Cybersecurity Strategies and Incident Response

Questions and Answers

What potential consequence does paying a ransom have on the victim company?

Restoration of all stolen data

Legal immunity from future attacks

Improved public reputation

Encouragement of future attacks (correct)

Why is paying a ransom illegal under U.S. regulations?

It promotes data theft

It supports foreign terrorist organizations (correct)

It guarantees data recovery

It violates state insurance laws

What is a significant risk associated with ransom payments regarding a company's reputation?

Immediate recovery of public trust

Increase in customer base

No effect on future business dealings

Long-term negative impact on outlook (correct)

What guidance have some state insurance regulators given regarding ransom payments?

They discourage carriers from making ransomware payments.

What might be a legal consequence of negotiating a ransom payment?

It may cause regulatory fines from financial authorities.

What is a common misconception about the process of ransom negotiation?

It always results in significant data recovery.

What element of cybersecurity might be most negatively affected by ransom payments?

Corporate communications

What key aspect must be considered when dealing with ransomware according to legal frameworks?

Payments could fall under sanctions regimes.

What does 'mitigate to reasonableness' refer to in cybersecurity?

Addressing risks in a manner that is sensible and justifiable.

Which of the following describes the principle of Defence-in-Depth?

Implementing security at multiple layers involving people, processes, and technology.

What is the significance of Defence-in-Breadth in cybersecurity?

It focuses on using two or more independent layers of defense.

What does accepting residual risk entail?

Choosing not to address certain risks after mitigation efforts.

In the context of cybersecurity, what does Defence-in-Diversity refer to?

Implementing various types of protective measures and technologies.

What is a primary focus of cybersecurity incident response?

Responding to cybersecurity incidents in a timely and effective manner.

What roles are encompassed within cybersecurity governance?

Strategic management of cybersecurity policies, procedures, and practices.

Which approach emphasizes using diverse products and services in cybersecurity?

Defence-in-Diversity

What concept describes the nature of cybersecurity as a battle between different players?

Asymmetric warfare

According to cybersecurity experts, what do defenders typically focus on in contrast to attackers?

Lists

What is noted as the weakest link in cybersecurity?

Homosapiens

Who is credited with a famous quote that relates to knowing the enemy for success in battles?

Sun Tzu

Which of the following statements best reflects the mentality of attackers in cybersecurity?

Attackers think in networks and connections.

Which element is considered essential for effective cyber defense strategies?

User awareness and training

What does the phrase 'defenders think in lists' imply regarding their approach to cybersecurity?

They prioritize tasks in a linear fashion.

In the context of cyber warfare, what is a significant tactical advantage for attackers?

Understanding the defender's strategy

What is one primary goal of a Cybersecurity Framework?

To provide a structured approach to managing cybersecurity risks

Which of the following represents a digital supply chain advancement described in 'Supply Chain 4.0'?

Use of artificial intelligence and data analytics

What does the Cyber Trust Mark signify for organizations?

Proficiency in managing cybersecurity risks and threats

What is a primary focus of initiatives aimed at mitigating phishing threats?

Training users to recognize suspicious communications

Which organization is responsible for the Cyber Essentials Mark in Singapore?

Cyber Security Agency of Singapore

Which of the following is most likely a benefit of Cyber Trust certification?

Enhanced reputation and customer trust

In the context of internet security, what does the term 'ransomware' refer to?

Malware that demands payment to unlock data

What is an essential feature of next-generation supply chains as discussed in 'Supply Chain 4.0'?

Integration of IoT devices for real-time monitoring

What are the three levels of threat intelligence mentioned?

Strategic, operational, and tactical

What is one key aspect of Zero Trust in cybersecurity?

Assumes breach and verifies each request

What is the primary focus of incident response in cybersecurity?

Minimizing damage and restoring operations

What role does Operational Technology (OT) cybersecurity play according to the competency framework?

Involves securing industrial systems and processes

What can be inferred from the incident of the missing pico balloon used for weather monitoring?

Human errors can lead to the loss of reconnaissance tools

What does cyber resilience primarily focus on?

Minimizing downtime and recovering from incidents

How does the Cyber Crisis Management Planning framework aim to help organizations?

By reducing cyber risk and increasing organizational resilience

Which organization published the Operational Technology Cybersecurity Competency Framework?

CSA Singapore

Study Notes

### Thinking Like a Hacker to Defend

• “If you know the enemy and you know yourself, you need not fear the results of a hundred battles.” - Paraphrased from Sun Tzu’s famous quote
• Cybersecurity is asymmetric warfare.
• “Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win.” - John LaTour and others
• The weakest link in the chain of cybersecurity is humans.

### Cybersecurity Governance, Risk, and Compliance

• Mitigate to reasonableness and accept residual risk.
• There are three key defenses for cybersecurity: Defence-in-Depth, Defence-in-Breadth & Defence-in-Diversity
• Defence-in-Depth is a solution across people, process, and technology
• Defence-in-Breadth means including two layers of firewalls,
• Defence-in-Diversity means using a diverse product and service portfolio.

### Cybersecurity Incident Response and Crisis Management

• Paying ransoms does not guarantee the restoration of data or the return of stolen data.
• Paying ransoms encourages future attacks against the victim company and others, it can also run afoul of the US sanctions regime.
• There are legal and reputational risks associated with paying ransoms.

### Cybersecurity at the Cutting Edge

• Zero Trust is a cybersecurity framework that assumes no user or device can be trusted by default.
• Threat intelligence analysis and sharing involves collecting and analyzing data to identify potential threats and vulnerabilities.
• The use of Threat Intelligence and Zero Trust strategies is key to staying ahead of attackers.

Future for Cybersecurity

• There is an increasing need for greater collaboration and information sharing between organizations.
• AI and Automation are going to play a larger role in cybersecurity, but they will be accompanied by new and unique risks that need to be managed.
• Cybersecurity is now an arms race.

Description

This quiz explores essential concepts of cybersecurity, including the principles of defensive tactics, risk management, and incident response. Delve into the strategies like Defence-in-Depth and understand the importance of human factors in maintaining cybersecurity resilience. Test your knowledge on how to effectively prepare for and respond to cyber incidents.