Cybersecurity Strategies and Incident Response

Questions and Answers

What potential consequence does paying a ransom have on the victim company?

• Restoration of all stolen data
• Legal immunity from future attacks
• Improved public reputation
• Encouragement of future attacks (correct)

Why is paying a ransom illegal under U.S. regulations?

• It promotes data theft
• It supports foreign terrorist organizations (correct)
• It guarantees data recovery
• It violates state insurance laws

What is a significant risk associated with ransom payments regarding a company's reputation?

• Immediate recovery of public trust
• Increase in customer base
• No effect on future business dealings
• Long-term negative impact on outlook (correct)

What guidance have some state insurance regulators given regarding ransom payments?

They discourage carriers from making ransomware payments. (B)

What might be a legal consequence of negotiating a ransom payment?

It may cause regulatory fines from financial authorities. (C)

What is a common misconception about the process of ransom negotiation?

It always results in significant data recovery. (A)

What element of cybersecurity might be most negatively affected by ransom payments?

Corporate communications (C)

What key aspect must be considered when dealing with ransomware according to legal frameworks?

Payments could fall under sanctions regimes. (B)

What does 'mitigate to reasonableness' refer to in cybersecurity?

Addressing risks in a manner that is sensible and justifiable. (C)

Which of the following describes the principle of Defence-in-Depth?

Implementing security at multiple layers involving people, processes, and technology. (D)

What is the significance of Defence-in-Breadth in cybersecurity?

It focuses on using two or more independent layers of defense. (B)

What does accepting residual risk entail?

Choosing not to address certain risks after mitigation efforts. (A)

In the context of cybersecurity, what does Defence-in-Diversity refer to?

Implementing various types of protective measures and technologies. (C)

What is a primary focus of cybersecurity incident response?

Responding to cybersecurity incidents in a timely and effective manner. (A)

What roles are encompassed within cybersecurity governance?

Strategic management of cybersecurity policies, procedures, and practices. (B)

Which approach emphasizes using diverse products and services in cybersecurity?

Defence-in-Diversity (B)

What concept describes the nature of cybersecurity as a battle between different players?

Asymmetric warfare (B)

According to cybersecurity experts, what do defenders typically focus on in contrast to attackers?

Lists (B)

What is noted as the weakest link in cybersecurity?

Homosapiens (C)

Who is credited with a famous quote that relates to knowing the enemy for success in battles?

Sun Tzu (D)

Which of the following statements best reflects the mentality of attackers in cybersecurity?

Attackers think in networks and connections. (A)

Which element is considered essential for effective cyber defense strategies?

User awareness and training (D)

What does the phrase 'defenders think in lists' imply regarding their approach to cybersecurity?

They prioritize tasks in a linear fashion. (C)

In the context of cyber warfare, what is a significant tactical advantage for attackers?

Understanding the defender's strategy (D)

What is one primary goal of a Cybersecurity Framework?

To provide a structured approach to managing cybersecurity risks (C)

Which of the following represents a digital supply chain advancement described in 'Supply Chain 4.0'?

Use of artificial intelligence and data analytics (B)

What does the Cyber Trust Mark signify for organizations?

Proficiency in managing cybersecurity risks and threats (D)

What is a primary focus of initiatives aimed at mitigating phishing threats?

Training users to recognize suspicious communications (B)

Which organization is responsible for the Cyber Essentials Mark in Singapore?

Cyber Security Agency of Singapore (D)

Which of the following is most likely a benefit of Cyber Trust certification?

Enhanced reputation and customer trust (C)

In the context of internet security, what does the term 'ransomware' refer to?

Malware that demands payment to unlock data (A)

What is an essential feature of next-generation supply chains as discussed in 'Supply Chain 4.0'?

Integration of IoT devices for real-time monitoring (C)

What are the three levels of threat intelligence mentioned?

Strategic, operational, and tactical (D)

What is one key aspect of Zero Trust in cybersecurity?

Assumes breach and verifies each request (C)

What is the primary focus of incident response in cybersecurity?

Minimizing damage and restoring operations (D)

What role does Operational Technology (OT) cybersecurity play according to the competency framework?

Involves securing industrial systems and processes (A)

What can be inferred from the incident of the missing pico balloon used for weather monitoring?

Human errors can lead to the loss of reconnaissance tools (C)

What does cyber resilience primarily focus on?

Minimizing downtime and recovering from incidents (C)

How does the Cyber Crisis Management Planning framework aim to help organizations?

By reducing cyber risk and increasing organizational resilience (D)

Which organization published the Operational Technology Cybersecurity Competency Framework?

CSA Singapore (C)

Flashcards

Ransomware

Malware that demands payment to unlock data or systems

Paying ransom

Giving money to criminals who hold data or systems hostage

Cybersecurity incident response

Responding to cybersecurity incidents promptly and effectively

Defence-in-Depth

Implementing multiple layers of security to protect systems from multiple threats

Defence-in-Breadth

Using independent security layers to protect from different threats

Defence-in-Diversity

Using various security products and techniques to enhance protection

Zero Trust

Approach that assumes a breach and verifies each request before allowing access

Cybersecurity Governance

Strategic management of cybersecurity policies, procedures, and practices

Asymmetric warfare

Describes cybersecurity as a battle between different players with unequal resources and advantages

Mitigate to reasonableness

Addressing risks in a sensible and justifiable way

Residual risk

Risk that remains after mitigation efforts

Cyber Trust Mark

Signifies an organization's proficiency in managing cybersecurity risks

Operational Technology (OT) Cybersecurity

Securing industrial systems and processes

Cybersecurity framework

A structured approach to managing cybersecurity risks

Supply Chain 4.0

Digital supply chain advancement using AI and data analytics

Study Notes

### Thinking Like a Hacker to Defend

• “If you know the enemy and you know yourself, you need not fear the results of a hundred battles.” - Paraphrased from Sun Tzu’s famous quote
• Cybersecurity is asymmetric warfare.
• “Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win.” - John LaTour and others
• The weakest link in the chain of cybersecurity is humans.

### Cybersecurity Governance, Risk, and Compliance

• Mitigate to reasonableness and accept residual risk.
• There are three key defenses for cybersecurity: Defence-in-Depth, Defence-in-Breadth & Defence-in-Diversity
• Defence-in-Depth is a solution across people, process, and technology
• Defence-in-Breadth means including two layers of firewalls,
• Defence-in-Diversity means using a diverse product and service portfolio.

### Cybersecurity Incident Response and Crisis Management

• Paying ransoms does not guarantee the restoration of data or the return of stolen data.
• Paying ransoms encourages future attacks against the victim company and others, it can also run afoul of the US sanctions regime.
• There are legal and reputational risks associated with paying ransoms.

### Cybersecurity at the Cutting Edge

• Zero Trust is a cybersecurity framework that assumes no user or device can be trusted by default.
• Threat intelligence analysis and sharing involves collecting and analyzing data to identify potential threats and vulnerabilities.
• The use of Threat Intelligence and Zero Trust strategies is key to staying ahead of attackers.

Future for Cybersecurity

• There is an increasing need for greater collaboration and information sharing between organizations.
• AI and Automation are going to play a larger role in cybersecurity, but they will be accompanied by new and unique risks that need to be managed.
• Cybersecurity is now an arms race.

Description

This quiz explores essential concepts of cybersecurity, including the principles of defensive tactics, risk management, and incident response. Delve into the strategies like Defence-in-Depth and understand the importance of human factors in maintaining cybersecurity resilience. Test your knowledge on how to effectively prepare for and respond to cyber incidents.