Introduction to Cybersecurity - American University of Phnom Penh PDF
Document Details
Uploaded by AmbitiousEnjambment
American University of Phnom Penh
Tags
Summary
This document introduces core concepts in cybersecurity, including threats, vulnerabilities, and the importance of protecting sensitive data. It covers major cybersecurity incidents and explores the goals of information security, emphasizing confidentiality, integrity, and availability. Presented by the American University of Phnom Penh, the module also examines multi-factor authentication and cyber threat actors. The document serves as an introduction and could be useful for undergraduate students.
Full Transcript
Cybersecurity Technician ICT 320 MODULE 0 INTRODUCTION to CYBER SECURITY Whoami What is Cyber Security? CYBER SECURITY: Protection of the cyberspace against cyber threats and vulnerabilities Cybersecurity refers to the practice of...
Cybersecurity Technician ICT 320 MODULE 0 INTRODUCTION to CYBER SECURITY Whoami What is Cyber Security? CYBER SECURITY: Protection of the cyberspace against cyber threats and vulnerabilities Cybersecurity refers to the practice of protecting systems, networks, programs, and data from digital attacks, theft, or damage. It encompasses a wide range of strategies, technologies, and practices designed to safeguard sensitive information, ensure system integrity, and maintain availability of resources in the digital realm. CYBER SPACE: Complex of activities carried out through networks of computers; more precisely it's a cyber ecosystem (computer systems and devices, critical infrastructures, entire economic processes, and users, their data, their interests). What is Cyber Security? CYBER THREAT: typical threats include unauthorized access, destruction, system overrun and takeover, propagation of malicious code, data thieving and fabrication, … The attacks are "cyber" themselves. CYBER VULNERABILITY: the presence of weaknesses or loopholes in systems which may lead (systematically) to cyber attacks. A SECURITY RISK: refers to the potential for harm, loss, or damage to an organization's assets, operations, or reputation due to vulnerabilities that can be exploited by threats. Why Cybersecurity is Important in Modern Society In today's interconnected world, where digital technologies are integral to our daily lives, cybersecurity plays a critical role in ensuring trust, privacy, and safety. Key reasons for its importance include: Protection of Sensitive Data - Safeguarding personal, financial, and confidential business information from breaches. National Security - Defending against cyberattacks targeting critical infrastructure like power grids, healthcare systems, and financial institutions. Preventing Financial Loss - Cybercrime costs are projected to rise to trillions annually, impacting individuals, businesses, and governments. Preserving Reputation and Trust - Organizations rely on robust cybersecurity measures to maintain customer trust and brand value. Enabling Technological Innovation - Cybersecurity ensures the safe adoption of new technologies such as IoT, AI, and blockchain. Major Cybersecurity Incidents Over 200,000 computers across 150 countries Equifax Data breach Led to fuel shortages, economic losses, and payment of a multimillion- dollar ransom in Bitcoin. Goals of Information/Cyber Security Goals of Information/Cyber Security Confidentiality: Ensures that information is only accessible to authorized individuals or systems. Failure Causes: Unauthorized access (e.g., hacking, social engineering). Weak passwords or poor access controls. Data leaks or improper disposal of sensitive information. Confidentiality Control: Encryption (e.g., AES for data-at-rest and TLS for data-in-transit). Access controls (e.g., role-based access control). Multi-factor authentication (MFA). Regular security training and awareness programs. Goals of Information/Cyber Security Integrity: Ensures that information remains accurate, consistent, and unaltered unless authorized. Sources of Integrity failures: Intentional Alteration User Error Software or Hardware Error Acts of Nature Transmission errors or data corruption. Integrity Control: Hash functions (MD5) if any change make to file detection Digital Signature: Achieve goal of non-repudiation Version control systems for tracking changes. Audit logs and monitoring systems. Goals of Information/Cyber Security Availability: Ensures that systems, services, and data are accessible when needed by authorized users. Denial attacks seek to undermine availability. Availability Failure: Distributed Denial of Service (DDoS) attacks. Hardware failures or software crashes. Natural disasters or power outages. Availability Controls: Redundancy (e.g., RAID, backup servers, Redundance Components, High Availability, Fault Tolerance). Load balancing to handle high traffic. Business continuity plans and disaster recovery solutions. Regular maintenance and monitoring of systems to detect potential issues early. AAA Username/Password, Passphrase, PIN Token, OTP, Biometric, FaceID, Authenticators App, Retinal Scan Access Card Cyber Threat Actors Research Questions Next week: 1. What are the roles and responsibilities of a GRC (Governance, Risk Management, and Compliance) team in cybersecurity? 2. What functions does a Blue Team perform in the context of cybersecurity, and how do they contribute to an organization's security posture? 3. What activities and strategies are typically employed by a Red Team during cybersecurity exercises, and what is their main objective? Let’s start some research and prepare to discuss your findings, and how these roles contribute to effective cybersecurity practices. Q&A
