Cybersecurity & Information Security PDF

Summary

This presentation provides a basic overview of cybersecurity and information security concepts, highlighting the differences between the two fields. It covers the principles of protecting data, systems, and networks from potential threats.

Full Transcript

Cyber Security
Presented by
Dr. Shrouk Hossam Eldien

1
 Course Content
Brief discussion
Chapter 1 Cybersecurity & Information Security.
Chapter 2 Cyber Security Threats.
Chapter 3 Access Controls.
Chapter 4 Security Operations.
Chapter 5 Risk Identification, Monitoring, and Analysis.
Chapter 6 Incident Response and Recovery

2
 Course Content
Chapter 7 Networks and Communications Security.
Chapter 8 Systems and Application Security.
Chapter 9 Operational Security.
Chapter 10 Security Best Practice.
Chapter 11 Cryptography.

3
 What is the difference between
Information Security and Cybersecurity

4
 Brief discussion

What is the difference between Information security and Cyber security ?

Information security and cybersecurity are closely related concepts, but they have
different focuses within the broader realm of safeguarding digital assets and data.

The key differences between information security and cybersecurity:

5
 Brief discussion
1- scope:
Information security: information security, often referred to as "infosec," is a
broader term that encompasses all aspects of protecting information, including
physical and electronic forms. It involves safeguarding data in all its states,
whether it's in digital files, physical documents, or even in transit.
Cybersecurity: cybersecurity is a subset of information security that specifically
deals with protecting digital information from cyber threats. It primarily focuses
on safeguarding data stored electronically, as well as the systems, networks, and
devices that handle that data.

6
 Brief discussion
2- Threat Landscape:
Information Security: Information security considers a wider range of threats,
including physical threats such as theft, unauthorized access to physical records,
and disasters like fires or floods that can damage physical documents.
Cybersecurity: Cybersecurity is exclusively concerned with digital threats and
risks. This includes malware, hacking, data breaches (cracks), denial-of-service
attacks, phishing, and any other malicious activities conducted through digital
means.

7
 Brief discussion
3- Components:
Information Security: Information security includes measures like access control
policies, physical security (locks and alarms), disaster recovery planning, and
policies governing the handling of sensitive information in both digital and
physical forms.
Cybersecurity: Cybersecurity focuses on technical controls such as firewalls,
intrusion detection and prevention systems, antivirus software, encryption,
secure coding practices, and incident response procedures that specifically address
digital threats.

8
 Brief discussion
4- Cyber security's Emphasis on Network and Systems:
Information Security: While information security does address network and
system security, it is not its only focus. It considers a broader range of protective
measures, including policies and procedures related to document handling and
storage.
Cybersecurity: Cybersecurity places a greater emphasis on network and system
security, as these are the primary attack vectors for digital threats. Protecting
servers, endpoints, and network infrastructure is central to cybersecurity efforts.

9
 Brief discussion
5- data protection:
Information security: information security is concerned with protecting data in all
forms, including paper documents, hard drives, and physical records.
Cybersecurity: cybersecurity is specifically concerned with protecting digital
data, such as databases, files, and communications, from access, theft, or
alteration. unauthorized

10
 Chapter 1
Cybersecurity & Information Security

11
Cybersecurity & Information Security
What is the difference between information security and
Cybersecurity
What is Information Security?
Information security ( or lnfoSec) is another way of saying data security. So, if
you are an information security specialist, your concern is for the confidentiality,
integrity, and availability of your data.
What is Cybersecurity?
Cybersecurity is all about protecting data that is found in electronic form
(such as computers, servers, networks, mobile devices, etc.) from being
compromised or attacked.

12
Information Security & Privacy?
Information Security
Security refers to protection against the unauthorized access of data.
So
We put security controls in place to limit who can access the information.
Information Privacy
Privacy or Information privacy is concerned with proper handling,
processing, storage and usage of personal information.
It is all about the rights of individuals with respect to their personal
information.

13
Information Security & Privacy?

14
Goals Information Security and Cyber Security
To better understand cybersecurity and the protection of cyber
assets, it is helpful to consider three key concepts that are used to
guide security policies.
Availability
Integrity
Confidentiality

15
16
17
Goals Information Security and Cyber Security
1- Confidentiality

- Data must be protected from improper disclosure according to its
sensitivity and applicable legal requirements.

- The confidentiality of digital information can be maintained using several
different means, including access controls, file permissions and encryption.

18
Goals Information Security and Cyber Security
2- Integrity
- Any harm of integrity is significant because it may be the first step in a
successful attack against system availability or confidentiality.
- Contaminated systems and corrupted data must be dealt with immediately to
assess the potential for further violation or damage.
- The integrity of digital assets can be controlled by logging, digital signatures,
hashes, encryption and access controls.

19
Goals Information Security and Cyber Security
3- Availability

- Ensures the timely and reliable access to and use of information and
systems.

- This would include safeguards to make sure data are not accidentally or
maliciously deleted.

- This is particularly important with a mission-critical system, because any
interruptions in its availability can result in a loss of productivity and
revenue. Similarly, the loss of data can impact management's ability
20
 Goals Information Security and Cyber Security.
The impacts, potential consequences and methods of control of confidentiality, integrity
and availability.

21
General Security Concepts
Threat
In the context of computer security, refers to anything that has the potential to
cause serious harm to a computer system.

Computer Vulnerability
A computer vulnerability is a cybersecurity term that refers to a defect in a
system that can leave it open to attack.
In other words, a vulnerability is Weaknesses or gaps in a security program
that can be exploited by threats to gain unauthorized access to an asset.

22
General Security Concepts
Computer security vulnerabilities can be divided into numerous
types based on different criteria.
Some broad categories of these vulnerability types include:
Network Vulnerabilities: Like insecure Wi-Fi access points or
poorly-configured firewalls.
Operating System Vulnerabilities: Like default administrator
accounts.
Human Vulnerabilities: The weakest link in many cybersecurity
architectures is the human element.

23
General Security Concepts
We can now provide a computational
definition of security risk:
Security Risk= Asset+ Threat+ Vulnerability
In fact, it can be concluded that: Every
asset is potentially a security risk.

24
Information Security Policy
Information Security Policy as a measure to protect the
confidentiality, integrity and availability of institutional
data as well as any information systems that store,
process or transmit institutional data.
Institutional data is defined as any data that is owned
or licensed.
Information system is defined as any electronic
system that stores, processes or transmits
information.

25
Information Security Policy
Policies
Throughout its lifecycle, all Institutional Data shall be protected in a manner
that is considered reasonable and appropriate given the level of sensitivity,
value and criticality that the Institutional Data.
Any Information System that stores, processes or transmits Institutional
Data shall be secured in a manner that is considered reasonable and
appropriate given the level of sensitivity, value and criticality that the
Institutional Data.
Individuals who are authorized to access Institutional Data shall observe to
the appropriate Roles and Responsibilities.

26
Information Security Roles
Three primary roles have been defined in the context of information security:
Data Agent.
Data Protector.
User.

A User is any employee, contractor or third-party affiliate of Carnegie Mellon who is authorized
to access institutional data or information systems.
Users are responsible for:
Following to information security policies, guidelines and procedures.

Reporting suspected vulnerabilities, breaches and/or misuse of institutional data to a
manager, IT support staff or the Office Information Security.

Safeguarding Institutional Data

27
Information Security Roles
Users
1. Safeguard institutional data.
2. Safeguard electronic communications.
3. Avoid risky behavior online.
4. Report suspected security breaches.

28
Information Security Roles
1- Safeguarding Institutional Data
- Know Your Data
Be mindful of what type of data you handle:
- Public.
- Private.
- Restricted.

29
Information Security Roles
1- Safeguarding Institutional Data
Protecting Electronic Data :
Avoid storing Restricted data on mobile computing devices.
Don't store institutional data on personally owned computing devices.
Don't store Restricted data on CDs, DVDs, USB thumb drives, etc.
Don't transmit Restricted data via email and other insecure messaging
solutions.
Don't use personal email for business communications.
Use strong passwords or passphrases.
Secure your computing devices.
Back up your data.

30
Information Security Roles
1- Safeguarding Institutional Data
Safeguard Your Password
Avoid storing Restricted data on mobile computing devices.
Use a strong password or passphrase
Change your password periodically
Avoid using the same password for multiple accounts
Don't write your password down or store it in an insecure manner
Don't share your password with anyone for any reason
Don't use automatic login functionality

31
Information Security Roles
1- Safeguarding Institutional Data
Secure Your Computer
Update and patch your operating system.
Enable automatic software updates where available.
Update and patch software applications (browsers, email clients, JAVA, etc.).
Install and update antivirus software.
Install and configure firewall software.
Do not automatically connect to public wireless networks.
Disconnect your computer from the wireless network when it is not in use.
Use caution when enabling browser pop-ups.
Use caution when downloading and installing software.
Lock your computer when it is unattended.

32
Information Security Roles
1- Safeguarding Institutional Data
Protecting Physical Data
Close and lock your door when leaving your office unattended.
Lock file cabinets that store institutional data.
Don't leave Restricted data in plain view at your desk or on a whiteboard.
Don't leave Restricted data sitting on a printer, copier, fax machine or other.
Peripheral device.

Protecting Verbal Communication
Be mindful of your surroundings when discussing Restricted data.
Don't discuss Restricted data with individuals who do not have a need to know.

33
Information Security Roles
1- Safeguarding Institutional Data
Disposing of Data
Place of data when it is no longer needed
for business purposes.
Use Identity Finder to securely delete
files that contain Restricted data.
Use the Computer Recycling Program to
dispose of electronic media.
Use a cross shredder to dispose of paper-
based and written media.

34
Information Security Roles
2- Safeguarding Electronic Communications
Disposing of Data
Electronic communications can be in the form of email, instant messaging,
text messaging, social network, etc.
Avoid opening attachments from an untrusted source.
Avoid clicking on links in electronic communications from an untrusted
source Be wary of phishing scams.
Avoid sending Restricted data through email and other electronic
communications.

35
Information Security Roles
2- Safeguarding Electronic Communications
Additional Considerations
Use an official email account for all “business".
Avoid using personal accounts for business workflows.
Save personal communications in a designated folder.
Organize your communications by project or work type.
Save copies of important outgoing email.

36
Information Security Roles
3- Avoid Risky Behavior Online
Be cautious when using file sharing
applications
Be cautious when browsing the
web
Be cautious when clicking on
shortened URLs
Avoid responding to questions or
clicking on links in pop-up windows

37
Information Security Roles
4- Report Any Suspected Security Breach
You need to:
Disconnect the computer from the network
Contact your department IT staff.
Notify users of the computer, if any, of a temporary service outage
Preserve any log information not resident on the compromised computer
Wait for further instructions from your department IT staff.

38
Cyber Security Fundamentals
Cyber Security Fundamentals

There are three concept should be verified in context of cyber security:

1- Confidentiality

2- integrity

3- Availability

39
Cyber Security Fundamentals
1- Confidentiality is about preventing the disclosure of data to unauthorized parties.
It also means trying to keep the uniqueness of authorized parties involved in
sharing and holding data private and anonymous.

Often confidentiality is compromised by cracking poorly encrypted data, Man-in-the-
middle (MITM) attacks, disclosing sensitive data.
Establishing confidentiality include:
Data encryption.
Two-factor authentication.
Biometric verification.
Security tokens.

40
Cyber Security Fundamentals

41
Cyber Security Fundamentals
2- Integrity: refers to protecting information from being modified by
unauthorized parties.
Standard measures to guarantee integrity:
Cryptographic checksums.
Using file permissions.
Uninterrupted power supplies.
Data backups.

42
Cyber Security Fundamentals

43
Cyber Security Fundamentals
3- Availability is making sure that authorized parties are able to access the
information when needed.

Standard measures to guarantee availability include:
Backing up data to external drives.
Implementing firewalls.
Having backup power supplies.
Data redundancy

44
45