Cybersecurity Fundamentals

Study Notes

Cybersecurity is crucial for organizations as it protects against cyber threats and attacks that can compromise sensitive data and systems.
Real-life examples of cyberattacks include phishing, malware, and social engineering, which can result in financial losses, reputational damage, and legal consequences.

Phishing involves fraudulent emails, texts, or messages that trick victims into revealing confidential information, such as passwords or credit card numbers.
Examples of phishing emails may include those with urgent or threatening language, generic greetings, or suspicious links and attachments.
Tips to identify phishing emails include verifying sender email addresses, being cautious of generic greetings, and avoiding suspicious links and attachments.
Malware includes viruses, ransomware, and spyware, which can infect systems through email attachments, infected software, or infected websites.
Social engineering tactics used by attackers include pretexting, baiting, and quid pro quo to manipulate employees into revealing confidential information.
Password attacks involve methods like brute force attacks, which can be prevented by using strong, unique passwords and enabling multi-factor authentication (MFA).

Advanced Persistent Threats (APTs) are sophisticated attacks that target organizations and can be difficult to detect and mitigate.
Internet of Things (IoT) vulnerabilities include security risks associated with IoT devices, which can be exploited by attackers.
Zero-day exploits involve vulnerabilities in software or systems that are unknown to the vendor, making it difficult to patch or fix them.
Deepfakes and AI-based attacks involve the use of artificial intelligence to create sophisticated cyber threats, such as deepfake videos or audio files.

Email security tips include recognizing phishing attempts, avoiding suspicious links, and verifying email senders.
Password management involves using strong passwords, password managers, and enabling MFA to prevent password attacks.
Software updates are crucial to protect against vulnerabilities and should be installed promptly.
Secure internet use involves safe browsing habits, avoiding public Wi-Fi for sensitive transactions, and using Virtual Private Networks (VPNs).

Management and executives require training on recognizing sophisticated social engineering attempts targeting high-level personnel.
IT staff require in-depth training on network security, intrusion detection, and incident response.
General staff require basic cybersecurity hygiene and awareness tailored to their day-to-day activities.

Recognizing an incident involves identifying signs that an account or system may be compromised, such as suspicious login activity or unexpected password changes.
Reporting procedures involve promptly reporting suspected incidents to the IT department or designated authority.
First response actions involve immediate steps to take if an incident is suspected, such as disconnecting from the network and contacting the IT department.

Phishing simulations involve conducting regular phishing tests to keep employees on their toes and aware of phishing threats.
Security drills involve simulating cyber incidents to practice the response plan and identify weaknesses.
Updates and refreshers involve regularly updating training materials to cover new threats and refresh employees' knowledge.

Documentation involves providing easy-to-access guides and FAQs on cybersecurity best practices.
Support channels involve clear information on whom to contact for cybersecurity concerns or questions.
Continuous learning involves encouraging participation in webinars, workshops, and courses on cybersecurity to stay up-to-date with emerging threats and best practices.