Cyber Attack is an attempt by hackers to damage or destroy a computer network or system.

- Malware/Ransomware.
- DDoS (distributed denial of service).
- Drive-by.
- Zero-day.
- MITM (man in the middle) attacks.
- Phishing campaigns.
- Virus infections.

Risk management regime. Assess the risks to your organization's information and systems by embedding an appropriate risk management regime 1. Secure configuration 2. Network security 3. Managing user privileges 4. User education and awareness 5. Incident management 6. Malware prevention 7. Monitoring 8. Removable media controls

A data breach occurs when a company’s cyber security measures are compromised which allows unauthorised access of information.

- The costs of cyber security breaches are rising
- Cyber attacks are increasingly sophisticated
- Cyber security is a critical, board-level issue
- Cyber crimes lead to big losses : The world economy loses more than $1 trillion each year.

Everyone who is connected to the Internet needs cyber security. This is because most cyber attacks are automated and aim to exploit common vulnerabilities rather than specific websites or organizations.

- Determine information value
- Identify cyber threats
- Identify vulnerabilities
- Analyze Controls
- Calculate the Impact
- Prioritize Risks based on cost and value
- Make Assessment Reports

Cybersecurity Compliance involves meeting various controls (usually enacted by a regulatory authority, law, or industry group) to protect the confidentiality, integrity, and availability of data.

1. Certified Information Systems Security Professional (CISSP)
2. Certified Information Systems Auditor (CISA)
3. Certified Information Security Manager (CISM)
4. Security+
5. Certified Ethical Hacker (CEH)
6. GIAC Security Essentials Certification (GSEC)
7. Systems Security Certified Practitioner (SSCP)
8. CompTIA Advanced Security Practitioner (CASP+)
9. GIAC Certified Incident Handler (GCIH) 10. Offensive Security Certified Professional (OSCP)