Cybersecurity Fundamentals and Motivations

Questions and Answers

What is the purpose of establishing policies for cybersecurity?

• To manage financial resources
• To outline roles and responsibilities (correct)
• To maintain software licenses
• To enforce hardware purchases

Which activity helps to manage access to assets and information?

• Installing software patches
• Implementing identity management controls (correct)
• Conducting regular backups
• Performing inventory checks

What is the primary goal of conducting regular backups?

• To monitor user access
• To protect sensitive data
• To facilitate quicker recovery from incidents (correct)
• To ensure compliance with legal regulations

What is meant by maintaining and monitoring logs?

Recognizing anomalies in operations (D)

Which protective measure involves the patching of operating systems?

Protective technology (C)

What is a key feature of implementing continuous monitoring activities?

Maintaining awareness of network anomalies (B)

What kind of plans are created to address detected cybersecurity events?

Response and recovery plans (C)

What is a critical component of identifying risk management processes?

Identifying external partner contracts (D)

What is the first step in practicing cybersecurity risk management?

Identify your business’ assets (C)

Which of the following can be considered an environmental threat to businesses?

Floods (D)

Which option is NOT a step in identifying the value of business assets?

Determine the financial investment in the asset (B)

What should be prioritized after determining business assets and their values?

Mitigate activities according to priorities (B)

What should be evaluated to determine the potential damage to a business asset?

The impact of loss or damage to the asset (C)

Which of the following is a likely effect of downtime on a business?

Loss of customers (C)

What is the primary objective of a ransomware attack?

To demand a ransom in exchange for restoring data (B)

What type of scams can recovery efforts attract during natural disasters?

Financial fraud (B)

Which scale could be used to document asset values on a worksheet?

low, medium, high (C)

What is the focus of NIST Special Publication 800-30?

Guide for conducting risk assessments (D)

Which of the following types of attacks is a form of social engineering?

Phishing (D)

What should be considered when identifying the likelihood of loss or damage to an asset?

The potential threats to each asset (D)

Which factor is NOT directly related to evaluating the impact of asset loss?

Market share during recovery (C)

What is a common characteristic of 'spear phishing' compared to regular phishing?

It is specifically targeted at individuals or organizations (B)

How should assets with high impact and likelihood scores be prioritized?

Implement immediate resolution (B)

Which step is performed after identifying the impact and likelihood scores of assets?

Identify priorities and potential solutions (B)

How can businesses be financially impacted by cyber attacks?

Attacks can lead to costly recoveries and legal repercussions (D)

What type of threat does 'vishing' represent?

Phishing through phone calls (A)

What is a recommended action if a business process has manual backup methods?

Evaluate their effectiveness (C)

What risk does hacking pose to businesses?

It can lead to unauthorized access and stolen data (C)

What does the NIST Cybersecurity Framework provide for organizations?

A continuous process for cybersecurity risk management (D)

In the context of cybersecurity, what do customers and employees expect from a business?

To keep their information secure and private (A)

What type of scale can be used to determine the impact to business of asset loss?

A low, medium, high scale (A)

What is the primary problem associated with paying a ransom in a ransomware attack?

There is no guarantee that the ransom will work (B)

What is the primary goal of cybersecurity?

To protect electronic devices and associated data (C)

Which of the following is a component of confidentiality in cybersecurity?

Secure storage of company trade secrets (C)

Which example illustrates a breach of integrity?

Altering payroll information without authorization (A)

What is meant by the term 'availability' in cybersecurity?

Guaranteeing that information can be accessed as needed (B)

Which of the following is NOT a part of the threat landscape in cybersecurity?

Marketing strategy development (C)

What does 'BYOD' stand for in the context of cybersecurity?

Bring Your Own Device (A)

Why is risk management important in cybersecurity?

It helps identify and mitigate potential threats (D)

Which of the following best defines information security?

Protection of data from unauthorized access and breaches (A)

Which of the following is an example of a method to ensure availability?

Implementing robust backup systems (C)

What impact does a successful cybersecurity attack have on an organization?

It can disrupt access to information and services (B)

Flashcards

Cybersecurity

Protecting electronic devices, associated data and information from unauthorized access, use, disclosure, disruption, modification, or destruction.

Cybersecurity Threat Landscape

The potential sources of harm or threats that could target your computer systems and data.

Confidentiality

The ability to keep sensitive information private and prevent unauthorized access.

Integrity

Ensuring the accuracy and integrity of information, making sure it hasn't been altered or tampered with.

Availability

Making sure that data and systems are always available when needed.

Risk Management

Identifying and assessing potential risks to cybersecurity, and deciding how to manage them.

Cybersecurity Framework

A framework outlining steps to improve cybersecurity, often used by organizations.

Small Business Cybersecurity

Protecting computer systems and data for small businesses, which often have limited resources.

Asset Value

Assigning a value to an asset based on its importance to your business.

Business Impact

The impact of a lost or damaged asset on your business.

Likelihood of Loss

The likelihood that an asset will be lost or damaged.

Risk Matrix

A tool for prioritizing assets based on the impact and likelihood of loss.

NIST Cybersecurity Framework

A framework for cybersecurity risk management that provides a continuous process for managing risks.

Identify (NIST Framework)

The first function of the NIST Cybersecurity Framework, focusing on understanding cybersecurity risks.

Develop (NIST Framework)

The second function of the NIST Cybersecurity Framework, focused on developing and implementing strategies to manage risks.

Manage (NIST Framework)

The third function of the NIST Cybersecurity Framework, focused on managing cybersecurity risks on an ongoing basis.

Environmental Threats

Situations that could threaten your business, such as fire, earthquake, or flood, and can damage computers or disrupt business operations.

Sense of Urgency in Scams

Threatening messages aiming to create a sense of urgency and fear of loss or penalty if you don't act immediately.

Cybersecurity Risk Assessment

The process of analyzing potential dangers (threats) to your assets, identifying vulnerabilities, and assessing the likelihood and impact of exploitation.

Identify Business Assets

The first step in cybersecurity risk management, identifying all critical information, people, processes, and technology your business relies on.

Assess Asset Value

Evaluating the value of each asset by considering the potential consequences of its loss, damage, or inaccessibility.

Threat Likelihood and Impact

The process of considering the likelihood of a threat successfully exploiting a vulnerability and the consequences of such an attack.

Prioritize Mitigation Activities

Establishing priorities for security efforts based on the likelihood and impact of potential threats.

Phishing Attacks

A type of social engineering attack where attackers use deception to gain access to systems or steal data. It can involve emails, phone calls, or text messages.

Ransomware

Malicious software that encrypts your data and demands a ransom to unlock it. Often targets businesses and individuals.

Hacking

Unauthorized access to computer systems and information. This can result in data theft, system failures, or denial of access to authorized users.

Imposter Scams

A scam where someone impersonates an official entity, like the IRS or a bank, to trick you into revealing personal information or giving them money.

Cybersecurity Threats

Cybersecurity threats are actions that aim to compromise the confidentiality, integrity, or availability of data and systems. They can range from phishing attacks to environmental events.

Small Businesses as Easy Targets

Small businesses are often targeted by attackers because they are perceived as having weaker security measures.

Business Costs of Cybersecurity Attacks

Cyberattacks can be costly to recover from and can even threaten the future of your business.

Reputation Damage from Cybersecurity Attacks

Customers and employees expect businesses to protect their information and maintain trust.

Identify

The initial step of a cybersecurity framework, where organizations assess their current security posture and identify key areas for improvement.

Identify critical business processes

Processes that map out the flow of information within a business, identifying vulnerabilities and opportunities for improvement.

Establish policies for cybersecurity

Establishing clear guidelines and roles for cybersecurity, ensuring everyone understands their responsibilities.

Maintain hardware and software inventory

The process of ensuring that all hardware and software components within an organization are properly documented and managed.

Risk Assessment

The practice of proactively identifying and analyzing potential threats to an organization's security posture.

Protect

Implementing the necessary safeguards to protect critical data and systems from unauthorized access or attacks.

Detect

The monitoring of systems and networks for signs of malicious activity or data breaches.

Respond

The process of responding to confirmed cybersecurity incidents, minimizing damage and ensuring a timely recovery.

Study Notes

Cybersecurity Fundamentals

• Cybersecurity involves protecting electronic devices and associated data and information.
• Key objectives include confidentiality, integrity, and availability.
• Confidentiality protects data from unauthorized access and disclosure.
• Integrity ensures data accuracy and prevents unauthorized modification.
• Availability ensures data and systems are accessible when needed. A common example of a breach of availability is when customers cannot access online services.

Motivations Behind Cyberattacks

• A global study of large organizations targeted by cyberattacks revealed various motivations:
  • 41% of breaches were due to ransomware.
  • 27% were due to insider threats.
  • 26% were for political competition.
  • 26% were for cyberwarfare.
  • 24% occurred due to angry users.
  • 20% were motivated by business competition.
  • 11% had unknown motives.
• A global study of almost 2,000 data breaches revealed that outsiders are the most frequent perpetrators, followed by organized criminal groups.

Cybersecurity Threats

• Phishing attacks are social engineering tactics to gain access to systems or steal data.
• Ransomware attacks harm data and require ransom payments for restoration.
• Hacking involves unauthorized access to systems, information, denial of services or theft of resources.
• Imposter scams involve individuals posing as legitimate entities.
• Environmental events like fires, earthquakes, or floods can disrupt business access.

Cybersecurity Framework

• The NIST Cybersecurity Framework provides a continuous process for cybersecurity risk management, for organizations of any size and sector.
• The framework has proven useful across various industries.
• The framework's core functions include:
  • Identify: Recognize and analyze your organizational cybersecurity risks.
  • Protect: Implement appropriate safeguards to protect your systems.
  • Detect: Develop proper measures that detect intrusions.
  • Respond: Define activities that respond to an incident.
  • Recover: Maintain planning, resilience, and restoration of impaired services.

Elements of Risk

• Risk assessment involves identifying threats, vulnerabilities, likelihood, and impact on the business
• Identify valuable business assets and evaluate their worth.

NIST Identified Activities

• Identify: Assess business environment (e.g., processes, data flows)
• Protect: Implement safeguards to protect the asset
• Detect: Methods to identify occurrences.
• Respond: Act on detected intrusions
• Recover: Maintain plans to restore systems and capability.

Description

This quiz covers key principles of cybersecurity, including the protection of electronic devices and data, focusing on confidentiality, integrity, and availability. It also explores the various motivations behind cyberattacks, such as ransomware and insider threats, based on global studies of data breaches.