Cybersecurity & Information Security PDF

Document Details

ReverentEnlightenment3435

Uploaded by ReverentEnlightenment3435

Benha University

Dr. Shrouk Hossam Eldien

Tags

cybersecurity information security data security computer security

Summary

This presentation provides a basic overview of cybersecurity and information security concepts, highlighting the differences between the two fields. It covers the principles of protecting data, systems, and networks from potential threats.

Full Transcript

Cyber Security Presented by Dr. Shrouk Hossam Eldien 1 Course Content Brief discussion Chapter 1 Cybersecurity & Information Security. Chapter 2 Cyber Security Threats. Chapter 3 Access Controls. Chapter 4 Security Operations. Chapter 5 Risk Identific...

Cyber Security Presented by Dr. Shrouk Hossam Eldien 1 Course Content Brief discussion Chapter 1 Cybersecurity & Information Security. Chapter 2 Cyber Security Threats. Chapter 3 Access Controls. Chapter 4 Security Operations. Chapter 5 Risk Identification, Monitoring, and Analysis. Chapter 6 Incident Response and Recovery 2 Course Content Chapter 7 Networks and Communications Security. Chapter 8 Systems and Application Security. Chapter 9 Operational Security. Chapter 10 Security Best Practice. Chapter 11 Cryptography. 3 What is the difference between Information Security and Cybersecurity 4 Brief discussion What is the difference between Information security and Cyber security ? Information security and cybersecurity are closely related concepts, but they have different focuses within the broader realm of safeguarding digital assets and data. The key differences between information security and cybersecurity: 5 Brief discussion 1- scope: Information security: information security, often referred to as "infosec," is a broader term that encompasses all aspects of protecting information, including physical and electronic forms. It involves safeguarding data in all its states, whether it's in digital files, physical documents, or even in transit. Cybersecurity: cybersecurity is a subset of information security that specifically deals with protecting digital information from cyber threats. It primarily focuses on safeguarding data stored electronically, as well as the systems, networks, and devices that handle that data. 6 Brief discussion 2- Threat Landscape: Information Security: Information security considers a wider range of threats, including physical threats such as theft, unauthorized access to physical records, and disasters like fires or floods that can damage physical documents. Cybersecurity: Cybersecurity is exclusively concerned with digital threats and risks. This includes malware, hacking, data breaches (cracks), denial-of-service attacks, phishing, and any other malicious activities conducted through digital means. 7 Brief discussion 3- Components: Information Security: Information security includes measures like access control policies, physical security (locks and alarms), disaster recovery planning, and policies governing the handling of sensitive information in both digital and physical forms. Cybersecurity: Cybersecurity focuses on technical controls such as firewalls, intrusion detection and prevention systems, antivirus software, encryption, secure coding practices, and incident response procedures that specifically address digital threats. 8 Brief discussion 4- Cyber security's Emphasis on Network and Systems: Information Security: While information security does address network and system security, it is not its only focus. It considers a broader range of protective measures, including policies and procedures related to document handling and storage. Cybersecurity: Cybersecurity places a greater emphasis on network and system security, as these are the primary attack vectors for digital threats. Protecting servers, endpoints, and network infrastructure is central to cybersecurity efforts. 9 Brief discussion 5- data protection: Information security: information security is concerned with protecting data in all forms, including paper documents, hard drives, and physical records. Cybersecurity: cybersecurity is specifically concerned with protecting digital data, such as databases, files, and communications, from access, theft, or alteration. unauthorized 10 Chapter 1 Cybersecurity & Information Security 11 Cybersecurity & Information Security What is the difference between information security and Cybersecurity What is Information Security? Information security ( or lnfoSec) is another way of saying data security. So, if you are an information security specialist, your concern is for the confidentiality, integrity, and availability of your data. What is Cybersecurity? Cybersecurity is all about protecting data that is found in electronic form (such as computers, servers, networks, mobile devices, etc.) from being compromised or attacked. 12 Information Security & Privacy? Information Security Security refers to protection against the unauthorized access of data. So We put security controls in place to limit who can access the information. Information Privacy Privacy or Information privacy is concerned with proper handling, processing, storage and usage of personal information. It is all about the rights of individuals with respect to their personal information. 13 Information Security & Privacy? 14 Goals Information Security and Cyber Security To better understand cybersecurity and the protection of cyber assets, it is helpful to consider three key concepts that are used to guide security policies. Availability Integrity Confidentiality 15 16 17 Goals Information Security and Cyber Security 1- Confidentiality - Data must be protected from improper disclosure according to its sensitivity and applicable legal requirements. - The confidentiality of digital information can be maintained using several different means, including access controls, file permissions and encryption. 18 Goals Information Security and Cyber Security 2- Integrity - Any harm of integrity is significant because it may be the first step in a successful attack against system availability or confidentiality. - Contaminated systems and corrupted data must be dealt with immediately to assess the potential for further violation or damage. - The integrity of digital assets can be controlled by logging, digital signatures, hashes, encryption and access controls. 19 Goals Information Security and Cyber Security 3- Availability - Ensures the timely and reliable access to and use of information and systems. - This would include safeguards to make sure data are not accidentally or maliciously deleted. - This is particularly important with a mission-critical system, because any interruptions in its availability can result in a loss of productivity and revenue. Similarly, the loss of data can impact management's ability 20 Goals Information Security and Cyber Security. The impacts, potential consequences and methods of control of confidentiality, integrity and availability. 21 General Security Concepts Threat In the context of computer security, refers to anything that has the potential to cause serious harm to a computer system. Computer Vulnerability A computer vulnerability is a cybersecurity term that refers to a defect in a system that can leave it open to attack. In other words, a vulnerability is Weaknesses or gaps in a security program that can be exploited by threats to gain unauthorized access to an asset. 22 General Security Concepts Computer security vulnerabilities can be divided into numerous types based on different criteria. Some broad categories of these vulnerability types include: Network Vulnerabilities: Like insecure Wi-Fi access points or poorly-configured firewalls. Operating System Vulnerabilities: Like default administrator accounts. Human Vulnerabilities: The weakest link in many cybersecurity architectures is the human element. 23 General Security Concepts We can now provide a computational definition of security risk: Security Risk= Asset+ Threat+ Vulnerability In fact, it can be concluded that: Every asset is potentially a security risk. 24 Information Security Policy Information Security Policy as a measure to protect the confidentiality, integrity and availability of institutional data as well as any information systems that store, process or transmit institutional data. Institutional data is defined as any data that is owned or licensed. Information system is defined as any electronic system that stores, processes or transmits information. 25 Information Security Policy Policies Throughout its lifecycle, all Institutional Data shall be protected in a manner that is considered reasonable and appropriate given the level of sensitivity, value and criticality that the Institutional Data. Any Information System that stores, processes or transmits Institutional Data shall be secured in a manner that is considered reasonable and appropriate given the level of sensitivity, value and criticality that the Institutional Data. Individuals who are authorized to access Institutional Data shall observe to the appropriate Roles and Responsibilities. 26 Information Security Roles Three primary roles have been defined in the context of information security: Data Agent. Data Protector. User. A User is any employee, contractor or third-party affiliate of Carnegie Mellon who is authorized to access institutional data or information systems. Users are responsible for: Following to information security policies, guidelines and procedures. Reporting suspected vulnerabilities, breaches and/or misuse of institutional data to a manager, IT support staff or the Office Information Security. Safeguarding Institutional Data 27 Information Security Roles Users 1. Safeguard institutional data. 2. Safeguard electronic communications. 3. Avoid risky behavior online. 4. Report suspected security breaches. 28 Information Security Roles 1- Safeguarding Institutional Data - Know Your Data Be mindful of what type of data you handle: - Public. - Private. - Restricted. 29 Information Security Roles 1- Safeguarding Institutional Data Protecting Electronic Data : Avoid storing Restricted data on mobile computing devices. Don't store institutional data on personally owned computing devices. Don't store Restricted data on CDs, DVDs, USB thumb drives, etc. Don't transmit Restricted data via email and other insecure messaging solutions. Don't use personal email for business communications. Use strong passwords or passphrases. Secure your computing devices. Back up your data. 30 Information Security Roles 1- Safeguarding Institutional Data Safeguard Your Password Avoid storing Restricted data on mobile computing devices. Use a strong password or passphrase Change your password periodically Avoid using the same password for multiple accounts Don't write your password down or store it in an insecure manner Don't share your password with anyone for any reason Don't use automatic login functionality 31 Information Security Roles 1- Safeguarding Institutional Data Secure Your Computer Update and patch your operating system. Enable automatic software updates where available. Update and patch software applications (browsers, email clients, JAVA, etc.). Install and update antivirus software. Install and configure firewall software. Do not automatically connect to public wireless networks. Disconnect your computer from the wireless network when it is not in use. Use caution when enabling browser pop-ups. Use caution when downloading and installing software. Lock your computer when it is unattended. 32 Information Security Roles 1- Safeguarding Institutional Data Protecting Physical Data Close and lock your door when leaving your office unattended. Lock file cabinets that store institutional data. Don't leave Restricted data in plain view at your desk or on a whiteboard. Don't leave Restricted data sitting on a printer, copier, fax machine or other. Peripheral device. Protecting Verbal Communication Be mindful of your surroundings when discussing Restricted data. Don't discuss Restricted data with individuals who do not have a need to know. 33 Information Security Roles 1- Safeguarding Institutional Data Disposing of Data Place of data when it is no longer needed for business purposes. Use Identity Finder to securely delete files that contain Restricted data. Use the Computer Recycling Program to dispose of electronic media. Use a cross shredder to dispose of paper- based and written media. 34 Information Security Roles 2- Safeguarding Electronic Communications Disposing of Data Electronic communications can be in the form of email, instant messaging, text messaging, social network, etc. Avoid opening attachments from an untrusted source. Avoid clicking on links in electronic communications from an untrusted source Be wary of phishing scams. Avoid sending Restricted data through email and other electronic communications. 35 Information Security Roles 2- Safeguarding Electronic Communications Additional Considerations Use an official email account for all “business". Avoid using personal accounts for business workflows. Save personal communications in a designated folder. Organize your communications by project or work type. Save copies of important outgoing email. 36 Information Security Roles 3- Avoid Risky Behavior Online Be cautious when using file sharing applications Be cautious when browsing the web Be cautious when clicking on shortened URLs Avoid responding to questions or clicking on links in pop-up windows 37 Information Security Roles 4- Report Any Suspected Security Breach You need to: Disconnect the computer from the network Contact your department IT staff. Notify users of the computer, if any, of a temporary service outage Preserve any log information not resident on the compromised computer Wait for further instructions from your department IT staff. 38 Cyber Security Fundamentals Cyber Security Fundamentals There are three concept should be verified in context of cyber security: 1- Confidentiality 2- integrity 3- Availability 39 Cyber Security Fundamentals 1- Confidentiality is about preventing the disclosure of data to unauthorized parties. It also means trying to keep the uniqueness of authorized parties involved in sharing and holding data private and anonymous. Often confidentiality is compromised by cracking poorly encrypted data, Man-in-the- middle (MITM) attacks, disclosing sensitive data. Establishing confidentiality include: Data encryption. Two-factor authentication. Biometric verification. Security tokens. 40 Cyber Security Fundamentals 41 Cyber Security Fundamentals 2- Integrity: refers to protecting information from being modified by unauthorized parties. Standard measures to guarantee integrity: Cryptographic checksums. Using file permissions. Uninterrupted power supplies. Data backups. 42 Cyber Security Fundamentals 43 Cyber Security Fundamentals 3- Availability is making sure that authorized parties are able to access the information when needed. Standard measures to guarantee availability include: Backing up data to external drives. Implementing firewalls. Having backup power supplies. Data redundancy 44 45

Use Quizgecko on...
Browser
Browser