Posts

GDPR (General Data Protection Regulation)

Image
What is GDPR? G DPR stands for General Data Protection Regulation, which is a regulation established by the European parliament in April 2016. Under this regulation, it describes how companies need to secure the details of the European citizens' private sensitive data. The Information Commissioner's Office (ICO) will take control of the GDPR and he will conduct penalties for the companies who violate this regulation.       Why it is important? C ountries like England, France, and Germany consider the privacy of individuals a major concern. They always try to protect the privacy of everyone. So, to do that they have introduced regulations like GDPR. This personally identifiable information are very sensitive and not handling this data properly, leads them to face a different kind of problems. GDPR covers all the European Union countries like Austria, Germany, France, Ireland, Finland, Netherlands .. etc. This GDPR only covers the privacy of the European citizens, but not the res

Introduction to Security Operation Center

Image
 What is SOC / CSOC?     S ome companies called it CSOC but most people have known it as SOC. This SOC word abbreviates as  Security Operation Center or when about CSOC it abbreviates as Cyber Security Operation Center.                                                      Figure 1 - Security operation Center        Why is SOC / CSOC? E verybody has a question why this type of center is maintained by the companies. The answer is to monitor all the incoming and outgoing data traffics, employees' activities, the behavior of the information systems and network to see whether are there any kind of vulnerabilities or suspicious activities are there. If there is something fishy, cyber security analysts need to report them to the liable authorities.  To find these vulnerabilities and other kinds of things employees of the security operation center need to follow different types of techniques, tools, and procedures. Among the techniques, some of them are threat hunting, penetration testing,

Threat Hunting

Image
  What is threat hunting? When we examine this term we can see that it is hunting to uncover the threats in the information system. But we need to add something to describe it properly. We can describe it as we hunt for threats by imagining a hypothesis that there is a threat to our information system and based on that we conduct the hunting by using numerous techniques and tools.                                                                   Figure 1 - threat hunting illustration Why threat hunting? We need to conduct these threat hunting activities regularly to uncover the possible security threats to our information system. Because there can be zero-day vulnerabilities also. After we have discovered any kind of threat, we need to inform them to the liable authorities who can take action and mitigate them. By following this procedure we can secure our information system and it is an important step for information security.                                                      Figu

Future trends of cryptography

Image
Where will be the cryptography after few decades? Not like in the past, modern technologies become modified very quickly. Because there are more resources to exploit in this era to make things change and modify according to the world's needs. And the whole of the world accepts that the country that has more new technological assets and people who can handle those new technologies are the key things to be a powerful country. Because of that, the same thing also will happen to cryptography. After the arrival of quantum computing, there will be a lot of changes in the computer fields. Since those quantum computers are the ones which very powerful and can go beyond any kinds of technological power now we have. So, according to those things the power of all the other assets should be modified, otherwise, there will be lots of problems. Hence there will be a new cryptography method that will be suitable for quantum computing and it will rock the world.   Elliptic Curve Cryptography (ECC

Modern cryptography

Image
  N owadays we are living in an era where we can’t trust the confidentiality, integrity, authentication, and non-repudiation of data when considering the history, where there is not much need of having security measurement for the data. And the risk of data security is higher than in the World War period. In the 1990s when the internet came for commercial purposes and the start of commercial transactions over the internet there was a need of having encryption and decryption methods for the sake of the safety of these transactions. So there were a lot of algorithms are developed by different people for encryption and decryption. But nowadays people heavily use the internet, therefore the need for encryption and decryption has a very high priority. So, we have to find more securable data communication methods. This is the modern cryptographic challenge we have to achieve. Modern cryptography and its challenges I f there are no more random numbers gets as the key of a one-time pad, th

Data Privacy

Image
  What is Privacy P rivacy is a need all of us have to have. But in the modern world, people do not care about their privacy when they using the internet and behaving. But most people do not have any idea about what is privacy and why we need privacy for our life. T hese days  it becomes a world-famous topic because of the modification of the Whatsapp privacy policy.  W e can define privacy as " the secureness of our private and sensitive information only with us by not allowing others to know, expose, observe, or reveal our secret and private things and stay free with public attention ". Privacy over the communication W hen we use the internet or tools connect with the internet we should pay more attention to the importance of privacy. Because the internet spread throughout the world, and if we lose our privacy by accidentally exposing something we do not want to expose, then it can affect our whole life and we have to face lots of embarrassing situations by others knowing o

World War Cryptography

Image
D uring the renaissance period, most of the cryptographic methods and new cryptographic concepts are invented by different people and it made a new chapter in cryptography. At that time these methods are good enough to protect secret messages, but after one or two decades these methods became unsafe. Because some cryptanalysts successfully found a way to break these methods. Although they broke these methods, the concept of these methods never vanished and these concepts were improved through new inventions. During the time period of World War, I and World War II the significance of cryptographic methods became very high. Because both parties want to grab the secret messages which were communicated between military high-rankers and the war field. So at that time, both parties pay more attention to invent more powerful cryptographic methods. Ultimately as a result of these conditions more powerful and more reliable cryptographic methods were invented which were difficult to break .  And