CYS107 Fundamentals of Cybersecurity Lecture Notes PDF

Summary

This document is a lecture on Fundamentals of Cybersecurity, covering topics such as the history of information security, different types of security, advantages and disadvantages of strategies, and case studies. It also includes information on the CIA triad (confidentiality, integrity, and availability) and why it is important.

Full Transcript

CYS107
Fundamentals of
Cybersecurity

Chapter 1:
Introduction to
Information Security
 Lecture Learning
outcomes
❑ Explain the main purpose and
the principles of information
security and its uses.
❑ Illustrates the advantages and
disadvantages of using
information security and its
main issues.
❑ Differentiate between Cyber
security, Information security,
and Network security.
 Outlines

History of Introduction of
Definition of
Information information
Security.
Security (IS). Security.

How can
Purpose of Principles of
information
Information Information
security be
Security. Security.
achieved?

Advantages and Issues of
Uses of Information
Disadvantages of information
Security.
using an IS. security.

Case Study. Practice Task.
“Information is the oxygen of the
modern age.”
Ronald Reagan
President of the United States from 1981 to 1989.
Difference between Data and
Information
 History of
Information Security
 1960s: Password Protection

It was during the 1960s when
organizations first started to
become more protective of
their computers.
During this time, there was no
internet or network to worry
about, so security was largely
focused on more physical
measures, and preventing
access to people with enough
knowledge about how to work
a computer.
 1970s: From CREEPER
to Reaper
Cybersecurity’s history began with
a research project during the
1970s, on what was then known
as the ARPANET (The Advanced
Research Projects Agency
Network).
A researcher named Bob Thomas
created a computer program
which was able to move
ARPANET’s network, leaving a
small trail wherever it went. He
named the program ‘CREEPER’,
because of the printed message
that was left when travelling
across the network: ‘I’M THE
CREEPER: CATCH ME IF YOU CAN’.
 Ray Tomlinson – the man who
invented email – later designed a
program which took CREEPER to
the next level, making it self-
replicating and the first ever
computer worm.
Fortunately, he then wrote another
program called Reaper which
chased CREEPER and deleted it,
providing the first example of
antivirus software.
 During the 1980s, the ARPANET network
also became more commonly known as
1980s: The the internet, and became available to
the public as the worldwide web during
Internet Goes 1989.
Mad Over the years that followed, computers
started to become more and more
connected, computer viruses became
more advanced.
 Example
The Russians, for example,
began using cyberpower as a
weapon and, in 1986, employed
German computer hacker
Marcus Hess to steal US military
secrets. He hacked into over
400 military computers,
including mainframes at the
Pentagon.
 1990s: The Rise of Firewalls

By the middle of the 90s, network
security threats had increased
exponentially and, as such, firewalls
and antivirus programs had to be
produced on a mass basis to protect
the public.
It was a NASA researcher who
created the very first firewall
program design, following a
computer virus attack at their
California base.
 2000s: Proper punishment

In the early 2000s, governments
began to clamp down on the
criminality of hacking, giving much
more serious sentences to those
culpable – including extensive jail
time and large fines.
This was a far cry from the 1980s,
where hackers were given much
lighter sentences – ranging from
stern warnings to probation.
 2010s: The Era of Major Breaches

Due to the consistent rise of
technology, hacking became ever
more complicated over the years
that followed, and a number of
major data breaches now largely
define the era. These include:
Snowden & The NSA, 2013. Edward
Snowden– a former CIA employee
and contractor for the US
Government – copied and leaked
classified information from the
National Security Agency (NSA),
highlighting the fact that the
government was effectively ‘spying’
on the public.
 Yahoo, 2013 – 2014. Hackers broke into Yahoo,
jeopardising the accounts and personal information of all
their three billion users. They were fined $35 million for
failing to disclose news of the breach in a timely manner,
and Yahoo’s sale price decreased by $350 million as a
result.*
WannaCry, 2017. More widely known as the first ‘ransom
worm’, WannaCry targeted computers running the
Microsoft Windows operating system and demanded
ransom payments in the Bitcoin cryptocurrency. In only one
day, the worm infected over 230,000 computers across 150
countries.
 What is Security?
The quality or state of being secure – to be free from
danger.
To ensure the well-being of an organization, it is crucial
to establish multiple layers of security.
Physical Security
Personal Security
Operation Security
Communication Security
Network Security
Information Security
Endpoint Security
Cloud Security
 Information Security
Information security protects
sensitive information from
unauthorized activities, including
inspection, modification,
recording, and any disruption or
destruction.
The goal is to ensure the safety
and privacy of critical data such as
customer account details,
financial data or intellectual
property.
How can information security be achieved?

Access to network
resources will be through
unique user ID and
password
Policies
Passwords will be 10
characters

Standards
Passwords should include
one non-alpha and not
found in dictionary

Procedures , Guidelines,
Practices
 Purposes of Information Security
Protecting sensitive information.
Mitigating risk.
Compliance with regulations.
Protecting reputation.
Ensuring business continuity
 Protecting sensitive information
Information security helps protect sensitive
information from being accessed, disclosed, or
modified by unauthorized individuals.
This includes personal information, financial
data, and trade secrets, as well as confidential
government and military information.
 Mitigating risk
By implementing information security
measures, organizations can mitigate the risks
associated with cyber threats and other
security incidents.
This includes minimizing the risk of data
breaches, denial-of-service attacks, and other
malicious activities.
 Compliance with regulations
Many industries and jurisdictions have specific
regulations governing the protection of
sensitive information.
Information security measures help ensure
compliance with these regulations, reducing
the risk of fines and legal liability.
 Protecting reputation

Security breaches can damage an
organization’s reputation and lead to lost
business.
Effective information security can help protect
an organization’s reputation by minimizing the
risk of security incidents.
 Ensuring business continuity
Information security helps ensure that critical
business functions can continue even in the
event of a security incident.
This includes maintaining access to key
systems and data, and minimizing the impact
of any disruptions.
Principles of Information Security
 What is CIA?

Confidentiality, integrity and availability. These
are the three components of the Information
Security, an information security model designed
to protect sensitive information from data
breaches.
 Why CIA?
It’s easy to protect some data that is valuable to
you only. You could store your pictures or ideas or
notes on an encrypted thumb drive, locked away
in a spot where only you have the key.
But companies and organizations have to deal
with this on a vast scale. After all, it’s the
company data—products, customer and employee
details, ideas, research, experiments—that make
your company useful and valuable.
 Confidentiality
It means keeping sensitive information
private and secure.
The aim is to prevent unauthorized access to
the data by cyber criminals or employees
without legitimate access.
For example : Data confidentiality usually
applies to personal information, like
customers’ names, contact details, and
payment card information. These details
should be stored in relevant databases and
made accessible only to those who need it.
 Integrity
This refers to the completeness and
accuracy of data, as well as the
organization's ability to protect it from
corruption.
For example : The organization must be
certain that their records are correct,
otherwise the recipient will receive incorrect
information about their health status, or
they might not receive an update at all.
 Availability
This refers to an organization's ability to
access information when needed.
For example : An organization's systems,
applications and data must be accessible
to authorized users on demand. If, for
example, the organization suffers a power
outage that knocks their systems offline,
their operations will grind to a halt.
 Why CIA shaped as Triangular ?
There is a reason that confidentiality, integrity
and availability are thought of in a triangular
pattern.
Each element connects with the others, and
when you implement measures to ensure the
protection of one, you must consider the
ramifications it has elsewhere.
 Advantages of Information Security

Improved security: By identifying and
classifying sensitive information, organizations
can better protect their most critical assets
from unauthorized access or disclosure.
Compliance: Many regulatory and industry
standards, such as HIPAA and PCI-DSS, require
organizations to implement information
classification and data protection measures.*
 Improved efficiency: By clearly identifying and
labeling information, employees can quickly and
easily determine the appropriate handling and
access requirements for different types of data.
Better risk management: By understanding the
potential impact of a data breach or unauthorized
disclosure, organizations can prioritize resources
and develop more effective incident response
plans.
 Cost savings: By implementing appropriate
security controls for different types of
information, organizations can avoid unnecessary
spending on security measures that may not be
needed for less sensitive data.
Improved incident response: By having a clear
understanding of the criticality of specific data,
organizations can respond to security incidents in
a more effective and efficient manner.
Disadvantages of Information Security
Complexity: Developing and maintaining an
information classification system can be
complex and time-consuming, especially for
large organizations with a diverse range of
data types.
Cost: Implementing and maintaining an
information classification system can be costly,
especially if it requires new hardware or
software.
 Resistance to change: Some employees may resist
the implementation of an information classification
system, especially if it requires them to change
their usual work habits.
Inaccurate classification: Information classification
is often done by human, so it is possible that some
information may be misclassified, which can lead to
inadequate protection or unnecessary restrictions
on access.
 Lack of flexibility: Information classification
systems can be rigid and inflexible, making it
difficult to adapt to changing business needs or
new types of data.
False sense of security: Implementing an
information classification system may give
organizations a false sense of security, leading
them to overlook other important security
controls and best practices.
Maintenance: Information classification should
be reviewed and updated frequently, if not it
can become outdated and ineffective.
 Uses of Information Security
Compliance: Meeting regulatory and legal
requirements, such as those related to data
privacy and protection.
Risk management: Identifying and mitigating
potential security threats to prevent harm to
the organization.
Disaster recovery: Developing and
implementing a plan to quickly recover from
data loss or system failures.
 Authentication: Verifying the identity of users
accessing information systems.
Encryption: Protecting sensitive information
from unauthorized access by encoding it into a
secure format.
Network security: Protecting computer
networks from unauthorized access, theft, and
other types of attacks.
 Endpoint Security: is the process of
protecting a network's endpoints – such as
desktops, laptops, and mobile devices – from
threats..
Physical security: Protecting information
systems and the information they store from
theft, damage, or destruction by securing the
physical facilities that house these systems.
 Issues of Information Security
Cyber threats: The increasing sophistication of
cyber attacks, including malware, phishing, and
ransomware, makes it difficult to protect
information systems and the information they
store.
Human error: People can inadvertently put
information at risk through actions such as losing
laptops or smartphones, clicking on malicious
links, or using weak passwords.
Insider threats: Employees with access to sensitive
information can pose a risk if they intentionally or
unintentionally cause harm to the organization.
 Legacy systems: Older information systems may
not have the security features of newer systems,
making them more vulnerable to attack.
Complexity: The increasing complexity of
information systems and the information they
store makes it difficult to secure them
effectively.
Mobile and IoT devices: The growing number of
mobile devices and internet of things (IoT)
devices creates new security challenges as they
can be easily lost or stolen, and may have weak
security controls.
 Integration with third-party systems: Integrating
information systems with third-party systems can
introduce new security risks, as the third-party
systems may have security vulnerabilities.*
Data privacy: Protecting personal and sensitive
information from unauthorized access, use, or
disclosure is becoming increasingly important as
data privacy regulations become more strict.
Globalization: The increasing globalization of
business makes it more difficult to secure
information, as data may be stored, processed,
and transmitted across multiple countries with
different security requirements.
Information Security vs Cybersecurity
vs Network Security
 Network Information
S.No Cyber Security
Security Security

Network Security is Information security is
Cybersecurity is the method
the method of the measures taken to
of protecting systems,
1 protecting the usability protect the records
networks, and programs
and integrity of your from unauthorized
from digital attacks.
network and data. entry and use.

Cyber Security &
Network Security is a
Cyber Security is a subpart Network Security
2 subpart of Cyber
of Information Security. comes under
Security.
Information Security.

Information security is
It protects anything in the It protects anything in for information
3
cyber area. the network area. irrespective of the
space.
 Information
Security attacks
Network Security against
Cyber ​security attacks against
4 attacks against unauthorized
cybercrime and cyber fraud.
trojans. access, disclosure
modification, and
disruption.

Network security Information
Cyber ​security ensures the security only ensures the security ensures the
5
of the entire digital data. security of transit protection of transit
data. and digital data.

Common Network
Common
Common Cyber Security Risks: Security Risks:
Information
Social engineering Viruses, worms,
Security Risks:
6 Brute force and trojans
Access
Baiting Denial of Service
Destruction
Ransomware (DOS) attack
Availability
Zero-day attacks
 Case Study
Snowden & The NSA, 2013.
Yahoo, 2013 – 2014.
WannaCry, 2017.

(1) Edward Snowden is NSA info leaker - YouTube
(1) Business: Yahoo says all 3 billion accounts hacked in 2013 data theft - YouTube
Cyber Attack: Ransomware causing chaos globally - BBC News (youtube.com)
 Practice Task
Create a basic security policy for personal data
on a computer.*

1) Configure security policy settings - Windows Security | Microsoft Learn
2)How to Protect Your Privacy on Windows 10 (spreadprivacy.com)
 Resources
Handbook of Information Security,
Volume 1” edited by Hossein Bidgoli
Information Security Principles and
Practice by Mark Stanislav and Mark
Merkow.
Computer Security Fundamentals by
Chuck Easttom.
Cybersecurity and Cyberwar: What
Everyone Needs to Know by P.W.
Singer and Allan Friedman.
What is Information Security? –
GeeksforGeeks
What Is the CIA Triad and Why Is It
Important? (itgovernance.co.uk)
 Test your Knowledge
Mention 3 differences between data and information?
Who has invented Creeper?
What is Reaper?
When did the internet become available to the public?
When did the rise of firewall technology occur?
In which year did the implementation of proper punishment for cyber criminals begin?
How would you define security?
Define information security and mention two goals?
How can information security be achieved with example?
Mention 5 purposes of information security?
Mention the principles of information security?
What is CIA?
What is confidentiality?
What is integrity?
What is availability?
Why CIA shaped as triangular?
Mention 4 advantages of information security?
Mention 4 disadvantages of information security?
Mention 5 uses of information security?
What is endpoint security with example?
Mention 6 issues of information security?
Compare between information security, cybersecurity and network security?
 Guidelines
1.The previous questions just to test your
knowledge.
2.Mention question means no need for
explanation just list the points.
3. Summarize definitions to provide concise
explanations.
4. In addition, make sure to focus on highlights
and colored text effectively in each slide.