Introduction to Cybersecurity PDF
Document Details
Tags
Summary
This document provides an introduction to cybersecurity, covering topics like the CIA triad and various sectors within the cybersecurity industry. It explains the importance of confidentiality, integrity, and availability in information security.
Full Transcript
INTRODUCTION TO CYBER SECURITY TOPIC OUTLINE WHAT IS CYBERSECURITY THE CIA TRIAD THE CYBERSECURITY INDUSTRY WHAT IS CYBERSECURITY, EXACTLY? “CYBERSECURITY IS THE PRACTICE OF PROTECTING SYSTEMS, NETWORKS, AND PROGRAMS FROM DIGITAL ATTACKS.” THE CIA TRIAD A BASIC, OVERARCHING MODEL FO...
INTRODUCTION TO CYBER SECURITY TOPIC OUTLINE WHAT IS CYBERSECURITY THE CIA TRIAD THE CYBERSECURITY INDUSTRY WHAT IS CYBERSECURITY, EXACTLY? “CYBERSECURITY IS THE PRACTICE OF PROTECTING SYSTEMS, NETWORKS, AND PROGRAMS FROM DIGITAL ATTACKS.” THE CIA TRIAD A BASIC, OVERARCHING MODEL FOR CYBERSECURITY, PARTICULARLY AS IT RELATES TO INFORMATION, IS THE CIA TRIAD. CIA STANDS FOR CONFIDENTIALITY, INTEGRITY, AND AVAILABILITY (NOT THE US CENTRAL INTELLIGENCE AGENCY). NEARLY ALL INFORMATION SECURITY POLICIES TRACE BACK TO THIS MODEL. LET’S GO THROUGH EACH COMPONENT OF THIS TRIAD. Confidentiality This pillar of the triad refers to protecting private information from eyes that shouldn’t have access to it. Confidentiality is the need to enforce access - who can see this, and who shouldn’t? For example, we don’t want to give our social security number to just anyone. Still, we trust that the institutions we give them to - like tax services - implement the right security measures to keep it secret. So what tools are used to guarantee the right access? Some of the ways confidentiality is managed are: Keeping levels of access and setting permissions Encrypting data and files Requiring multi-factor authentication Integrity Integrity refers to data integrity here. We need security controls that protect data from being changed or deleted. We must also ensure that the damage can be reversed if data is changed accidentally or by the wrong person. Some techniques related to integrity are: Keeping backups of the data in its correct state and logging versions Using cryptography to securely check for changes Keeping track of digital signatures to prove integrity of data Availability This last pillar refers to data being consistently, reliably available to those authorized. For example, when you log in to a social media account and want to set your privacy settings, you expect all the correct settings you had set before to appear immediately. The social media company ensures that even with high traffic, information gets to your screen. How is this accomplished? Always monitoring servers and networks Maintaining hardware and software Having a plan for disaster recovery THE CYBERSECURITY INDUSTRY SECURITY ENGINEERING This section refers to the technical implementation of various forms of security. Information security, or InfoSec, protects data in any form from being accessed, modified, shared, or deleted by the wrong people. Network security is concerned with the network infrastructure of an organization that guards against unauthorized access or data from being intercepted. Application security refers to implementing measures that defend an application (mobile, desktop, or web) from attack, including both software and hardware solutions. Examples of application security include secure coding, the use of antivirus programs, firewalls, and encryption. Cloud security refers to the new field of making sure resources uploaded into the cloud are secure. Companies and users are constantly moving more resources into the cloud, and professionals in this field need to be familiar with implementing security in this environment. Cryptography focuses on methods to hide and un-hide information so that data is only readable or usable by authorized people. This requires familiarity with all types of encryption and hashing algorithms. Critical infrastructure security is defending physical systems that are becoming more digital/networked, such as energy grids, hospitals, water and waste systems, and even schools. Among the issues that come up are natural disasters and outages. GOVERNANCE AND COMPLIANCE It’s critical to understand international, federal, and state laws and regulations for security. This has implications on the security operations for all organizations. Compliance refers to making sure an organization enforces certain policies, and continuously auditing as well. This is becoming an increasingly important area of work. While these roles might not require programming knowledge, these roles require foundational knowledge of cybersecurity as well as all the laws and regulations that impact a particular industry. RISK MANAGEMENT AND THREAT INTELLIGENCE THREAT INTELLIGENCE IS THE CONTINUOUS GATHERING OF KNOWLEDGE OF POSSIBLE ATTACKS. INTELLIGENCE COULD LOOK LIKE KNOWING THE MOTIVATIONS BEHIND ATTACKS, WHAT THE SCALE OF ATTACKS COULD BE, AND WHAT VECTORS THAT MIGHT USE. THESE ROLES OFTEN INTERSECT WITH DATA SCIENCE AND MACHINE LEARNING BECAUSE OF THE NEED TO PROCESS ALL THIS INFORMATION. SECURITY OPERATIONS People who work in this area are responsible for implementing security principles, monitoring incidents, and recovering from disasters. They work closely with everyone under the security umbrella to: Detect when something has gone wrong. Implement preventative measures against cyber attacks. Make sure there are back-ups in case a system is compromised and data is lost. Track changes to a system. Come up with disaster recovery plans in advance Create documents and organization policies for all of the above. EDUCATION Security education is a growing area in itself! This domain acknowledges that the most securely designed technologies are only as strong as the people who use them. User education teaches best practices for people to protect themselves against cyber threats. Security training also happens in large organizations, where employees are educated and updated on the organization’s security policies and practices. THANKYOU