Abstract image of a woman sitting on books and studying on a laptop

Lesson 3 - Cybersecurity and its impact to e-commerce (32).pptx

Download as PPTX, PDF
O
Omar Fernandez

The document explores the importance of cybersecurity in e-commerce, defining cybersecurity and detailing various types of cyber attacks, such as ransomware and phishing. It emphasizes the significant risks cyber attacks pose to e-commerce operations, including financial loss, reputational damage, and operational disruption. Additionally, it outlines strategies for enhancing cybersecurity, including employee training, encryption, and the establishment of a cybersecurity committee at the board level.

Education
1 of 35
Download to read offline
1
2
3
4
5
Most read
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
Cybersecurity & its Impacts on E-Commerce
INTRODUCTION (CYBERSECURITY)
What is Cybersecurity ? Cybersecurity refers to the practice of protecting computer systems, networks, and data from unauthorized access, cyberattacks, theft, damage, or disruption. It involves a range of technologies, processes, and practices designed to safeguard digital information and ensure the confidentiality, integrity, and availability of data..
Components of Cybersecurity Network security Application security Operational security Information security End-user education 01 02 03 04 05
IMPORTANCE OF CYBERSECURITY Reputation Management Preservation of Privacy Business Continuity Financial security National Security Protection of data
TYPES OF CYBER ATTACKS
Ransomware Ransomware is a type of cryptovirological malware that permanently block access to the victim's personal data unless a ransom is paid. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them
Malware Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy Malware
Password Attack it’s a type of cyber attack where hackers attempt to access a file, folder, account, or computer secured with a password. It’s generally done with the help of software that expedites cracking or guessing passwords. Password attacks in cybersecurity require special techniques and software. If a hacker is close to you, they may try guessing your password using a combination of names, hobbies, essential years, or numbers Password Attack
Keylogging Recording keystrokes entered by users on infected device to capture sensitive information, such as username, password, or credit card details, for malicious purpose. The term keylogger, or “keystroke logger,” is self-explanatory: Software that logs what you type on your keyboard. However, keyloggers can also enable cybercriminals to eavesdrop on you, watch you on your system camera, or listen over your smartphone’s microphone. Keylogging
Phishing “Phishing” refers to an attempt to steal sensitive information, typically in the form of usernames, passwords, credit card numbers, bank account information or other important data in order to utilize or sell the stolen information. By masquerading as a reputable source with an enticing request, an attacker lures in the victim in order to trick them, similarly to how a fisherman uses bait to catch a fish. Phishing
Social Engineering Social engineering is the psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme.[1] It has also been defined as "any act that influences a person to take an action that may or may not be in their best interests Social Engineering
Drive-by-Download Drive-by-Download is the unintended download of software, typically malicious software. The term "drive-by download" usually refers to a download which was authorized by a user without understanding what is being downloaded, such as in the case of a Trojan virus. In other cases, the term may simply refer to a download which occurs without a user's knowledge. Common types of files distributed in drive-by download attacks include computer viruses, spyware, or crimeware. Drive-by-Download
Watering Hole Attack Watering hole is a computer attack strategy in which an attacker guesses or observes which websites an organization often uses and infects one or more of them with malware. Eventually, some member of the targeted group will become infected. Hacks looking for specific information may only attack users coming from a specific IP address. This also makes the hacks harder to detect and research. The name is derived from predators in the natural world, who wait for an opportunity to attack their prey near watering holes. Watering Hole Attack
INTRODUCTION (E-COMMERCE)
E-COMMERCE E-Commerce refers to the buying and selling of products or services using the internet, and the transfer of money and data to complete these transactions. E-Commerce has revolutionized the way we shop and conduct business, allowing for convenient and fast transactions from anywhere in the world.
TYPES OF E-COMMERCE
Pros & Cons Pros Cons • Selling Internationally • Reduced cost • Keep an eye on consumer’s buying habit • A comprehensive description of product • Easy availability • Reviews and feedbacks • Internet access • Frauds and scams • Lack of personal touch • Privacy and security issue • Valuable products and items • Intense online competition
Cyber Security and E-commerce • Cyber security refers to the measures taken to protect the internet and electronic devices from unauthorized access and attacks. • As e-commerce relies heavily on the internet and electronic devices to conduct transactions, cyber security is a crucial aspect of e-commerce. • It involves protecting sensitive customer and financial information, preventing data breaches, and ensuring secure communications between parties. • Effective cyber security measures are essential in building trust and confidence among e-commerce customers.
IMPACTS OF CYBER ATTACKS ON E-COMMERCE
Impacts on E-Commerce Intellectual Property Disruption Supply Chain Disruption Operational disruption Financial Loss Reputation damage Sensitive Data Theft E-commerce sites are a significant target for cybercriminals because they store, process, and transmit large amounts of personal and financial data. A data breach can cause major business disruption and significant financial losses. Additionally, poor responses to cyber incidents can lead to a loss of customer trust, which is vital for online shopping businesses.
Financial Loss Reputation Damage Attacks like data breaches or ransomware can lead to financial losses due to stolen funds, legal fess, regulatory fines, and expenses for recovery and remediation Breaches can erode customer trust, leading to a loss of sales and long-term damage to the brand's reputation. Customers may avoid shopping on the affected platform due to concerns about security.
Data Theft Operational Disruption Cybercriminals may steal sensitive customer data such as payment information, leading to identity theft, financial fraud, and potential legal consequences for the eCommerce company. DDoS attacks or malware can disrupt website operations, causing downtime and loss of revenue during critical periods such as holidays or sales events
Intellectual Property Theft Supply Chain Disruption E-Commerce platforms may also face the theft of intellectual property, including product designs, algorithms, or proprietary software, impacting competitiveness and future innovation. Breaches can erode customer trust, leading to a loss of sales and long-term damage to the brand's reputation. Customers may avoid shopping on the affected platform due to concerns about security.
CASE STUDY 1 (CYBER ATTACKS)
26 Cyber Security Breach in a Financial Institution • A multinational FI, XYZ Bank • Cyber security breach due to phishing attack • Resulted into compromise of sensitive customer data XYZ
27 IMPACT Financial Loss legal fees ,regulatory fine, and compensating affected customers for fraud and identity theft. Reputation Damage loss of trust among customers, shareholders, and the general public. Regulatory Fallout Regulatory bodies imposed heavy fines, increased scrutiny and oversight. Operational Disruption Remediation efforts and investigations disrupted normal operations.
28 Enhanced Employee Training cyber security awareness training programs, educate them about phishing attacks, social engineering tactics. Multi-factor Authentication add an extra layer of security, reducing the risk of unauthorized access. Encryption and Data Protection end-to-end encryption for sensitive data both at rest and in transit. Regular Security Audits to identify vulnerabilities and weaknesses in the network infrastructure and applications. 28 Enhanced Employee Training cyber security awareness training programs, educate them about phishing attacks, social engineering tactics. Enhanced Employee Training cyber security awareness training programs, educate them about phishing attacks, social engineering tactics. Encryption and Data Protection end-to-end encryption for sensitive data both at rest and in transit. Regular Security Audits to identify vulnerabilities and weaknesses in the network infrastructure and applications. PROPOSED SOLUTION
29 Board-level Oversight cyber security committee at the board level to provide strategic direction for cyber security initiatives. Collaboration with Industry Peers collaboration with other FI to share threat intelligence and best practices for cyber security. Transparent Communication with customer, stakeholders regarding the breach, remediation efforts, and steps taken to prevent future incidents. Continuous Improvement evaluate and improve cyber security measures based on emerging threats, technological advancements. PERSONAL RECOMMENDATIONS
CYBERSECURITY MEASURES
INTEGRITY AUTHENCITY CONFIDENTIALITY NON-REPUDIATION APPLICATION SECURITY PRIVACY NETWORK SECURITY AUTHORIZATION It refers to the categories of security that e-commerce businesses need to consider to protect their website and customer information to ensure trust DIMENSIONS OF SECURITY MEASURES
Information Phase Negotiation Phase Delivery Phase Payment Phase PHASE – WISE SECURITY IN E-COMMERCE Transaction Phases • Confidentiality • Access Control • Integrity Checks • Security • Contract security • Digital Signatures • Encryption • Security • Data Leak • Secured Delivery • Integrity • Checks
MFA & STRONG PASSWORD IDS & DATA ENCRYPTION SOFTWARE UPDATES & BACKUPS EMPLOYEE TRAINING- VPN for WFH ANTIVIRUS , FIREWALLS & SSLs SECURITY AUDIT & RISK ASSESSMENT SECURITY MEASURES COMMON-ESSENTIAL MEASURES
LAYERS/TYPES OF SECURITY CYBER SECURITY THE EVOLUTION OF BUSINESSES AND OPPURTUNITIES “AI Kavach” - SHARK TANK SEASON 3 • NETWORK SECURITY • APPLICATION SECURITY • INFORMATION SECURITY • CLOUD SECURITY • IoT SECURITY • IDENTITY MANAGEMENT • ENDPOINT SECURITY • DATA SECURITY
Thank You

More Related Content

PPTX
Cyber security and its impact on E commerce
manigoyal112
 
PDF
Unit 3B.pdf
TuhinUtsabPaul
 
PPTX
Cyber security best practices power point presentation
AbcdEfg576575
 
PDF
Why is cyber security a disruption in the digital economy
Mark Albala
 
PPTX
Security Threats which security threat is any potential danger that can explo...
gargyashika2023
 
PPTX
What is Cyber & information security.pptx
amnamahfooz615
 
DOCX
THESIS-2(2)
Elsayed Muhammad
 
PPTX
cyber threats and attacks.pptx
sakshiyad2611
 
Cyber security and its impact on E commerce
manigoyal112
 
Unit 3B.pdf
TuhinUtsabPaul
 
Cyber security best practices power point presentation
AbcdEfg576575
 
Why is cyber security a disruption in the digital economy
Mark Albala
 
Security Threats which security threat is any potential danger that can explo...
gargyashika2023
 
What is Cyber & information security.pptx
amnamahfooz615
 
THESIS-2(2)
Elsayed Muhammad
 
cyber threats and attacks.pptx
sakshiyad2611
 

Similar to Lesson 3 - Cybersecurity and its impact to e-commerce (32).pptx (20)

DOCX
E commerce security 4
Anne ndolo
 
PDF
Cyber Ethics Notes.pdf
AnupmaMunshi
 
PDF
Cybersecurity
YellowSlice1
 
PDF
Cybersecurity Awareness: Protecting Data, Finance & Digital Identity
YellowSlice1
 
PDF
Cybersecurity 101: Protecting Data, Accounts, and Digital Assets in a Connect...
YellowSlice1
 
PPTX
Module 1Introduction to cyber security.pptx
Skippedltd
 
DOCX
Cyber Security.docx
TanushreeChakraborty27
 
PPT
Ec2009 ch10 e commerce security
Nuth Otanasap
 
PPTX
Cyber Security in detail PPT BY HIMANXU.pptx
himanshuratnama
 
PPTX
My presentation
Devashri Balinge
 
PPTX
Module 2_ Cyber offenses & Cybercrime.pptx
nikshaikh786
 
PPTX
Ecommerce security
politegcuf
 
PPTX
Cyber crime and Information Security.pptx
SAINATHYADAV11
 
PPTX
Important Notes
Usman Abdullah
 
PDF
Cyber Security
JamshidRaqi
 
PDF
Information Security
Madushan Sandaruwan
 
PPTX
Understanding Internet and Cyber Security Presentation .pptx
ShruthiVikas3
 
PPT
L N Yadav Cyber SECURITY.ppt
lowlesh1
 
PPT
L N Yadav Cyber SECURITY2.ppt
lowlesh1
 
PPTX
cyber security
NiharikaVoleti
 
E commerce security 4
Anne ndolo
 
Cyber Ethics Notes.pdf
AnupmaMunshi
 
Cybersecurity
YellowSlice1
 
Cybersecurity Awareness: Protecting Data, Finance & Digital Identity
YellowSlice1
 
Cybersecurity 101: Protecting Data, Accounts, and Digital Assets in a Connect...
YellowSlice1
 
Module 1Introduction to cyber security.pptx
Skippedltd
 
Cyber Security.docx
TanushreeChakraborty27
 
Ec2009 ch10 e commerce security
Nuth Otanasap
 
Cyber Security in detail PPT BY HIMANXU.pptx
himanshuratnama
 
My presentation
Devashri Balinge
 
Module 2_ Cyber offenses & Cybercrime.pptx
nikshaikh786
 
Ecommerce security
politegcuf
 
Cyber crime and Information Security.pptx
SAINATHYADAV11
 
Important Notes
Usman Abdullah
 
Cyber Security
JamshidRaqi
 
Information Security
Madushan Sandaruwan
 
Understanding Internet and Cyber Security Presentation .pptx
ShruthiVikas3
 
L N Yadav Cyber SECURITY.ppt
lowlesh1
 
L N Yadav Cyber SECURITY2.ppt
lowlesh1
 
cyber security
NiharikaVoleti
 
Ad

More from Omar Fernandez (9)

PPTX
Wk3_nonpreempt scheduling algorithms.pptx
Omar Fernandez
 
PPTX
Week1_Introduction to_Operating System - Part 1.pptx
Omar Fernandez
 
PPTX
Week1_Introduction to_Operating System - Part 2.pptx
Omar Fernandez
 
PDF
Lesson 2 - Installing Linux (Ubuntu).pdf
Omar Fernandez
 
PPTX
Lesson 2 - Intro to Remote access methods.pptx
Omar Fernandez
 
PPTX
Lesson 1 Introduction to networking.pptx
Omar Fernandez
 
PPTX
Lesson3 Taxonomy of Blockchain Systems (12).pptx
Omar Fernandez
 
PPTX
Lesson 1 ICT-in-the-Context-of-Global-Communication.pptx
Omar Fernandez
 
PPTX
Lesson 3 Online-System-Functions-And-Platforms - edited.pptx
Omar Fernandez
 
Wk3_nonpreempt scheduling algorithms.pptx
Omar Fernandez
 
Week1_Introduction to_Operating System - Part 1.pptx
Omar Fernandez
 
Week1_Introduction to_Operating System - Part 2.pptx
Omar Fernandez
 
Lesson 2 - Installing Linux (Ubuntu).pdf
Omar Fernandez
 
Lesson 2 - Intro to Remote access methods.pptx
Omar Fernandez
 
Lesson 1 Introduction to networking.pptx
Omar Fernandez
 
Lesson3 Taxonomy of Blockchain Systems (12).pptx
Omar Fernandez
 
Lesson 1 ICT-in-the-Context-of-Global-Communication.pptx
Omar Fernandez
 
Lesson 3 Online-System-Functions-And-Platforms - edited.pptx
Omar Fernandez
 
Ad

Recently uploaded (20)

PPTX
PLASMA AND ITS CONSTITUENTS 123.pptx
sweet2th18
 
PPTX
Unit 1 aayurveda and nutrition presentation
branstark0011
 
PPTX
4. Diagnosis and treatment planning in RPD.pptx
rakshasb
 
PDF
Lecture on Viruses: Structure, Classification, Replication, Effects on Cells,...
Miraj Khan
 
PDF
Kalaari-SaaS-Founder-Playbook-2024-Edition-.pdf
savannetflix
 
PPTX
2025 High Blood Pressure Guideline Slide Set.pptx
Ramesh Kumar
 
PPTX
Theoretical for class.pptxgshdhddhdhdhgd
MoybonKalif
 
PDF
Disorder of Endocrine system (1).pdfyyhyyyy
[email protected]
 
PDF
Fun with Grammar (Communicative Activities for the Azar Grammar Series)
JohanaWulandari2
 
PPTX
Power Point PR B.Inggris 12 Ed. 2019.pptx
FirdaFauziah14
 
DOCX
EDUCATIONAL ASSESSMENT ASSIGNMENT SEMESTER MAY 2025.docx
muhammadsyahir916
 
PDF
Review of Related Literature & Studies.pdf
Thelma Villaflores
 
PDF
African Communication Research: A review
AgathaMashindano1
 
PPTX
Neurological complocations of systemic disease
BisratAlex2
 
PDF
BSc-Zoology-02Sem-DrVijay-Comparative anatomy of vertebrates.pdf
ps6013234
 
PPTX
MMW-CHAPTER-1-final.pptx major Elementary Education
kimberlydespair4
 
PDF
Diabetes Mellitus , types , clinical picture, investigation and managment
AreenAManasrah
 
PDF
fundamentals-of-heat-and-mass-transfer-6th-edition_incropera.pdf
gloryjsingh
 
PDF
CAT 2024 VARC One - Shot Revision Marathon by Shabana.pptx.pdf
VaibhavBhardwaj394603
 
PPTX
principlesofmanagementsem1slides-131211060335-phpapp01 (1).ppt
Jeyasunitha
 
PLASMA AND ITS CONSTITUENTS 123.pptx
sweet2th18
 
Unit 1 aayurveda and nutrition presentation
branstark0011
 
4. Diagnosis and treatment planning in RPD.pptx
rakshasb
 
Lecture on Viruses: Structure, Classification, Replication, Effects on Cells,...
Miraj Khan
 
Kalaari-SaaS-Founder-Playbook-2024-Edition-.pdf
savannetflix
 
2025 High Blood Pressure Guideline Slide Set.pptx
Ramesh Kumar
 
Theoretical for class.pptxgshdhddhdhdhgd
MoybonKalif
 
Disorder of Endocrine system (1).pdfyyhyyyy
[email protected]
 
Fun with Grammar (Communicative Activities for the Azar Grammar Series)
JohanaWulandari2
 
Power Point PR B.Inggris 12 Ed. 2019.pptx
FirdaFauziah14
 
EDUCATIONAL ASSESSMENT ASSIGNMENT SEMESTER MAY 2025.docx
muhammadsyahir916
 
Review of Related Literature & Studies.pdf
Thelma Villaflores
 
African Communication Research: A review
AgathaMashindano1
 
Neurological complocations of systemic disease
BisratAlex2
 
BSc-Zoology-02Sem-DrVijay-Comparative anatomy of vertebrates.pdf
ps6013234
 
MMW-CHAPTER-1-final.pptx major Elementary Education
kimberlydespair4
 
Diabetes Mellitus , types , clinical picture, investigation and managment
AreenAManasrah
 
fundamentals-of-heat-and-mass-transfer-6th-edition_incropera.pdf
gloryjsingh
 
CAT 2024 VARC One - Shot Revision Marathon by Shabana.pptx.pdf
VaibhavBhardwaj394603
 
principlesofmanagementsem1slides-131211060335-phpapp01 (1).ppt
Jeyasunitha
 

Lesson 3 - Cybersecurity and its impact to e-commerce (32).pptx

  • 3. What is Cybersecurity ? Cybersecurity refers to the practice of protecting computer systems, networks, and data from unauthorized access, cyberattacks, theft, damage, or disruption. It involves a range of technologies, processes, and practices designed to safeguard digital information and ensure the confidentiality, integrity, and availability of data..
  • 4. Components of Cybersecurity Network security Application security Operational security Information security End-user education 01 02 03 04 05
  • 5. IMPORTANCE OF CYBERSECURITY Reputation Management Preservation of Privacy Business Continuity Financial security National Security Protection of data
  • 7. Ransomware Ransomware is a type of cryptovirological malware that permanently block access to the victim's personal data unless a ransom is paid. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them
  • 8. Malware Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy Malware
  • 9. Password Attack it’s a type of cyber attack where hackers attempt to access a file, folder, account, or computer secured with a password. It’s generally done with the help of software that expedites cracking or guessing passwords. Password attacks in cybersecurity require special techniques and software. If a hacker is close to you, they may try guessing your password using a combination of names, hobbies, essential years, or numbers Password Attack
  • 10. Keylogging Recording keystrokes entered by users on infected device to capture sensitive information, such as username, password, or credit card details, for malicious purpose. The term keylogger, or “keystroke logger,” is self-explanatory: Software that logs what you type on your keyboard. However, keyloggers can also enable cybercriminals to eavesdrop on you, watch you on your system camera, or listen over your smartphone’s microphone. Keylogging
  • 11. Phishing “Phishing” refers to an attempt to steal sensitive information, typically in the form of usernames, passwords, credit card numbers, bank account information or other important data in order to utilize or sell the stolen information. By masquerading as a reputable source with an enticing request, an attacker lures in the victim in order to trick them, similarly to how a fisherman uses bait to catch a fish. Phishing
  • 12. Social Engineering Social engineering is the psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme.[1] It has also been defined as "any act that influences a person to take an action that may or may not be in their best interests Social Engineering
  • 13. Drive-by-Download Drive-by-Download is the unintended download of software, typically malicious software. The term "drive-by download" usually refers to a download which was authorized by a user without understanding what is being downloaded, such as in the case of a Trojan virus. In other cases, the term may simply refer to a download which occurs without a user's knowledge. Common types of files distributed in drive-by download attacks include computer viruses, spyware, or crimeware. Drive-by-Download
  • 14. Watering Hole Attack Watering hole is a computer attack strategy in which an attacker guesses or observes which websites an organization often uses and infects one or more of them with malware. Eventually, some member of the targeted group will become infected. Hacks looking for specific information may only attack users coming from a specific IP address. This also makes the hacks harder to detect and research. The name is derived from predators in the natural world, who wait for an opportunity to attack their prey near watering holes. Watering Hole Attack
  • 16. E-COMMERCE E-Commerce refers to the buying and selling of products or services using the internet, and the transfer of money and data to complete these transactions. E-Commerce has revolutionized the way we shop and conduct business, allowing for convenient and fast transactions from anywhere in the world.
  • 18. Pros & Cons Pros Cons • Selling Internationally • Reduced cost • Keep an eye on consumer’s buying habit • A comprehensive description of product • Easy availability • Reviews and feedbacks • Internet access • Frauds and scams • Lack of personal touch • Privacy and security issue • Valuable products and items • Intense online competition
  • 19. Cyber Security and E-commerce • Cyber security refers to the measures taken to protect the internet and electronic devices from unauthorized access and attacks. • As e-commerce relies heavily on the internet and electronic devices to conduct transactions, cyber security is a crucial aspect of e-commerce. • It involves protecting sensitive customer and financial information, preventing data breaches, and ensuring secure communications between parties. • Effective cyber security measures are essential in building trust and confidence among e-commerce customers.
  • 21. Impacts on E-Commerce Intellectual Property Disruption Supply Chain Disruption Operational disruption Financial Loss Reputation damage Sensitive Data Theft E-commerce sites are a significant target for cybercriminals because they store, process, and transmit large amounts of personal and financial data. A data breach can cause major business disruption and significant financial losses. Additionally, poor responses to cyber incidents can lead to a loss of customer trust, which is vital for online shopping businesses.
  • 22. Financial Loss Reputation Damage Attacks like data breaches or ransomware can lead to financial losses due to stolen funds, legal fess, regulatory fines, and expenses for recovery and remediation Breaches can erode customer trust, leading to a loss of sales and long-term damage to the brand's reputation. Customers may avoid shopping on the affected platform due to concerns about security.
  • 23. Data Theft Operational Disruption Cybercriminals may steal sensitive customer data such as payment information, leading to identity theft, financial fraud, and potential legal consequences for the eCommerce company. DDoS attacks or malware can disrupt website operations, causing downtime and loss of revenue during critical periods such as holidays or sales events
  • 24. Intellectual Property Theft Supply Chain Disruption E-Commerce platforms may also face the theft of intellectual property, including product designs, algorithms, or proprietary software, impacting competitiveness and future innovation. Breaches can erode customer trust, leading to a loss of sales and long-term damage to the brand's reputation. Customers may avoid shopping on the affected platform due to concerns about security.
  • 26. 26 Cyber Security Breach in a Financial Institution • A multinational FI, XYZ Bank • Cyber security breach due to phishing attack • Resulted into compromise of sensitive customer data XYZ
  • 27. 27 IMPACT Financial Loss legal fees ,regulatory fine, and compensating affected customers for fraud and identity theft. Reputation Damage loss of trust among customers, shareholders, and the general public. Regulatory Fallout Regulatory bodies imposed heavy fines, increased scrutiny and oversight. Operational Disruption Remediation efforts and investigations disrupted normal operations.
  • 28. 28 Enhanced Employee Training cyber security awareness training programs, educate them about phishing attacks, social engineering tactics. Multi-factor Authentication add an extra layer of security, reducing the risk of unauthorized access. Encryption and Data Protection end-to-end encryption for sensitive data both at rest and in transit. Regular Security Audits to identify vulnerabilities and weaknesses in the network infrastructure and applications. 28 Enhanced Employee Training cyber security awareness training programs, educate them about phishing attacks, social engineering tactics. Enhanced Employee Training cyber security awareness training programs, educate them about phishing attacks, social engineering tactics. Encryption and Data Protection end-to-end encryption for sensitive data both at rest and in transit. Regular Security Audits to identify vulnerabilities and weaknesses in the network infrastructure and applications. PROPOSED SOLUTION
  • 29. 29 Board-level Oversight cyber security committee at the board level to provide strategic direction for cyber security initiatives. Collaboration with Industry Peers collaboration with other FI to share threat intelligence and best practices for cyber security. Transparent Communication with customer, stakeholders regarding the breach, remediation efforts, and steps taken to prevent future incidents. Continuous Improvement evaluate and improve cyber security measures based on emerging threats, technological advancements. PERSONAL RECOMMENDATIONS
  • 31. INTEGRITY AUTHENCITY CONFIDENTIALITY NON-REPUDIATION APPLICATION SECURITY PRIVACY NETWORK SECURITY AUTHORIZATION It refers to the categories of security that e-commerce businesses need to consider to protect their website and customer information to ensure trust DIMENSIONS OF SECURITY MEASURES
  • 32. Information Phase Negotiation Phase Delivery Phase Payment Phase PHASE – WISE SECURITY IN E-COMMERCE Transaction Phases • Confidentiality • Access Control • Integrity Checks • Security • Contract security • Digital Signatures • Encryption • Security • Data Leak • Secured Delivery • Integrity • Checks
  • 33. MFA & STRONG PASSWORD IDS & DATA ENCRYPTION SOFTWARE UPDATES & BACKUPS EMPLOYEE TRAINING- VPN for WFH ANTIVIRUS , FIREWALLS & SSLs SECURITY AUDIT & RISK ASSESSMENT SECURITY MEASURES COMMON-ESSENTIAL MEASURES
  • 34. LAYERS/TYPES OF SECURITY CYBER SECURITY THE EVOLUTION OF BUSINESSES AND OPPURTUNITIES “AI Kavach” - SHARK TANK SEASON 3 • NETWORK SECURITY • APPLICATION SECURITY • INFORMATION SECURITY • CLOUD SECURITY • IoT SECURITY • IDENTITY MANAGEMENT • ENDPOINT SECURITY • DATA SECURITY