Cybersecurity and Data Power
10 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Federated identity management allows users to use different identification credentials to access different enterprise networks.

False

TDoS attacks use emails to overload a target network.

False

The next generation 911 call centers are vulnerable because they use traditional landlines.

False

In the early days of cybersecurity, countries were well-equipped to defend against cyberattacks.

<p>False</p> Signup and view all the answers

Cybersecurity threats are no longer a major concern for national and economic security.

<p>False</p> Signup and view all the answers

Sophisticated attacks often choose targets with stronger defenses.

<p>False</p> Signup and view all the answers

Federated identity management allows users to access multiple enterprise networks with different identification credentials.

<p>False</p> Signup and view all the answers

Telephone denial of service attacks use emails to overload a target network.

<p>False</p> Signup and view all the answers

The next generation 911 call centers are less vulnerable to cyberattacks because they use Voice-over-IP systems.

<p>False</p> Signup and view all the answers

Cybersecurity threats have become less of a concern for national and economic security in recent years.

<p>False</p> Signup and view all the answers

Study Notes

Cybersecurity and Data Power

  • Great businesses have been created by collecting and harnessing the power of data and data analytics.
  • These businesses have the responsibility to protect this data from misuse and unauthorized access.
  • The growth of data has created great opportunities for cybersecurity specialists.

Cybersecurity Domains

  • Cyber experts now have the technology to track worldwide weather trends, monitor the oceans, and track the movement and behavior of people, animals, and objects in real-time.
  • New technologies, such as Geospatial Information Systems (GIS) and the Internet of Everything (IoE), have emerged.
  • These technologies depend on collecting and analyzing tremendous amounts of data.

Cybersecurity Criminals

  • Hackers can be categorized into three types:
    • White hat attackers: break into networks or computer systems to discover weaknesses and improve security.
    • Gray hat attackers: may find a vulnerability and report it to the owners of the system if it coincides with their agenda.
    • Black hat attackers: unethical criminals who violate computer and network security for personal gain or malicious reasons.

Cybersecurity Criminals (Cont.)

  • Script Kiddies: teenagers or hobbyists with little or no skill, often using existing tools or instructions found on the Internet to launch attacks.
  • Vulnerability Brokers: gray hat hackers who attempt to discover exploits and report them to vendors for prizes or rewards.
  • Hacktivists: gray hat hackers who rally and protest against different political and social ideas.
  • Cyber Criminals: black hat hackers who are either self-employed or working for large cybercrime organizations.
  • State Sponsored Hackers: either white hat or black hat hackers who steal government secrets, gather intelligence, and sabotage networks.

Thwarting Cyber Criminals

  • Coordinated actions to limit or fend off cyber criminals include:
    • Vulnerability Database: National Common Vulnerabilities and Exposures (CVE) database provides a publicly available database of all known vulnerabilities.
    • Early Warning Systems: The Honeynet project provides a HoneyMap which displays real-time visualization of attacks.
    • Share Cyber Intelligence: InfraGard is an example of sharing cyber intelligence to prevent hostile cyberattacks.
    • ISM Standards: The ISO 27000 standards provide a framework for implementing cybersecurity measures within an organization.

Common Threats

  • Cybersecurity threats are particularly dangerous to certain industries and the type of information they collect and protect.
  • Threats can come from:
    • Personal Information
    • Medical Records
    • Education Records
    • Employment and Financial Records
    • Network services like DNS, HTTP, and Online Databases
    • Packet sniffing and forgery
    • Rogue devices, such as unsecured Wi-Fi access points

Spreading Cybersecurity Threats

  • Threats can originate from within an organization or from outside.
  • Internal threats can cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices.
  • External threats can exploit vulnerabilities in networked devices or use social engineering to gain access.

Spreading Cybersecurity Threats (Cont.)

  • Vulnerabilities of Mobile Devices: the inability to centrally manage and update mobile devices poses a growing threat to organizations that allow employee mobile devices on their networks.
  • Emergence of Internet-of-Things (IoT): the connection of various devices to the Internet increases the amount of data that needs protection.
  • Impact of Big Data: big data poses both challenges and opportunities based on three dimensions: volume, velocity, and variety.

Spreading Cybersecurity Threats (Cont.)

  • Threat Complexity:
    • Advanced Persistent Threats (APTs): continuous computer hacks that occur under the radar against a specific object.
    • Algorithm attacks: track system self-reporting data and use it to select targets or trigger false alerts.
    • Intelligent selection of victims: sophisticated attacks only launch if the attacker can match the signatures of the targeted victim.

Threat Complexity (Cont.)

  • Broader Scope and Cascade Effect:
    • Federated identity management: multiple enterprises that let their users use the same identification credentials to gain access to the networks of all enterprises in the group.
  • Safety Implications:
    • Emergency call centers in the U.S. are vulnerable to cyberattacks that could shut down 911 networks, jeopardizing public safety.
    • Telephone denial of service (TDoS) attacks: use phone calls against a target telephone network, tying up the system and preventing legitimate calls from getting through.

Cybersecurity and Data Power

  • Great businesses have been created by collecting and harnessing the power of data and data analytics.
  • These businesses have the responsibility to protect this data from misuse and unauthorized access.
  • The growth of data has created great opportunities for cybersecurity specialists.

Cybersecurity Domains

  • Cyber experts now have the technology to track worldwide weather trends, monitor the oceans, and track the movement and behavior of people, animals, and objects in real-time.
  • New technologies, such as Geospatial Information Systems (GIS) and the Internet of Everything (IoE), have emerged.
  • These technologies depend on collecting and analyzing tremendous amounts of data.

Cybersecurity Criminals

  • Hackers can be categorized into three types:
    • White hat attackers: break into networks or computer systems to discover weaknesses and improve security.
    • Gray hat attackers: may find a vulnerability and report it to the owners of the system if it coincides with their agenda.
    • Black hat attackers: unethical criminals who violate computer and network security for personal gain or malicious reasons.

Cybersecurity Criminals (Cont.)

  • Script Kiddies: teenagers or hobbyists with little or no skill, often using existing tools or instructions found on the Internet to launch attacks.
  • Vulnerability Brokers: gray hat hackers who attempt to discover exploits and report them to vendors for prizes or rewards.
  • Hacktivists: gray hat hackers who rally and protest against different political and social ideas.
  • Cyber Criminals: black hat hackers who are either self-employed or working for large cybercrime organizations.
  • State Sponsored Hackers: either white hat or black hat hackers who steal government secrets, gather intelligence, and sabotage networks.

Thwarting Cyber Criminals

  • Coordinated actions to limit or fend off cyber criminals include:
    • Vulnerability Database: National Common Vulnerabilities and Exposures (CVE) database provides a publicly available database of all known vulnerabilities.
    • Early Warning Systems: The Honeynet project provides a HoneyMap which displays real-time visualization of attacks.
    • Share Cyber Intelligence: InfraGard is an example of sharing cyber intelligence to prevent hostile cyberattacks.
    • ISM Standards: The ISO 27000 standards provide a framework for implementing cybersecurity measures within an organization.

Common Threats

  • Cybersecurity threats are particularly dangerous to certain industries and the type of information they collect and protect.
  • Threats can come from:
    • Personal Information
    • Medical Records
    • Education Records
    • Employment and Financial Records
    • Network services like DNS, HTTP, and Online Databases
    • Packet sniffing and forgery
    • Rogue devices, such as unsecured Wi-Fi access points

Spreading Cybersecurity Threats

  • Threats can originate from within an organization or from outside.
  • Internal threats can cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices.
  • External threats can exploit vulnerabilities in networked devices or use social engineering to gain access.

Spreading Cybersecurity Threats (Cont.)

  • Vulnerabilities of Mobile Devices: the inability to centrally manage and update mobile devices poses a growing threat to organizations that allow employee mobile devices on their networks.
  • Emergence of Internet-of-Things (IoT): the connection of various devices to the Internet increases the amount of data that needs protection.
  • Impact of Big Data: big data poses both challenges and opportunities based on three dimensions: volume, velocity, and variety.

Spreading Cybersecurity Threats (Cont.)

  • Threat Complexity:
    • Advanced Persistent Threats (APTs): continuous computer hacks that occur under the radar against a specific object.
    • Algorithm attacks: track system self-reporting data and use it to select targets or trigger false alerts.
    • Intelligent selection of victims: sophisticated attacks only launch if the attacker can match the signatures of the targeted victim.

Threat Complexity (Cont.)

  • Broader Scope and Cascade Effect:
    • Federated identity management: multiple enterprises that let their users use the same identification credentials to gain access to the networks of all enterprises in the group.
  • Safety Implications:
    • Emergency call centers in the U.S. are vulnerable to cyberattacks that could shut down 911 networks, jeopardizing public safety.
    • Telephone denial of service (TDoS) attacks: use phone calls against a target telephone network, tying up the system and preventing legitimate calls from getting through.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Quiz Team

Description

Learn about the importance of data collection and analytics in business, and the responsibility to protect it from misuse. Discover the growing role of cybersecurity specialists.

Use Quizgecko on...
Browser
Browser