Internet of Things (IoT)

 IoT stands for Internet of Things, a network of devices that are connected to the internet and can share data. IoT devices can be used in many different ways, including in homes, agriculture, and supply chains. 

Internet of Things, refers to the collective network of connected devices and the technology that facilitates communication between devices and the cloud, as well as between the devices themselves.

Internet of Things (IoT) technology has a wide range of applications and the use of the Internet of Things is growing so faster. It is the networking of physical objects that contain electronics embedded within their architecture to communicate and sense interactions amongst each other or to the external environment.

Architecture of IoT

The architecture of IoT is divided into 4 different layers i.e. Sensing Layer, Network Layer, Data processing Layer, and Application Layer. 

Sensing Layer: The sensing layer is the first layer of the Internet of Things architecture and is responsible for collecting data from different sources. This layer includes sensors and actuators that are placed in the environment to gather information about temperature, humidity, light, sound, and other physical parameters. Wired or wireless communication protocols connect these devices to the network layer.

Network Layer: The network layer of an IoT architecture is responsible for providing communication and connectivity between devices in the IoT system. It includes protocols and technologies that enable devices to connect and communicate with each other and with the wider internet. Examples of network technologies that are commonly used in IoT include WiFi, Bluetooth, Zigbee, and cellular networks such as 4G and 5G technology. Additionally, the network layer may include gateways and routers that act as intermediaries between devices and the wider internet, and may also include security features such as encryption and authentication to protect against unauthorized access.

Data processing Layer: The data processing layer of IoT architecture refers to the software and hardware components that are responsible for collecting, analyzing, and interpreting data from IoT devices. This layer is responsible for receiving raw data from the devices, processing it, and making it available for further analysis or action. The data processing layer includes a variety of technologies and tools, such as data management systems, analytics platforms, and machine learning algorithms. These tools are used to extract meaningful insights from the data and make decisions based on that data. Example of a technology used in the data processing layer is a data lake, which is a centralized repository for storing raw data from IoT devices.

Application Layer: The application layer of IoT architecture is the topmost layer that interacts directly with the end-user. It is responsible for providing user-friendly interfaces and functionalities that enable users to access and control IoT devices. This layer includes various software and applications such as mobile apps, web portals, and other user interfaces that are designed to interact with the underlying IoT infrastructure. It also includes middleware services that allow different IoT devices and systems to communicate and share data seamlessly. The application layer also includes analytics and processing capabilities that allow data to be analyzed and transformed into meaningful insights. This can include machine learning algorithms, data visualization tools, and other advanced analytics capabilities.

Why is IoT important?

Improved efficiency

By using IoT devices to automate and optimize processes, businesses can improve efficiency and productivity. For example, IoT sensors can be used to monitor equipment performance and detect or even resolve potential issues before they cause downtime, reducing maintenance costs and improving uptime.

Data-driven decision-making

IoT devices generate vast amounts of data that can be used to make better-informed business decisions and new business models. By analyzing this data, businesses can gain insights into customer behavior, market trends, and operational performance, allowing them to make more informed decisions about strategy, product development, and resource allocation.

Cost-savings

By reducing manual processes and automating repetitive tasks, IoT can help businesses reduce costs and improve profitability. For example, IoT devices can be used to monitor energy usage and optimize consumption, reducing energy costs and improving sustainability.

Enhanced customer experience

By using IoT technology to gather data about customer behavior, businesses can create more personalized and engaging experiences for their customers. For example, retailers can use IoT sensors to track customer movements in stores and deliver personalized offers based on their behavior.

Technologies that make IoT possible:

Sensors and actuators: Sensors are devices that can detect changes in the environment, such as temperature, humidity, light, motion, or pressure. Actuators are devices that can cause physical changes in the environment, such as opening or closing a valve or turning on a motor. These devices are at the heart of IoT, as they allow machines and devices to interact with the physical world. Automation is possible when sensors and actuators work to resolve issues without human intervention.

Connectivity technologies: To transmit IoT data from sensors and actuators to the cloud, IoT devices need to be connected to the internet. There are several connectivity technologies that are used in IoT, including wifi, Bluetooth, cellular, Zigbee, and LoRaWAN.

Cloud computing: The cloud is where the vast amounts of data that is generated by IoT devices are stored, processed, and analyzed. Cloud computing platforms provide the infrastructure and tools that are needed to store and analyze this data, as well as to build and deploy IoT applications.

Big data analytics: To make sense of the vast amounts of data generated by IoT devices, businesses need to use advanced analytics tools to extract insights and identify patterns. These tools can include machine learning algorithms, data visualization tools and predictive analytics models.

Security and privacy technologies: As IoT deployments become more widespread, IoT security and privacy become increasingly important. Technologies such as encryption, access controls and intrusion detection systems are used to protect IoT devices and the data they generate from cyberthreats.

Characteristics of IoT

• Massively scalable and efficient
• IP-based addressing will no longer be suitable in the upcoming future.
• An abundance of physical objects is present that do not use IP, so IoT is made possible.
• Devices typically consume less power. When not in use, they should be automatically programmed to sleep.
• A device that is connected to another device right now may not be connected in another instant of time.
• Intermittent connectivity – IoT devices aren’t always connected. In order to save bandwidth and battery consumption, devices will be powered off periodically when not in use. Otherwise, connections might turn unreliable and thus prove to be inefficient.

Advantages of IoT

• Improved efficiency and automation of tasks.
• Increased convenience and accessibility of information.
• Better monitoring and control of devices and systems.
• Greater ability to gather and analyze data.
• Improved decision-making.
• Cost savings.

Disadvantages of IoT

• Security concerns and potential for hacking or data breaches.
• Privacy issues related to the collection and use of personal data.
• Dependence on technology and potential for system failures.
• Limited standardization and interoperability among devices.
• Complexity and increased maintenance requirements.
• High initial investment costs.
• Limited battery life on some devices.

Examples of IoT applications

Healthcare

In the healthcare industry, IoT devices can be used to monitor patients remotely and collect real-time data on their vital signs, such as heart rate, blood pressure and oxygen saturation. This sensor data can be analyzed to detect patterns and identify potential health issues before they become more serious. IoT devices can also be used to track medical equipment, manage inventory and monitor medication compliance.

Manufacturing

Industrial IoT devices can be used in manufacturing to monitor machine performance, detect equipment failures and optimize production processes. For example, sensors can be used to monitor the temperature and humidity in a manufacturing facility, ensuring that conditions are optimal for the production of sensitive products. IoT devices can also be used to track inventory, manage supply chains and monitor the quality of finished products. Industrial IoT is such an expansive new technology space, that it is sometimes referred to by its own abbreviation: IIoT (Industrial IoT). 

Retail

In the retail industry, IoT devices can be used to track customer behavior, monitor inventory levels and optimize store layouts. For example, sensors can be used to track foot traffic in a store and analyze customer behavior, allowing retailers to optimize product placement and improve the customer experience. IoT devices can also be used to monitor supply chains, track shipments and manage inventory levels.

Agriculture

IoT devices can be used in agriculture to monitor soil conditions, weather patterns and crop growth. For example, sensors can be used to measure the moisture content of soil, ensuring that crops are irrigated at the optimal time. IoT devices can also be used to monitor livestock health, track equipment and manage supply chains. Low-power or solar-powered devices can often be used with minimal oversight in remote locations.

Transportation

In the transportation industry, IoT devices can be used to monitor vehicle performance, optimize routes, and track shipments. For example, sensors can be used to monitor the fuel efficiency of connected cars, reducing fuel costs and improving sustainability. IoT devices can also be used to monitor the condition of cargo, ensuring that it arrives at its destination in optimal condition.

future of IoT

Growth: The number of IoT devices is expected to continue to grow rapidly, with estimates suggesting that there will be tens of billion IoT devices in use over the next few years. This growth will be driven by increased adoption across industries, as well as the development of new use cases and applications.

Edge computing: Edge computing is becoming increasingly important for IoT, as it allows data to be processed and analyzed closer to the source of the data, rather than in a centralized data center. This can improve response times, reduce latency and reduce the amount of data that needs to be transferred over IoT networks.

Artificial intelligence and machine learning: AI and machine learning are becoming increasingly important for IoT, as they can be used to analyze vast amounts of data that is generated by IoT devices and extract meaningful insights. This can help businesses make more informed decisions and optimize their operations.

Blockchain: Blockchain technology is being explored as a way to improve security and privacy in the IoT. Blockchain can be used to create secure, decentralized networks for IoT devices, which can minimize data security vulnerabilities.

Sustainability: Sustainability is becoming an increasingly important consideration for IoT, as businesses look for ways to reduce their environmental impact. IoT can be used to optimize energy usage, reduce waste and improve sustainability across a range of industries.

Web development

 Web development is the process of creating websites and applications for the World Wide Web. It involves designing, building, testing, and maintaining websites. 

Types of web development

1. Front-end development
2. Back-end development
3. Full-stack development

Front-end development

The part of a website where the user interacts directly is termed as front end. This involves designing the structure, layout, and behavior of the website It is also referred to as the ‘client side’ of the application.

The part of the website that users see and interact with. This includes designing the layout, structure, and behavior of the website. 

Frontend Technologies

1. HTML: HTML stands for HyperText Markup Language. It is used to design the front end portion of web pages using markup language. It acts as a skeleton for a website since it is used to make the structure of a website.
2. CSS: Cascading Style Sheets fondly referred to as CSS is a simply designed language intended to simplify the process of making web pages presentable. It is used to style our website.
3. JavaScript: JavaScript is a scripting language used to provide a dynamic behavior to our website.
4. Bootstrap: Bootstrap is a free and open-source tool collection for creating responsive websites and web applications. It is the most popular CSS framework for developing responsive, mobile-first websites. Nowadays, the websites are perfect for all browsers (IE, Firefox, and Chrome) and for all sizes of screens (Desktop, Tablets, Phablets, and Phones).

Frontend Frameworks

• React.js : A popular JavaScript library for building dynamic, component-based user interfaces.
• Angular : A full-fledged framework for building single-page applications (SPAs), with features like two-way data binding and dependency injection.
• Vue.js : A progressive JavaScript framework that is flexible and can be used for building both simple and complex user interfaces.

Back-end development

The server-side software that focuses on what users can't see on the website. This includes databases, application programming interfaces (APIs), and architecture. 

The Backbone of the Web. Backend is the server side of a website. It is part of the website that users cannot see and interact with. It is the portion of software that does not come in direct contact with the users. It is used to store and arrange data.

Server-side Programming Languages-

• PHP: PHP is a server-side scripting language designed specifically for web development.
• Java: Java is one of the most popular and widely used programming languages. It is highly scalable.
• Python: Python is a programming language that lets you work quickly and integrate systems more efficiently.
• Node.js: Node.js is an open source and cross-platform runtime environment for executing JavaScript code outside a browser.
• Ruby: Ruby is a dynamic, reflective, object-oriented, general-purpose programming language.
• C# : C# is a high-level, general-purpose programming language developed by Microsoft.

Databases

1. MySQL
2. PostgreSQL
3. MongoDB
4. MariaDB
5. SQLite

Full-stack development

The practice of designing, building, and maintaining the entire software stack of a web application. This includes both the front-end and back-end components. 

Full-stack development refers to the practice of developing both the frontend and backend of a website or web application. Full-stack developers have a deep understanding of both areas and can build end-to-end solutions.

Full Stack Technologies:

• MERN Stack : MongoDB, Express.js, React, Node.js
• MEAN Stack : MongoDB, Express.js, Angular, Node.js
• JAMstack : JavaScript, APIs, Markup
• Django Stack : Django, MySQL/PostgreSQL, HTML/CSS/JavaScript
• Spring Boot Stack : Spring Boot, MySQL/PostgreSQL, Java
• LAMP Stack : Linux, Apache, MySQL, PHP
• LEMP Stack : Linux, Engine-X, MySQL, PHP

Web development life cycle 

1. Gathering information
2. Planning
3. Design and layout
4. Content creation
5. Development
6. Testing, review, and launch
7. Maintenance and updation

Databases-

1. Relational Database : 

RDBMS stands for Relational Database Management Systems. It is most popular database. In it, data is store in the form of row that is in the form of tuple. It contain numbers of table and data can be easily accessed because data is store in the table. This Model was proposed by E.F. Codd. 

A relational database is a way of storing and organizing data that emphasizes precision and interconnection. Imagine it as a well-organized filing cabinet, where each drawer (table) holds neatly filed records (rows) categorized by specific information (columns).

These tables are the building blocks of a relational database. Each one represents a different type of data, like customer information or product details, and every row in a table is a distinct record with its own unique identifier.

What truly sets relational databases apart is their reliance on Structured Query Language (SQL), a powerful tool for interacting with the stored data. Imagine SQL as the librarian who knows exactly where every piece of information resides.

With SQL, users can execute complex queries, update data, and even manage access to the database. This combination of structured storage and robust querying makes relational databases a reliable choice for scenarios where data integrity and accuracy are paramount, such as financial transactions or inventory management.

2. NoSQL : 

NoSQL Database stands for a non-SQL database. NoSQL database doesn’t use table to store the data like relational database. It is used for storing and fetching the data in database and generally used to store the large amount of data. It supports query language and provides better performance.

NoSQL especially in scenarios where data is vast, varied, and rapidly changing. Imagine a toolset where each tool is specialized for a particular task — NoSQL offers this level of specialization in data management.

It handles various data formats, from documents and key-value pairs to complex graphs, making it ideal for applications dealing with unstructured or semi-structured data, like content management systems or big data analytics. At its core, NoSQL prioritizes speed and flexibility, sometimes at the expense of the strict consistency that relational databases uphold.

It’s particularly effective in environments where quick access to data is crucial, and the data structure may evolve over time. This makes NoSQL an appealing choice for emerging tech landscapes, where agility and the ability to process massive amounts of data quickly are key drivers of success.

Cyber Attack

 

A cyber attack is the process of attempting to steal data or gaining unauthorized access to computers and networks using one or more computers. A cyber attack is often the first step an attacker takes in gaining unauthorized access to individual or business computers or networks before carrying out a data breach.

Cyber criminals use a range of methods and techniques to gain unauthorized access to computers, data, and networks and steal sensitive information.

A cyber attack is any type of offensive action that targets computer information systems, infrastructures, computer networks or personal computer devices, using various methods to steal, alter or destroy data or information systems

The goal of a cyber attack is either to disable the target computer and take it offline or gain access to the computer’s data and infiltrate connected networks and systems. Cyber attacks also differ broadly in their sophistication, with cyber criminals launching both random and targeted attacks on businesses. Attackers deploy a wide range of methods to begin a cyber attack, such as denial of service, malware, phishing, and ransomware.

An example is CMA CGM, one of the largest container shipping companies in the world. The firm suffered a cyber attack that originally targeted its servers, which then led to a data breach. The September 2020 attack occurred as malware was used to target the firm’s peripheral servers, which led to CMA CGM taking down access to its online services.

Malware: A company does not take the appropriate cyber attack prevention steps and allows its employees to visit any website they like. An employee goes to a fake site that automatically downloads malware onto their computer. The malware sets up a backdoor for a future ransomware attack.

Phishing: A phishing email, one of the most common cyber attack types, gets sent to an employee telling them they need to update their bank account password. They are led to a fake site, and a hacker collects all the information they put in.

These cyber attack examples are fairly simple not the sophisticated types some criminal syndicates unleash but they are still some of the most common methods malicious actors use to exploit companies and their employees.

Types of cyber attacks

1. Malware

Malware is malicious software designed to cause damage to computers, networks, and servers. There are different forms of malware, including Trojans, viruses, and worms, and they all reproduce and spread through a computer or network. This allows the hacker to gain deeper access into the target network to steal data, cause damage to devices, render networks inoperable, or take control of systems.

• Trojans :- A Trojan or a Trojan horse is a program that hides in a useful program and usually has a malicious function. A major difference between viruses and Trojans is that Trojans do not self-replicate. In addition to launching attacks on a system, a Trojan can establish a back door that can be exploited by attackers. For example, a Trojan can be programmed to open a high-numbered port so the hacker can use it to listen and then perform an attack. 
•  Logic bombs :- A logic bomb is a type of malicious software that is appended to an application and is triggered by a specific occurrence, such as a logical condition or a specific date and time. 
• Worms :- Worms differ from viruses in that they do not attach to a host file, but are self contained programs that propagate across networks and computers. Worms are commonly spread through email attachments; opening the attachment activates the worm program. A typical worm exploit involves the worm sending a copy of itself to every contact in an  infected computer’s email address In addition to conducting malicious activities, a worm spreading across the internet and overloading email servers can result in denial-of-service attacks against nodes on the network. 
• Droppers :- A dropper is a program used to install viruses on computers. In many instances, the dropper is not infected with malicious code and, therefore might not be detected by virus-scanning software. A dropper can also connect to the internet and download updates to virus software that is resident on a compromised system. 
• Ransomware :- Ransomware is a type of malware that blocks access to the victim’s data and threatens to publish or delete it unless a ransom is paid. While some simple computer ransomware can lock the system in a way that is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called crypto viral extortion, which encrypts the victim’s files in a way that makes them nearly impossible to recover without the decryption key.
• Adware :- Adware is a software application used by companies for marketing purposes; advertising banners are displayed while any program is running. Adware can be automatically downloaded to your system while browsing any website and can be viewed through pop-up windows or through a bar that appears on the computer screen automatically. 
• Spyware :- Spyware is a type of program that is installed to collect information about users, their computers or their browsing habits. It tracks everything you do without your knowledge and sends the data to a remote user. It also can download and install other malicious programs from the internet. Spyware works like adware but is usually a separate program that is installed unknowingly when you install another freeware application. 

2. Phishing

A phishing attack tricks a target into downloading malware or entering sensitive information into spoofed websites. These cyber attack methods are typically launched via email, with the attacker creating messages that look legitimate and may appear to be from a trusted sender. However, they will contain malware within an attachment or a malicious hyperlink that takes the recipient to a fake website that asks them to enter their login credentials or banking details.

Some phishing attacks take a blanket approach to try and catch as many victims as possible, but others are highly targeted and carefully researched to steal data from valuable individuals. Phishing is not restricted to email, however, as attacks are increasingly targeting mobile devices.

3. Ransomware

Ransomware attacks are a financially fueled form of malware attack. Attackers send messages containing a malicious attachment that, when downloaded, encrypts specific data and files or entire computers. The attacker will then demand a ransom fee from the victim and will only release or restore access to the data upon payment.

Ransomware attacks accounted for $8 billion of damage in 2018, of which only $1 billion came from ransom payments, and the rest was from reputational damage and lost revenue caused by downtime.

4. Denial of Service (DoS)

A denial-of-service (DoS) attack is designed to prevent online services from working efficiently, also known as a brute-force attack. It is typically caused by an attacker flooding a website with huge amounts of traffic or requests, in an attempt to overwhelm its systems and take them offline. A more advanced DoS form is a distributed denial-of-service (DDoS) attack, through which an attacker takes control of several computers to overload its target.

5. Man-in-the-Middle (MITM)

MITM attacks enable a malicious actor to position themselves between the target victim and an online service the user accesses. An example of this is an attacker creating a spoofed, free-to-access Wi-Fi network. When the user connects to or signs in to the network, the attacker can steal the login credentials and data they use while on it.

6. Cryptojacking

A cryptojacking attack occurs when a bad actor takes control of a computer, mobile device, or server to mine for online currency or cryptocurrency. The attack either begins with malware being installed on a computer or by running code in JavaScript to infiltrate the user’s browser.

Cryptojacking is financially motivated, and the method is designed to remain hidden from the target while using their computing resources to mine cryptocurrency. Often, the only sign of cryptojacking is a loss or reduction in computer performance or overactive cooling fans.

7. SQL injection

Attackers use Structured Query Language (SQL) injection to exploit vulnerabilities and seize control of a database. Many websites and web applications store data in SQL and use it to share user data with databases. If an attacker spots a vulnerability in a webpage, they can perform an SQL injection to discover user credentials and mount a cyber attack.

In some cases, they may be able to alter and add data within a database, delete records, transfer money, and even attack internal networks.

8. Zero-day exploits

Zero-day attacks target vulnerabilities in software code that businesses have not yet discovered, and as a result, have not been able to fix or patch. Once an attacker spots a code vulnerability, they create an exploit that enables them to infiltrate the business before it realizes there is a problem. They are then free to collect data, steal user credentials, and enhance their access rights within an organization.

Attackers can often remain active within business systems without being noticed for months and even years. Zero-day vulnerability exploit techniques are commonly available on the dark web, often for purchase by government agencies to use for hacking purposes.

9. DNS tunneling

DNS tunneling is a cyber attack method that targets the Domain Name System (DNS), a protocol that translates web addresses into Internet Protocol (IP) addresses. DNS is widely trusted, and because it is not intended for transferring data, it is often not monitored for malicious activity. This makes it an effective target to launch cyber attacks against corporate networks.

One such method is DNS tunneling, which exploits the DNS to tunnel malicious data and malware. It begins with an attacker registering a domain with the name server pointing to the attacker’s server, which has a tunneling malware program installed on it. The attacker infiltrates a computer and is free to send DNS requests through their server, which establishes a tunnel they can use to steal data and other malicious activity.

Cyber Security

 Cyber Security is the protection of internet-connected systems, including hardware, software and data, from cyber attacks.

In a computing context, security comprises Cyber Security and physical security  both are used by enterprises to protect against unauthorized access to data centers and other computerized systems. 

Information security, which is designed to maintain the confidentiality, integrity and availability of data, is a subset of Cyber Security.

Elements of Cyber Security

•  Application security: Application security is the use of software, hardware, and procedural methods to protect applications from external threats.
•  Information security: Information security is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Information security responsibilities include establishing a set of business processes that will protect information assets regardless of how the information is formatted or whether it is in transit, is being processed or is at rest in storage.
•  Network security: Network security is any activity designed to protect the usability and integrity of your network and data. It includes both hardware and software technologies. Effective network security manages access to the network. It targets a variety of threats and stops them from entering or spreading on your network.
• Disaster recovery/business continuity planning: A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue operating during an unplanned event.
• Operational security: OPSEC (operational security) is an analytical process that classifies information assets and determines the controls required to protect these assets.
• End-user education: Not educating your end-users in cybersecurity initiatives is like trying to keep a flood at bay using a screen door. Your end-users are the first line of defense against cybersecurity attacks (like phishing scams).

Types of Cyber Security threats:

The process of keeping up with new technologies, security trends and threat intelligence is a challenging task. However, it's necessary in order to protect information and other assets from cyberthreats, which take many forms.

➢ Ransomware is a type of malware that involves an attacker locking the victim's computer system files typically through encryption  and demanding a payment to decrypt and unlock them.

➢ Malware is any file or program used to harm a computer user, such as worms, computer viruses, Trojan horses and spyware.

➢ Social engineering is an attack that relies on human interaction to trick users into breaking security procedures in order to gain sensitive information that is typically protected.

➢ Phishing is a form of fraud where fraudulent emails are sent that resemble emails from reputable sources; however, the intention of these emails is to steal sensitive data, such as credit card or login information.

What Cyber Security can prevent?

The use of Cyber Security can help prevent cyber attacks, data breaches and identity theft and can aid in risk management. When an organization has a strong sense of network security and an effective incident response plan, it is better able to prevent and mitigate these attacks. For example, end user protection defends information and guards against loss or theft while also scanning computers for malicious code.

Challenges in Cybersecurity and trends:

1. Ransomware Evolution
Ransomware is the bane of cybersecurity, IT, data professionals, and executives.
Perhaps nothing is worse than a spreading virus that latches onto customer and business 
information that can only be removed if you meet the cybercriminal’s egregious demands. And 
usually, those demands land in the hundreds of thousands (if not millions) of dollars.
Ransomware attacks are one of the areas of cybercrime growing the fastest, too. The number of 
attacks has risen 36 percent this year.

2. AI Expansion
Robots might be able to help defend against incoming cyber-attacks.
Between 2016 and 2025, businesses will spend almost $2.5 billion on artificial intelligence to 
prevent cyberattacks.

3. IoT Threats
The vast majority of humans in first-world countries have an iPhone in their pockets, a computer at 
work, a television at home, and a tablet in their cars.
The Internet of Things is making sure that every single device you own is connected. Your 
refrigerator can tell you when the milk runs out. Alexa can order you a pizza.
Of course, all of that connection carries with it massive benefits, which is what makes it so appealing 
in the first place. You no longer have to log in on multiple devices. You can easily control your TV 
with your phone. And you might even be able to control your at-home thermostat from other digital 
devices.
The problem is that all of that interconnectedness makes consumers highly susceptible to 
cyberattacks. In fact, one study revealed that 70 percent of IoT devices have serious security 
vulnerabilities.
Specifically, insecure web interfaces and data transfers, insufficient authentication methods, and a 
lack of consumer security knowledge leave users open to attacks.
And that truth is compounded by the fact that so many consumer devices are now interconnected. 
In other words, if you access one device, you’ve accessed them all. Evidently, with more convenience 
comes more risk.
That’s a risk that security professionals need to be prepared to face by integrating password 
requirements, user verification, time-out sessions, two-factor authentication, and other 
sophisticated security protocols.

4. Blockchain Revolution
2017 ended with a spectacular rise in the valuation and popularity of crypto currencies like Bitcoin 
and Ethereum. These crypto currencies are built upon blockchains, the technical innovation at the 
core of the revolution, a decentralized and secure record of transactions. 
What does blockchain technology have to do with cybersecurity?
It's a question that security professionals have only just started asking. As 2018 progresses, you'll 
likely see more people with answers.
While it's difficult to predict what other developments blockchain systems will offer in regards to 
cybersecurity, professionals can make some educated guesses. Companies are targeting a range of 
use cases which the blockchain helps enable from medical records management, to decentralized 
access control, to identity management. As the application and utility of blockchain in a 
cybersecurity context emerges, there will be a healthy tension but also complementary integrations 
with traditional, proven, cybersecurity approaches. You will undoubtedly see variations in 
approaches between public & private blockchains.
One thing's for sure, though. With blockchain technology, cybersecurity will likely look much 
different than it has in the past.

5. Serverless Apps Vulnerability
Serverless apps can invite cyber-attacks.
Customer information is particularly at risk when users access your application off-server  or 
locally  on their device.