Week 1 Blog: Literature Review & Understanding Cybersecurity

Welcome back, everyone!

This week, I took my first deep dive into the world of cybersecurity by conducting a literature review. Since my project focuses on Adaptive Encryption Using AI, I needed to start by understanding the broader landscape of cybersecurity. This meant learning about the different types of cybersecurity, the threats they address, and how they relate to encryption.

Cybersecurity is an expansive field that encompasses a variety of strategies to protect digital systems from evolving threats. As I explored the literature, I identified key categories of cybersecurity, each playing a unique role in defending against cyberattacks:

The Different Types of Cybersecurity:

1. Network Security – Prevents unauthorized access to networks through firewalls, intrusion detection systems, and VPNs. This ensures that sensitive data traveling through a network remains protected from external threats.
2. Information Security – Protects data from breaches and leaks using encryption and access control mechanisms. Encryption methods, such as AES and RSA, play a crucial role in ensuring that only authorized individuals can access sensitive information.
3. Application Security – Secures software applications from vulnerabilities through secure coding and penetration testing. Many cyberattacks exploit weaknesses in software, so strengthening security at the application level is essential.
4. Cloud Security – Safeguards cloud infrastructure and services from cyber threats using identity and access management (IAM) and encryption techniques. As more data is stored in the cloud, ensuring that cloud-based environments remain secure is a growing priority.
5. Endpoint Security – Focuses on protecting user devices like computers, smartphones, and IoT devices from cyber threats. Malware and phishing attacks often target endpoints, making this an essential area of cybersecurity.
6. Operational Security – Ensures sensitive business processes and internal communications are secured against cyber risks. This involves monitoring user access and preventing data leaks within an organization.
7. Identity & Access Management (IAM) – Manages user authentication and authorization using multi-factor authentication (MFA) and role-based access controls. This helps ensure that only authorized individuals can access critical systems and data.
8. Critical Infrastructure Security – Secures essential systems like power grids and healthcare infrastructure from cyber threats. Attacks on critical infrastructure can have widespread consequences, making security in this area crucial.
9. IoT Security – Protects connected devices from attacks by ensuring firmware security and proper network segmentation. The rise of smart devices has introduced new vulnerabilities that need to be addressed.
10. Disaster Recovery & Business Continuity (DR/BC) – Develops strategies for recovering from cyber incidents and ensuring operational resilience. This ensures that businesses can quickly resume operations after a cyberattack.
11. Mobile Security – Protects smartphones and tablets from malware, phishing attacks, and unauthorized access. Mobile devices often contain sensitive personal and business data, making them valuable targets for attackers.
12. Zero Trust Security – Operates on the principle of “never trust, always verify,” enforcing strict access controls and continuous authentication. This model ensures that every user and device must prove their identity before accessing a system.

How This Ties Into My Project:

As I studied these different cybersecurity domains, I found that my project is most closely related to Information Security and Network Security. For my project, I want to mainly focus on these two types of cybersecurity domains, but also try to expand and adapt a bit more into some of the other domains that would be closely connected with my model. Encryption plays a significant role in protecting sensitive data from unauthorized access. However, cyber threats continue to evolve, and attackers are developing more advanced techniques to break encryption methods.

A key takeaway from my research was the importance of adaptive security models, systems that can analyze cyberattacks and adjust their defensive strategies accordingly. Many encryption methods operate on a fixed set of rules, which may not always be effective against newer attack patterns..

With a strong foundation in the different types of cybersecurity, I better understand the specifics and the domains in which I need to build my project in. My next step will be to start developing the basic model and using common cyberthreats as my dataset to build my model around.

This week’s research helped me build an understanding of how cybersecurity is structured and where my project fits into this broader landscape. Stay tuned for next week’s update, where I’ll dive deeper into AI applications in cybersecurity and begin the initial design phase of my encryption model!