Podcast
Questions and Answers
Federated identity management allows users to use different identification credentials to access different enterprise networks.
Federated identity management allows users to use different identification credentials to access different enterprise networks.
False
TDoS attacks use emails to overload a target network.
TDoS attacks use emails to overload a target network.
False
The next generation 911 call centers are vulnerable because they use traditional landlines.
The next generation 911 call centers are vulnerable because they use traditional landlines.
False
In the early days of cybersecurity, countries were well-equipped to defend against cyberattacks.
In the early days of cybersecurity, countries were well-equipped to defend against cyberattacks.
Signup and view all the answers
Cybersecurity threats are no longer a major concern for national and economic security.
Cybersecurity threats are no longer a major concern for national and economic security.
Signup and view all the answers
Sophisticated attacks often choose targets with stronger defenses.
Sophisticated attacks often choose targets with stronger defenses.
Signup and view all the answers
Federated identity management allows users to access multiple enterprise networks with different identification credentials.
Federated identity management allows users to access multiple enterprise networks with different identification credentials.
Signup and view all the answers
Telephone denial of service attacks use emails to overload a target network.
Telephone denial of service attacks use emails to overload a target network.
Signup and view all the answers
The next generation 911 call centers are less vulnerable to cyberattacks because they use Voice-over-IP systems.
The next generation 911 call centers are less vulnerable to cyberattacks because they use Voice-over-IP systems.
Signup and view all the answers
Cybersecurity threats have become less of a concern for national and economic security in recent years.
Cybersecurity threats have become less of a concern for national and economic security in recent years.
Signup and view all the answers
Study Notes
Cybersecurity and Data Power
- Great businesses have been created by collecting and harnessing the power of data and data analytics.
- These businesses have the responsibility to protect this data from misuse and unauthorized access.
- The growth of data has created great opportunities for cybersecurity specialists.
Cybersecurity Domains
- Cyber experts now have the technology to track worldwide weather trends, monitor the oceans, and track the movement and behavior of people, animals, and objects in real-time.
- New technologies, such as Geospatial Information Systems (GIS) and the Internet of Everything (IoE), have emerged.
- These technologies depend on collecting and analyzing tremendous amounts of data.
Cybersecurity Criminals
- Hackers can be categorized into three types:
- White hat attackers: break into networks or computer systems to discover weaknesses and improve security.
- Gray hat attackers: may find a vulnerability and report it to the owners of the system if it coincides with their agenda.
- Black hat attackers: unethical criminals who violate computer and network security for personal gain or malicious reasons.
Cybersecurity Criminals (Cont.)
- Script Kiddies: teenagers or hobbyists with little or no skill, often using existing tools or instructions found on the Internet to launch attacks.
- Vulnerability Brokers: gray hat hackers who attempt to discover exploits and report them to vendors for prizes or rewards.
- Hacktivists: gray hat hackers who rally and protest against different political and social ideas.
- Cyber Criminals: black hat hackers who are either self-employed or working for large cybercrime organizations.
- State Sponsored Hackers: either white hat or black hat hackers who steal government secrets, gather intelligence, and sabotage networks.
Thwarting Cyber Criminals
- Coordinated actions to limit or fend off cyber criminals include:
- Vulnerability Database: National Common Vulnerabilities and Exposures (CVE) database provides a publicly available database of all known vulnerabilities.
- Early Warning Systems: The Honeynet project provides a HoneyMap which displays real-time visualization of attacks.
- Share Cyber Intelligence: InfraGard is an example of sharing cyber intelligence to prevent hostile cyberattacks.
- ISM Standards: The ISO 27000 standards provide a framework for implementing cybersecurity measures within an organization.
Common Threats
- Cybersecurity threats are particularly dangerous to certain industries and the type of information they collect and protect.
- Threats can come from:
- Personal Information
- Medical Records
- Education Records
- Employment and Financial Records
- Network services like DNS, HTTP, and Online Databases
- Packet sniffing and forgery
- Rogue devices, such as unsecured Wi-Fi access points
Spreading Cybersecurity Threats
- Threats can originate from within an organization or from outside.
- Internal threats can cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices.
- External threats can exploit vulnerabilities in networked devices or use social engineering to gain access.
Spreading Cybersecurity Threats (Cont.)
- Vulnerabilities of Mobile Devices: the inability to centrally manage and update mobile devices poses a growing threat to organizations that allow employee mobile devices on their networks.
- Emergence of Internet-of-Things (IoT): the connection of various devices to the Internet increases the amount of data that needs protection.
- Impact of Big Data: big data poses both challenges and opportunities based on three dimensions: volume, velocity, and variety.
Spreading Cybersecurity Threats (Cont.)
- Threat Complexity:
- Advanced Persistent Threats (APTs): continuous computer hacks that occur under the radar against a specific object.
- Algorithm attacks: track system self-reporting data and use it to select targets or trigger false alerts.
- Intelligent selection of victims: sophisticated attacks only launch if the attacker can match the signatures of the targeted victim.
Threat Complexity (Cont.)
- Broader Scope and Cascade Effect:
- Federated identity management: multiple enterprises that let their users use the same identification credentials to gain access to the networks of all enterprises in the group.
- Safety Implications:
- Emergency call centers in the U.S. are vulnerable to cyberattacks that could shut down 911 networks, jeopardizing public safety.
- Telephone denial of service (TDoS) attacks: use phone calls against a target telephone network, tying up the system and preventing legitimate calls from getting through.
Cybersecurity and Data Power
- Great businesses have been created by collecting and harnessing the power of data and data analytics.
- These businesses have the responsibility to protect this data from misuse and unauthorized access.
- The growth of data has created great opportunities for cybersecurity specialists.
Cybersecurity Domains
- Cyber experts now have the technology to track worldwide weather trends, monitor the oceans, and track the movement and behavior of people, animals, and objects in real-time.
- New technologies, such as Geospatial Information Systems (GIS) and the Internet of Everything (IoE), have emerged.
- These technologies depend on collecting and analyzing tremendous amounts of data.
Cybersecurity Criminals
- Hackers can be categorized into three types:
- White hat attackers: break into networks or computer systems to discover weaknesses and improve security.
- Gray hat attackers: may find a vulnerability and report it to the owners of the system if it coincides with their agenda.
- Black hat attackers: unethical criminals who violate computer and network security for personal gain or malicious reasons.
Cybersecurity Criminals (Cont.)
- Script Kiddies: teenagers or hobbyists with little or no skill, often using existing tools or instructions found on the Internet to launch attacks.
- Vulnerability Brokers: gray hat hackers who attempt to discover exploits and report them to vendors for prizes or rewards.
- Hacktivists: gray hat hackers who rally and protest against different political and social ideas.
- Cyber Criminals: black hat hackers who are either self-employed or working for large cybercrime organizations.
- State Sponsored Hackers: either white hat or black hat hackers who steal government secrets, gather intelligence, and sabotage networks.
Thwarting Cyber Criminals
- Coordinated actions to limit or fend off cyber criminals include:
- Vulnerability Database: National Common Vulnerabilities and Exposures (CVE) database provides a publicly available database of all known vulnerabilities.
- Early Warning Systems: The Honeynet project provides a HoneyMap which displays real-time visualization of attacks.
- Share Cyber Intelligence: InfraGard is an example of sharing cyber intelligence to prevent hostile cyberattacks.
- ISM Standards: The ISO 27000 standards provide a framework for implementing cybersecurity measures within an organization.
Common Threats
- Cybersecurity threats are particularly dangerous to certain industries and the type of information they collect and protect.
- Threats can come from:
- Personal Information
- Medical Records
- Education Records
- Employment and Financial Records
- Network services like DNS, HTTP, and Online Databases
- Packet sniffing and forgery
- Rogue devices, such as unsecured Wi-Fi access points
Spreading Cybersecurity Threats
- Threats can originate from within an organization or from outside.
- Internal threats can cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices.
- External threats can exploit vulnerabilities in networked devices or use social engineering to gain access.
Spreading Cybersecurity Threats (Cont.)
- Vulnerabilities of Mobile Devices: the inability to centrally manage and update mobile devices poses a growing threat to organizations that allow employee mobile devices on their networks.
- Emergence of Internet-of-Things (IoT): the connection of various devices to the Internet increases the amount of data that needs protection.
- Impact of Big Data: big data poses both challenges and opportunities based on three dimensions: volume, velocity, and variety.
Spreading Cybersecurity Threats (Cont.)
- Threat Complexity:
- Advanced Persistent Threats (APTs): continuous computer hacks that occur under the radar against a specific object.
- Algorithm attacks: track system self-reporting data and use it to select targets or trigger false alerts.
- Intelligent selection of victims: sophisticated attacks only launch if the attacker can match the signatures of the targeted victim.
Threat Complexity (Cont.)
- Broader Scope and Cascade Effect:
- Federated identity management: multiple enterprises that let their users use the same identification credentials to gain access to the networks of all enterprises in the group.
- Safety Implications:
- Emergency call centers in the U.S. are vulnerable to cyberattacks that could shut down 911 networks, jeopardizing public safety.
- Telephone denial of service (TDoS) attacks: use phone calls against a target telephone network, tying up the system and preventing legitimate calls from getting through.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Learn about the importance of data collection and analytics in business, and the responsibility to protect it from misuse. Discover the growing role of cybersecurity specialists.