This article has multiple issues. Please help improve it or discuss these issues on the talk page . (Learn how and when to remove these template messages)
|
This is a list of cybersecurity information technology. Cybersecurity is security as it is applied to information technology. This includes all technology that stores, manipulates, or moves data, such as computers, data networks, and all devices connected to or included in networks, such as routers and switches. All information technology devices and facilities need to be secured against intrusion, unauthorized use, and vandalism. Additionally, the users of information technology should be protected from theft of assets, extortion, identity theft, loss of privacy and confidentiality of personal information, malicious mischief, damage to equipment, business process compromise, and the general activity of cybercriminals. The public should be protected against acts of cyberterrorism, such as the compromise or loss of the electric power grid.
Cybersecurity is a major endeavor in the IT industry. There are a number of professional certifications given for cybersecurity training and expertise. [1] Although billions of dollars are spent annually on cybersecurity, no computer or network is immune from attacks or can be considered completely secure. The single most expensive loss due to a cybersecurity exploit was the ILOVEYOU or Love Bug email worm of 2000, which cost an estimated 10 billion dollars. [2]
This article attempts to list all the important Wikipedia articles about cybersecurity. There are a number of minor articles that can be reached by means of links in the listed articles.
Introductory articles about cybersecurity subjects:
The art of secret writing or code. A "plaintext" message is converted by the sender to "ciphertext" by means of a mathematical algorithm that uses a secret key. The receiver of the message then reverses the process and converts the ciphertext back to the original plaintext. [7]
The art of hidden writing. The secret message is hidden within another object, such as a digital photograph. [9]
The process by which a potential client is granted authorized use of an IT facility by proving its identity. [11]
A framework for managing digital certificates and encryption keys.
Computerized utilities designed to study and analyze the security of IT facilities and/or break into them on an unauthorized and potentially criminal basis. [12]
Modes of potential attacks on IT facilities. [13]
Security exploits affecting computers. [14]
Violation of the law by means of breaking into and/or misusing IT facilities. Laws that attempt to prevent these crimes. [15]
Countries and their governments that use, misuse, and/or violate IT facilities to achieve national goals. [16]
The securing of networked computers, mobile devices and terminals. [17]
The protection of the means by which data is moved from one IT facility to another. [18]
The securing of IT facilities that manipulate data, such as computer servers, often by means of specialized cybersecurity hardware. [19]
The protection of data in its non-moving state, usually on magnetic or optical media or in computer memory. [20]
The processes by which security technology is monitored for faults, deployed and configured, measured for its usage, queried for performance metrics and log files, and/or monitored for intrusions. [21]
Officially agreed architectures and conceptual structures for designing, building, and conducting cybersecurity. [22] [23]
In cryptography, a block cipher is a deterministic algorithm that operates on fixed-length groups of bits, called blocks. Block ciphers are the elementary building blocks of many cryptographic protocols. They are ubiquitous in the storage and exchange of data, where such data is secured and authenticated via encryption.
Computer security is the protection of computer software, systems and networks from threats that may result in unauthorized information disclosure, theft of hardware, software, or data, as well as from the disruption or misdirection of the services they provide.
In cryptography, encryption is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Despite its goal, encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.
In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible.
Articles related to cryptography include:
A cryptographic hash function (CHF) is a hash algorithm that has special properties desirable for a cryptographic application:
Cryptography, the use of codes and ciphers to protect secrets, began thousands of years ago. Until recent decades, it has been the story of what might be called classical cryptography — that is, of methods of encryption that use pen and paper, or perhaps simple mechanical aids. In the early 20th century, the invention of complex mechanical and electromechanical machines, such as the Enigma rotor machine, provided more sophisticated and efficient means of encryption; and the subsequent introduction of electronics and computing has allowed elaborate schemes of still greater complexity, most of which are entirely unsuited to pen and paper.
Key management refers to management of cryptographic keys in a cryptosystem. This includes dealing with the generation, exchange, storage, use, crypto-shredding (destruction) and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.
Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.
Below is a timeline of notable events related to cryptography.
Information security standards are techniques generally outlined in published materials that attempt to protect the cyber environment of a user or organization. This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks.
In cryptography, key stretching techniques are used to make a possibly weak key, typically a password or passphrase, more secure against a brute-force attack by increasing the resources it takes to test each possible key. Passwords or passphrases created by humans are often short or predictable enough to allow password cracking, and key stretching is intended to make such attacks more difficult by complicating a basic step of trying a single password candidate. Key stretching also improves security in some real-world applications where the key length has been constrained, by mimicking a longer key length from the perspective of a brute-force attacker.
Computer security software or cybersecurity software is any computer program designed to influence information security. This is often taken in the context of defending computer systems or data, yet can incorporate programs designed specifically for subverting computer systems due to their significant overlap, and the adage that the best defense is a good offense.
Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.
The following outline is provided as an overview of and topical guide to cryptography:
A Master of Science in Cyber Security is a type of postgraduate academic master's degree awarded by universities in many countries. This degree is typically studied for in cyber security. What is offered by many institutions is actually called a Master in Strategic Cyber Operations and Information Management (SCOIM) which is commonly understood to be a Master in Cybersecurity. This degree is offered by at least some universities in their Professional Studies program so that it can be accomplished while students are employed - in other words it allows for "distance learning" or online attendance. Requirements for the Professional Studies program include: 3.0 or better undergrad GPA, professional recommendations letters and an essay.
The following outline is provided as an overview of and topical guide to computer security:
In cryptography, security level is a measure of the strength that a cryptographic primitive — such as a cipher or hash function — achieves. Security level is usually expressed as a number of "bits of security", where n-bit security means that the attacker would have to perform 2n operations to break it, but other methods have been proposed that more closely model the costs for an attacker. This allows for convenient comparison between algorithms and is useful when combining multiple primitives in a hybrid cryptosystem, so there is no clear weakest link. For example, AES-128 is designed to offer a 128-bit security level, which is considered roughly equivalent to a RSA using 3072-bit key.
Internet security awareness or Cyber security awareness refers to how much end-users know about the cyber security threats their networks face, the risks they introduce and mitigating security best practices to guide their behavior. End users are considered the weakest link and the primary vulnerability within a network. Since end-users are a major vulnerability, technical means to improve security are not enough. Organizations could also seek to reduce the risk of the human element. This could be accomplished by providing security best practice guidance for end users' awareness of cyber security. Employees could be taught about common threats and how to avoid or mitigate them.