Summary of "Introduction - Part 01 - Prof. Saji K Mathew"

Summary of "Introduction - Part 01 - Prof. Saji K Mathew" (Cyber Security and Privacy Course)

Main Ideas and Concepts:

Course Introduction and Objectives:
- The session serves as an icebreaker and introduction to the course on Cyber Security and Privacy.
- The instructor outlines what will be covered and what is expected from students.
- Emphasis on motivating students about the importance of cyber security and privacy.
Importance of Cyber Security and Privacy:
- Cyber security and privacy are critical concerns for all managers, regardless of their domain.
- Understanding why cyber security matters is essential for practicing managers.
- The course will explore the relationship and intersection between cyber security (protecting systems and data) and privacy (control over personal data disclosure).
Definitions and Key Terms:
- Cyber Security: Focuses on vulnerability management, protection of computer networks, systems, and data from unauthorized access.
- Privacy: Concerns individual control over personal data and what is disclosed.
- The interface between cyber security and privacy is a significant topic of study.
Real-World Examples and Motivation:
- The instructor shares personal experiences and real incidents to highlight cyber security threats:
  - Spear Phishing Email Example: An email impersonating a high-ranking official (Director of IIT Madras) sent from a suspicious Gmail account, demonstrating social engineering attacks.
  - Importance of verifying sender identity and email authenticity.
- Phishing and Spear Phishing:
  - Phishing involves fraudulent attempts to obtain sensitive information.
  - Spear Phishing is a targeted form using background information to increase success.
- Fake Website Example: A fraudulent link mimicking the State Bank of India’s login page used to steal credentials.
- Ransomware Attacks:
  - Attackers encrypt victim’s data and demand ransom for release.
  - Example of Ransomware attack on POS systems in retail stores causing business disruption.
  - Chennai Corporation’s refusal to pay ransom due to outdated systems.
- Healthcare Data Breach:
  - Attack on a medical institute’s servers, raising concerns about unauthorized access to sensitive health data.
  - Highlighted the importance of healthcare data protection (e.g., HIPAA in the U.S.).
Broader Context and Cyber Security Landscape:
- Cyber attacks affect diverse sectors: manufacturing, healthcare, government.
- Daily news reports indicate growing frequency and sophistication of cyber threats.
- Digital transformation brings both benefits (economic growth) and risks (cyber threats).
- The cyber world includes both “good” actors and “bad” actors exploiting vulnerabilities.
- Statistics show 91% of organizations experience at least one cyber incident annually.
- Cyber security is becoming a top priority for organizational leadership.

Methodology / Instructions Presented:

When receiving suspicious emails:
- Always verify the sender’s email address/domain.
- Look for inconsistencies in language and tone (e.g., overly personal or unprofessional phrasing).
- Do not respond immediately or provide sensitive information.
When receiving links for login or verification:
- Check the URL carefully to ensure it is the legitimate website.
- Avoid clicking on suspicious links or providing credentials on unverified sites.
Understand different types of cyber attacks:
- Phishing and Spear Phishing (targeted social engineering).
- Ransomware (data encryption and ransom demand).
- Denial of Service attacks (briefly mentioned for future discussion).
Stay informed about recent cyber incidents to understand evolving threats.
Recognize the importance of keeping systems updated to reduce vulnerabilities.

Speakers / Sources Featured:

Prof. Saji K Mathew – Course instructor delivering the lecture.
Reference to Professor Bhaskar Ramamurthy – Former Director of IIT Madras, mentioned in the phishing email example.
General references to cyber security incidents reported in Indian newspapers and global news media.

This introduction sets the stage for a comprehensive study of cyber security and privacy by combining theoretical understanding with practical real-world examples to underscore the critical relevance of the topic today.