Introduction to Cybersecurity

Study Notes

Cybersecurity protects computer systems, networks, and data from unauthorized access, use, disclosure, disruption, modification, or destruction.
It addresses growing threats from external and internal sources.
Cybersecurity continually evolves to adapt to emerging vulnerabilities and attack vectors.

Confidentiality: Ensures sensitive information is only accessible to authorized individuals or systems.
Integrity: Maintains data and system accuracy and completeness, preventing unauthorized changes.
Availability: Guarantees authorized users' timely and reliable access to data and resources.
Authentication: Verifies user or system identity before access.
Authorization: Defines permitted actions for authenticated users.
Non-repudiation: Ensures actions cannot be denied by the responsible party.
Risk Assessment: Identifies, analyzes, and evaluates potential security threats and vulnerabilities.
Incident Response: Develops and executes procedures for security breaches and other incidents.
Vulnerability Management: Identifies and mitigates security weaknesses in systems and applications.

Malware: Malicious software harming or disabling systems, stealing data (viruses, worms, Trojans, ransomware, spyware, adware).
Phishing: Social engineering to trick individuals into revealing sensitive information.
Denial-of-Service (DoS) Attacks: Overwhelms a system with traffic preventing legitimate access.
Distributed Denial-of-Service (DDoS) Attacks: Sophisticated DoS using multiple compromised systems.
Man-in-the-Middle (MitM) Attacks: Intercepts communication between parties without their knowledge.
SQL Injection: Exploits database vulnerabilities for unauthorized access or data manipulation.
Social Engineering: Manipulates individuals psychologically for sensitive information.
Advanced Persistent Threats (APTs): Highly sophisticated, long-term attacks by organized groups.

Strong Passwords: Complex, unique passwords for all accounts.
Multi-Factor Authentication (MFA): Adds layers of security beyond passwords.
Firewalls: Blocks unauthorized network traffic.
Antivirus Software: Detects and removes malicious software.
Intrusion Detection and Prevention Systems (IDS/IPS): Monitors network traffic for suspicious activity, blocking it.
Security Information and Event Management (SIEM): Collects, analyzes security logs for potential threats.
Data Loss Prevention (DLP): Prevents sensitive data from leaving the organization.
Security Awareness Training: Educates users about threats and best practices.
Regular Software Updates: Patches software vulnerabilities.
Data Encryption: Converts data to an unreadable format protecting it.
Network Segmentation: Isolates network segments limiting breach impact.
Secure Configuration Management: Implements secure configurations for systems and applications.

Cloud Security: Protects cloud-stored data and applications.
Internet of Things (IoT) Security: Secures internet-connected devices and networks.
Artificial Intelligence (AI) in Cybersecurity: Utilizes AI for threat detection, prevention, and response.
Blockchain Technology: Potentially enhances data security and transparency.
Quantum Computing Threats: Advancements potentially break current encryption methods.

Cybersecurity analysts, architects, and engineers implement & maintain security measures.
Security officers, managers, and auditors oversee and assess security practices.
Legal and compliance personnel ensure regulatory adherence.
Staff members adhere to established security best practices.