educate Yourself: Make it a routine to be updated about the most common online scams and
phishing techniques to be sure that you don’t become the next victim of fraudulent acts.

 Enable Two-Factor Authentication (2FA): Ensure an added level of security by activating the Two-
Factor Authentication (2FA) to your available accounts whenever it is offered.

 Regularly Update Software: Keep up-to-date all the software, antivirus programs as well apps by
installing updates to patched vulnerabilities and improve security.

By considering privacy settings, limiting the information shared, defeating cyberbullying, and
maintaining safe communication habits, one will have created a positive digital presence that
cannot be misused. Strategic awareness and tactical measures make online activity beneficial
and safe.
 3. PHISHING AND SOCIAL ENGINEERING
AWARENESS

 What Does Phishing means?

Phishing is a cyberattack trick method where attackers use misleading emails, texts, or phone calls to
obtain sensitive information from individuals, for example, passwords, credit card numbers, or personal
details, by using deception. These attacks on the system are usually to get financial information,
impersonate a person, or to also spread malware.

 What Are The Common Phishing Tactics?

 Email Spoofing: Scammers send emails that look like they came from a trusted source, for
example, famous companies or services. These fake emails may use logos and other identifying
marks to make them seem even more real.

 Fake Websites: In the case of phishing attacks, the scammer will be sending links to fraudulent
websites which would look like authentic sites and the purpose will be tricking the user into
entering their login details.

 Urgency and Threats: Manipulators in phishing messages very often try to create a feeling of an
immediate threat or a serious problem that you should fix as soon as possible to avoid any
further figment issues.

 Impersonation: Seeing that they may like trusted entities, for example, coworkers, friends, or
technical support staff, and manipulate people into sharing private information.

 How Do You Recognize and Avoid Phishing?

 Check the Sender's Email Address: Ensure that you have checked the sender's email address
wisely, especially if the email claims to be from a known organization.

 Look for Typos and Grammar Errors: Real phishing emails are sometimes like a handwritten letter
full of spelling and grammar mistakes.
 Examine Links Before Clicking: Move the mouse over the links to preview this URL. Never click on
weird links, keep the reliability of the website in question, and consult with other sources.

 Question Urgency and Threats: Be recipients of advice that point in the direction of immediate
actions, if negative results follow only if action is not taken within a short time.

 Verify Requests for Information: Legitimate organizations frequently do not request sensitive
credentials through e-mails or text messages from legitimate sites. Verify such requests through
official channels.

 Enable Two-Factor Authentication (2FA): A good old-fashioned password may not provide
enough protection. Thus, by adding a second level of security, you can prevent unauthorized
access even if your login credentials are leaked.

 How do you tackle phishing call?

 Verify Caller Identity: When you receive a call that says it's from a well-known organization,
check the identity of the person by calling the organization through the official channels.

 Be Cautious with Personal Information: Do not submit your personal and financial data over the
phone unless you initiated the call and you trust the recipient.

 Vigilance: questioning the trustworthiness of messages, and employing security measures like
2FA is crucial for phishing attack prevention through emails, texts, or calls. The role of education
and awareness cannot be overemphasized if online safety is to be improved.
 4. SAFE BROWSING PRACTICES

 What is safe browsing?

Safe browsing is taking care to safeguard oneself online. Safe browsing practices are crucial for
protecting your online security and privacy. Here are some essential tips:

• How do you implement safe browsing practices?

1. Keep Software Updated: make sure that your operating systems, browsers, antivirus programs, and
any other software are updated on schedule. The second module covers vulnerabilities, including
security patches.

2. Use Strong and Unique Passwords: use a good, strong, unique password for each account you
have. Contemplate the possibility of a password manager that can not only create but also safely save
complex passwords for you.

3. Enable Two-Factor Authentication (2FA): try to use it whenever possible as it creates additional
protection for your accounts. This helps protect your accounts and rescue your password even if it is
compromised.

4. Be Cautious with Emails: stay away from clicking on links or downloading attachments from unknown
or spammy emails. The sender's identity must be checked before interacting with the content.

5. Verify Website URLs: before sharing your details, go ahead and verify the URL to make sure that you
end up on a secure and authentic website. Look for “https”.

6. Watch for Phishing Attempts: be highly mistrustful of all emails, messages, and pop-ups that come
spontaneously and demand information on your personal or financial matters. Establish legitimate
sources of such requests through official communication channels.

7. Use Secure Wi-Fi Connections: Join only trustable networks that have secured Wi-Fi, and don't use
them to access your personal information. You may particularly need to employ a virtual private network
(VPN) for enhanced safety measures.

8. Review Privacy Settings: frequently verify and rearrange the privacy settings on social media and other
online accounts to retain control over the visibility of your personal information.
9. Be Mindful of Cookies and Tracking: The cookie and tracking settings option in the browser settings
must be adjusted. Wipe out the cookies every time and try to use a browser that protects privacy via the
extension.

10. Educate Yourself: Keep up to date on the online threats, scams, and cybersecurity tips that are
commonplace by getting informed. The online platform is such a complex system which makes sure that
only the knowledge of protecting yourself online is enough.

11. Secure Your Devices: Applying strong passwords or biometrics/fingerprint validation on devices is
highly recommended. Sensitive data encryption is to be activated and features such as device tracking
and remote wiping are active as well.

By incorporating these safe browsing practices into your online routine, you can significantly reduce the
risk of falling victim to cyber threats and enhance your overall online security.
 5. TWO FACTOR AUTHENTICATION

 What is two factor authentication?

Two-factor authentication (2FA) is a security feature that requires users to give two distinct
authentication factors in order to confirm their identity. It provides additional security beyond the
standard login and password.Two-factor authentication utilizes one more layer of security which
aims at people who try to log in to an online account to give true proof of their identity. It
typically involves two of the following three factors;

1. Something You Know (Knowledge): The password or the PIN.

2. Something You Have (Possession): A mobile phone, security token, as well as the reader smart card.
3. Something You Are (Inherence): Biometric data such as fingerprints, or retina scans could be
incorporated into devices.

• Why do we need 2-FA?

1. Enhanced Security: The 2FA system is going to give you a lot more than just a password, it is going to
offer one more barrier between you and any fraudulent user.

2. Mitigation of Password Vulnerabilities: The system even lays low your password; rather, an additional
authentication step is required, which limits the possibility of unauthorized access.

3. Protection Against Phishing: 2FA can comprehensively protect your account from phishing as the
second factor has to be there along with the password for the attacker to be successful.

4. Securing Sensitive Data: While any account could be compromised, the addition of 2FA for those with
vulnerable information, such as finance or email accounts, protects against potential unauthorized
access.

 How do you set up 2-FA?

 Choose the Right Service: go through and check whether the site you are using offers two-factor
authentication (2FA) or not. The majority of widely used platforms like e-mail providers, social
networking, and banking sites provide this facility.
  Enable 2FA in Account Settings: To reach your account's settings or its security settings, access
yours. See if the service provides 2FA/multi-factor authentication.
 Select the Type of 2FA: Decide the second option of whether you want to use the method of the
text message, the app, or the hardware token.

 Receive or Set Up Codes: If you use an SMS, there is a code for your mobile device. If the
authentication app is comprised, click on the QR code given or you could type the setup key to
connect the app to your account.

 Verify and Confirm: open the code you received near the computer or smartphone or answer
the prompt submitted by the device to enable the operation. This also implies the habit of
sending you an SMS (Short Message Service), or you will be requiring a code generated by the
authenticator app.

 Keep Backup Options: some accounts may find having double 2FA modes (eg, app-based and
text) as an option to be useful in situations when they have to battle for control.

By implementing Two-Factor Authentication, you significantly strengthen the security of your accounts,
protecting your sensitive information from unauthorized access.
 5. CYBERBULLYING AWARENESS AND ETIQUETTE

What is cyberbullying awareness?

Cyberbullying awareness entails comprehending, recognizing, and resolving
the problem.

 Awareness:
1. Recognize Different Forms: Bullying in the online world can take place in many ways; for
example, harassment, spreading rumors, impersonation, or creating a hostile atmosphere. Know
that it can take different shapes.

2. Understand the Impact: The injury a cyberbullying suffers is a lot deeper and it affects the
emotional and psychological well-being of the victim. Realize that it can carry danger and
damage. Listen to the given audio and insert the bracketed words. In conclusion, it is undeniable
that the role of technology in the modern education system cannot be ignored.

3. Promote Empathy: Construct a virtual atmosphere emotionally based and engaging with
empathy and understanding. Encourage respectful expression and cut down on derogatory acts.
Discussing why self-expression is essential to your teens could be tough. You might find yourself
hesitating or struggling to find the right words to say. However, you should stick to the fact that
self-expression is a fundamental part of our lives and is necessary for emotional and mental well-
being. Children and teenagers are constantly absorbing information

What is cyberbullying etiquette ?

Cyberbullying etiquette refers to the norms of respectful and responsible online behavior,
with an emphasis on preventing and responding to cyberbullying.

 Etiquettes:

1. Respect Online Boundaries: Try to stay away from hacking other people's privacy online. Be
considerate of their limits, and don't share sensitive and personal information without their consent.

2. Thoughtful Communication: Be aware that your words can affect others. Develop positive
communication and ensure that there is no use of destructive language or behavior involving others.
3. Report Inappropriate Content: In case you stumble upon discriminatory, threatening, or any other
content that breaks the platform policies, report it to the proper authorities or platform administrators.

 Guidelines for Dealing with Cyberbullying:

1. Don't Respond in Anger: Do not react to cyberbullying with anger or retaliation. It can intensify
the situation and make the bully feel satisfied.

2. Document Evidence: Take a screenshot or save any proof of cyberbullying. Such documentation will be
required to be submitted in case you decide to report the case.

3. Block and Report: Block the cyberbully on social media platforms and inform the admins of the
platform about their offensive behavior. Several platforms offer ways to deal with bullying.

4. Seek Support: Talk to your friends, family, or a person you trust about how you are feeling. Showing
your emotions and asking for support can contribute greatly to your emotional health.

5. Report to Authorities: If you are being cyber bullied, whether it is illegal or not, don't hesitate to
report it to law enforcement. They can be advisors on the next step.

6. Use Privacy Settings: Adjust your privacy settings on social media to determine who can view your
information. This can mitigate further harassment.

7. Educate Yourself: Understand your online rights and responsibilities. Knowing the laws and regulations
of cyberbullying can give you the power to take the necessary steps.

8. Contact Support Services: Organizations and helplines can provide support and guidance for those
who are being cyber bullied. Ask for their help.

9. Practice Self-Care: Put self-care first to help deal with the emotional effects of cyberbullying. For
example, this could involve visiting a therapist, engaging in fun activities, and spending time with caring
friends and relatives.

10. Report to School or Workplace: If the cyberbullying is between your schoolmates or colleagues,
report the situation to the appropriate management. Many institutions have elaborated anti-bullying
rules.

Cyberbullying is a serious problem and its solution involves creating awareness, enforcing good online
etiquette, and proactively seeking help and support.
 6. REPORTING CYBER INCIDENTS

Reporting cyber incidents is crucial to address and mitigate potential threats. Here are general steps to
report cyber incidents:

1. Contact Local Authorities: In case the cyber incident is related to illegal activities or presents a real
danger, call your local police department. They will help in showing you the right path to follow.

2. Report to Online Platforms: In case of an incident on a particular online platform (social media, email,
etc.), go through the given reporting mechanisms by that platform. Very often it comes down to
identifying questionable content or behavior and reporting it.

3. National Cybersecurity Agencies: In several countries such agencies exist or Computer Emergency
Response Teams are created. Report such cases to these agencies for them to provide assistance and
linkages.

4. Use Cybercrime Reporting Websites: Some countries provide online portals or websites dedicated to
reporting cybercrime. Give a clear picture of the event to the authorities for further investigation
purposes.

5. Contact Your Internet Service Provider (ISP): If the incident includes information technology problems,
such as network concerns or unauthorized access, get in touch with your ISP. They can be investigators
and take on the tasks.

6. Report to Financial Institutions: If the situation is about financial fraud or unauthorized transactions,
please contact your bank or the appropriate financial organization. They are used to handling them.

7. Federal Trade Commission (FTC): In the United States, the Federal Trade Commission is responsible
for complaints that relate to identity theft, scams, and other cybercrimes. Go to their website and file a
complaint.

8. Utilize Cybersecurity Hotlines: Some countries now set up hotlines where cybersecurity concerns are
reported. Contact your local authority or cybersecurity agency for the correct hotline figure.

9. Educational Institutions or Employers: If, on the other hand, this incident happened within the
premises of a school or workplace, it should be reported to the appropriate authorities, like the IT
department or the human resource department.

10. Keep Records and Evidence: Document and preserve records and other evidence related to the
cyber breach. This would mean that they show screenshots, logs, and other similar data. It can help
them during their investigation.

11. Consider Reporting to Nonprofits: For example, some nonprofit organizations, including the Anti-
Phishing Working Group (APWG) can be dedicated to fighting cybercrime. They may have reporting
mechanisms for preferential incidents.

When reporting a cyber incident, provide as much detail as possible about the nature of the incident, the
parties involved, and any evidence you have collected. Timely and accurate reporting helps authorities
take swift action to address cyber threats.
 7. CYBER SECURITY CAREERS
Cybersecurity offers a wide range of career opportunities as the demand for professionals with expertise
in protecting digital systems grows. Here are some common cybersecurity careers:

• Security Analyst: Security analysts are one the positions where they monitor and analyze an
organization's security infrastructure, assess vulnerabilities, and respond to security incidents.

• Ethical Hacker/Penetration Tester: Ethical hackers or penetration testers perform testing of the security
of computer systems, networks, or applications by emulating cyberattacks to discover the system
vulnerabilities.

• Security Consultant: Security advisors are specialists in cybersecurity strategy and risk management
and designing appropriate security measures that will protect an organization’s assets.

• Incident Responder: Incident responders investigate and manage security incidents, moreover they are
responsible for investigation of the extent of a breach and undertaking containment and recovery
measures from the incident.

• Security Engineer: Security architects develop and apply security solutions like firewalls, encryption,
and authentication to safeguard systems and networks.

• Security Architect: Security architects are responsible for the design and construction of secure
computer systems, applications, and networks by bringing in the security best practices and technologies
directly into the architecture.

• Security Administrator: Security administrators are responsible for configuring, managing,

implementing, and enforcing the security policies and technologies, as well as monitoring the system
activity for any potential danger signs.

• Security Software Developer: Security-oriented developers construct software with a priority on

security by making them more robust against cyber threats.
• Security Operations Center (SOC) Analyst: SOC analysts are situated in the Security Operations Center
where they scrutinize network traffic, evaluate security alerts, and react to live incidents as they unfold.

• Security Compliance Analyst: Compliance analysts are the ones who ensure the security practices of
the company are in line with industry regulations and standards; thus, they apply the necessary
measures to meet compliance requirements.

• Security Educator/Trainer: Security instructors/trainers create and conduct training sessions to make
people and their organizations knowledgeable about the recommended cybersecurity principles and
good behaviors.
• Cryptographer: Cryptographers are engaged in designing and analyzing cryptographic systems to
ensure communication security and integrity of data.

• Forensic Analyst: Forensic investigators examine cyber incidents, collect and examine digital data, and
provide details about the nature and scope of the security breach.

• Security Policy Analyst: Policy analysts usually create and deploy security policies and procedures so
that the organization's security framework corresponds with its goals and missions.

These roles may have different titles or specific focuses, and many professionals in cybersecurity may
specialize in areas such as network security, cloud security, application security, or threat intelligence. As
the field evolves, new roles and specializations continually emerge, providing diverse career paths within
cybersecurity.