Posted in Technology

5 Cybersecurity terms every Software Engineer should be knowing

The Cambridge Dictionary defines ‘Cybersecurity’ as ‘things that are done to protect a person, organization, or country and their computer information against crime or attacks carried out using the internet’. Let us discuss about the top 5 terms in Cybersecurity field of study.

  1. Cryptography
    The term Cryptography in Ancient Greek means ‘hidden secret to write’. In modern times, Cryptography is majorly used to secure communication with the help of encryption and decryption algorithms. Various other applications of Cryptography techniques include system passwords, chip-based card payments and digital currencies. The most common application of cryptography which we use in our day-to-day life is sending and receiving encrypted emails. Whenever we are in need of sending confidential credentials to a recipient, we use the ‘Encrypt Email’ functionality which will in turn encrypt the email before sending to the recipient. The recipient then, opens the email with his credentials in a secured way. This is one of the simple examples of Cryptography. In layman’s perspective, Cryptography refers to encryption which deals with the process of converting ordinary text (plaintext) into an unreadable form (ciphertext) and decryption which deals with the process of converting ciphertext to plaintext. A ‘cipher’ refers to the pair of algorithms which deal with encryption and decryption processes.
  2. Network Security
    Network Security deals with various standard procedures and policies adopted in order to prevent and monitor various unhygienic activities in the digital forum including unauthorized access, misuse, modification or denial of a computer network and resources. Network Security involves wide range of activities including access authorization, conducting transactions, monitoring intrusions and overseeing operations. Network Security deals with both private and public networks. The most simple, famous and common way of protecting a network resource is by assigning a unique account name and a complicated password (Note : The password should be changed using standard password change processes from time to time).
  3. Firewall
    ‘Firewall’ refers to the software which is responsible to monitor the traffic between the protected network and the less-trusted outside network. We all know that data is transferred in packets. A firewall is used to set rules to each and every packet. The rules which are set by the firewall decides if the packet can pass into the network or not. The main goal of a Firewall software is to avoid unauthorized access. Firewalls can protect against problems like viruses and other attacks while it fails when the computer is infected with a pen-drive.
  4. Information Security
    Information Security mainly deals with preventing or reducing the probability of unauthorized access to data. The protected information can be of any form. For instance, the information can be a knowledge asset, electronic or physical asset, etc. The process of Information Risk Management includes the following:
    Identifying information, threats, vulnerabilities and possible impacts.
    Evaluation of the risks involved.
    Planning on how to avoid and mitigate the risks.
    Designing appropriate security controls and implementing them.
    Monitoring the activities.
  5. Application Security
    Application Security refers to the measures taken in order to improve the security of the application by finding and fixing vulnerabilities. The most famous techniques used in order to find vulnerabilities involve the following:
    Whitebox Security Testing: This testing technique tests the security of the application by thoroughly reviewing the source code.
    Blackbox Security Testing: This testing technique tests the security of the application without touching the source code.