Cybersecurity Overview and Key Concepts

Questions and Answers

What is the primary organization associated with the document?

• PRAGMATIC INCIGHTS OPC
• Department of Information Technology
• National Cyber Security Center
• Philippine Computer Emergency Response Team Coordinating Center (correct)

The document is for resale and has unlimited distribution rights.

False (B)

Identify the year associated with the PCS-ISEC Program mentioned in the document.

2022

The document is licensed for use to the __________.

Philippine Computer Emergency Response Team Coordinating Center

Match the following titles with their respective roles or descriptions:

ABET DELA CRUZ = Author of the document Philippine Computer Emergency Response Team = Organization coordinating cybersecurity response PRAGMATIC INCIGHTS OPC = Licensing entity PCS-ISEC Program = Cybersecurity education initiative

What is the primary goal of ensuring disclosure management?

To ensure that information is only known to authorized entities (C)

Preventing alteration of information means allowing unauthorized entities to modify data.

False (B)

What does 'deny' refer to in the context of information security?

Inaccessibility

The threat to __________ refers to any form of data leakage that can compromise an organization's well-being.

confidentiality

Which of the following is NOT a goal mentioned in the document?

Encourage Modification (D)

Compromise of database and file servers is a threat to confidentiality.

True (A)

What acronym refers to the organization mentioned in the document responsible for response coordination?

PHCERT/CC

Match the terms with their corresponding security goals:

Disclosure = Preventing unauthorized access Alteration = Preventing unauthorized modifications Denial = Ensuring information availability CIA = Managing information security threats

Which of the following is NOT a form of social engineering?

Ransomware (B)

Whale-ing is a type of phishing attack directed at high-profile individuals.

True (A)

What was the number of Philippine companies that encountered ransomware attacks in 2020?

7000

____ is a malicious software that can disrupt, damage, or gain unauthorized access to computer systems.

Malware

Match the following types of attacks with their descriptions:

DDoS = Overloading a system with traffic to render it unavailable Ransomware = Malware that encrypts files and demands payment for recovery Phishing = Deceptive communication to obtain sensitive information Intrusion = Unauthorized access to a system or network

Which of the following is an example of vishing?

A phone call pretending to be from a bank asking for account details (D)

Data Leakage and Worm Infection are the same type of threat.

False (B)

Name one operating system that is commonly targeted by DDoS attacks.

Windows

____ is the act of gaining unauthorized access to a system or network.

Intrusion

What is the primary goal of ransomware?

To encrypt files and demand a ransom (B)

According to the document, which UK cyber security company released the State of Ransomware 2021 report?

Sophos

The document states that Philippine organizations spent $820,000 on recovering from ransomware attacks, which is equal to 40 million Philippine pesos.

True (A)

Identify the document's sentiment towards the cybersecurity landscape regarding ransomware.

Pessimistic, highlighting the growing prevalence and severity of ransomware attacks. (A)

The document suggests that organizations should adopt a proactive approach to security by asking, "If you knew you were going to be compromised, ______ you do security differently?"

would

Match the acronym with its corresponding concept as discussed in the document.

C.I.A. TRIAD = Confidentiality, Integrity, Availability D.A.D = Detection, Action, Deterrence

According to the document, organizations are becoming less susceptible to ransomware attacks.

False (B)

What is the document's main purpose? (Hint: consider the document's title and content.)

To provide an overview of the current state of ransomware attacks and highlight important security considerations.

Based on the document's information, which of the following is likely NOT an effective strategy for reducing the impact of ransomware attacks?

Paying the ransom demands to quickly regain access to data. (A)

What is a potential consequence of data theft affecting organizational reputation?

Legal action and penalties (B)

Email spoofing is a method used to enhance security measures in an organization.

False (B)

What does PII stand for in the context of data security?

Personally Identifiable Information

A successful attack on a company's systems can lead to leakage of __________ information.

personal

Match the following threats to their potential consequences:

Website Defacement = Damage to corporate reputation Phishing = Unauthorized access to sensitive information Identity Theft = Financial losses for individuals Data Exfiltration = Theft of personal and confidential information

What is a possible impact of reduced trust and confidence from clients?

Loss of business (A)

Exfiltration of data by malware is a common method of data theft.

True (A)

What should organizations value the most according to the risks associated with network sniffing?

Reputation

What is the focus of data privacy?

Proper handling and usage of personal information (B)

Data privacy is concerned only with data that is collected online.

False (B)

What main aspects does data privacy cover?

Proper handling, processing, storage, and usage of personal information.

Data privacy is primarily concerned with the proper handling, processing, storage, and usage of __________.

personal information

Match the following terms with their definitions:

Data Privacy = Concerned with the proper handling of personal information Cybersecurity = Protection of computer systems from theft or damage Data Breach = Unauthorized access to confidential data Risk Management = Identifying and mitigating potential security vulnerabilities

Which of the following is NOT a component of data privacy?

Data analysis (D)

Organizations are required to implement safeguards for data privacy only at the point of data collection.

False (B)

Name one method organizations can use to protect personal information.

Encryption.

Flashcards

Essential Security Concepts

Fundamental ideas and principles related to cybersecurity.

Philippine Computer Emergency Response Team

A national team responsible for managing cybersecurity incidents in the Philippines.

Confidentiality

Ensuring that sensitive information is accessed only by authorized individuals.

Integrity

Ensuring data is accurate and unaltered during storage and transmission.

Availability

Ensuring that information and resources are accessible when needed.

Cyberspace

The virtual environment of online communication and information exchange.

On-Premise

Refers to IT infrastructure located on the physical site of a business.

Data Privacy

The protection of personal information from unauthorized access and use.

Personal Information

Any data that can be used to identify an individual, such as names and addresses.

Proper Handling

The appropriate methods of managing data to ensure security and privacy.

Processing of Information

The action of collecting, storing, and managing data systematically.

Storage of Information

The means of keeping data securely for future access and use.

Usage of Information

How data is utilized or applied in different contexts.

TRIAD

A model for information security consisting of Confidentiality, Integrity, and Availability.

Data Leakage

The unauthorized transfer of data from a system.

Alteration

Unintended or unauthorized modifications to information.

Denial of Service

Inaccessibility of information when it is needed.

Threat to Confidentiality

Risks that lead to data leakage and compromise organizational integrity.

Ransomware Recovery Costs

The amount organizations in the Philippines spent, $820,000, to recover from ransomware attacks.

Ransomware Trends

Organizations are more susceptible to attacks, less likely to pay ransoms, and better at restoring from backups.

C.I.A. Triad

Represents the principles of Confidentiality, Integrity, and Availability in information security.

D.A.D.

A security model focusing on Detection, Analysis, and Decision-making.

Security Mindset

Understanding that breaches are likely, leading to proactive security measures.

Backup Restoration

The process of recovering data from backup systems after a ransomware attack.

Hacked Companies

Two types of companies exist: those that have been hacked and those unaware of hacking.

Ransom Payment Trends

Organizations’ changing perspective towards paying ransoms due to better recovery options.

Phishing

A cyber attack that tricks users into providing sensitive information.

Ransomware

Malware that encrypts files and demands payment for access.

DDoS

A distributed denial-of-service attack that overwhelms a system.

Social Engineering

Manipulating people into divulging confidential information.

Worm Infection

A type of malware that replicates itself to spread through networks.

Insider Abuse

Misuse of privileges by individuals within an organization.

Blackmail

Threatening to reveal personal information unless demands are met.

Vishing

Voice phishing using phone calls to trick individuals.

Smishing

Phishing attempts carried out via SMS or text messaging.

Malware

Malicious software designed to harm or exploit devices.

Network Sniffing

Intercepting data packets in a network to capture sensitive information.

Personal Identifiable Information (PII)

Information that can be used to identify an individual, such as name or email.

Trojans

Malicious programs disguised as legitimate software that provide unauthorized access.

Email Spoofing

Sending emails with a forged sender address to deceive recipients.

Identity Theft

An individual’s personal information is stolen and used without permission.

Website Defacement

Malicious alteration of a website's appearance, often as a form of protest.

Data Exfiltration

Unauthorized transfer of data from a secure system to an external destination.

Study Notes

Essential Security Concepts

• Key security concepts include information systems protection, internet attacks, cyber security, and mobile devices.
• The Philippine Computer Emergency Response Team Coordinating Center (PHCERT/CC) is a body responsible for cybersecurity.

Definitions

• The presentation highlights the importance of defining key terms related to security.
• A link to a NIST glossary is provided for further study.

Cybersecurity Concepts

•  Cybersecurity encompasses sensitive and personal information within cyberspace, both online and on-premise.
•  Data privacy is crucial for handling, storing, and using personal information.

Information Security

• Information security safeguards information systems from unauthorized intrusion and misuse.
• Protecting data confidentiality, integrity, and availability is paramount.
• This includes preventing unauthorized access, use, or modification as well as protecting its availability.

Types of Cyber Threats

• Various threats such as phishing, malware, ransomware, social engineering, intrusion, data leakage, DOS attacks, and others are mentioned.
• Different threat actors, including hacktivists, criminals, trusted insiders, nation-state actors, terrorists, and groups involved in warfare, are also discussed.
• Ransomware attacks are a major concern, impacting around 7,000 Philippine companies in 2020 and costing approximately $820,000 (around PHP40 million) for recovery.

CIA Triad

•  The CIA triad (Confidentiality, Integrity, Availability) represents core principles in information security.
•  A related concept, D.A.D. (Disclosure, Alteration, Denial) is also covered to provide a broader view on potential threats to information security.

Traditional IT Disciplines

•  The presentation mentions various traditional IT disciplines (network administrator, system administrator, database administrator, software developer).
• These are all key roles requiring security considerations.

Security Cuts Across All IT

• Security is a fundamental aspect that spans all IT disciplines.
• Security is integral to all technological aspects and roles.