INFO ASSEC

1. Cybersecurity - is a practice of protecting systems, networks, and programs from digital

attacks. These cyberattacks are usually aimed at accessing, changing, or destroying
sensitive information; extorting money from users; or interrupting normal business
processes.

 Four (4) Cybersecurity Career Paths

1. Security Architect – This individual is responsible for maintaining the security of
a company’s computer system.
2. Security Consultant – S/He works as an advisor and supervisor for all security
measures necessary to protect a company or client’s assets effectively
3. Ethical Hacker – Also referred to as a white hat hacker, s/he is an information
security expert who systematically attempts to penetrate a computer system,
network, application, or other computing resources on behalf of its owners, and
with their permission, to find security vulnerabilities that a malicious hacker
could potentially exploit.
4. Chief Information Security Officer (CISO) – This person is responsible for an
organization’s information and data security.

2. THE ANATOMY OF CYBERATTACK:

Step 1: Reconnaissance - Hackers usually start by researching and gathering information
about the target organization. They look for network ranges, IP addresses, and domain
names.
Step 2: Attack - After getting access to the network, hackers proceed with infiltrating the
organization’s network. But to access the network freely, they need access privileges.
Step 3: Expansion - Hackers intrude all systems on the network using malicious
programs.
Step 4: Obfuscation - Hackers proceed to hiding their tracks to mask the origins of the
attack. Additionally, they safely place their exploit in a system to avoid getting detected.

3. Seven (7) cybersecurity risks that may impact organizations:

 Technology – While technology has revolutionized the way organizations conduct
business today, the broader and widespread use of technology also brings
vulnerabilities
 Supply Chain – Two (2) prevailing supply chain trends will heighten cyber risks
dramatically in the coming year: one (1) is the rapid expansion of operational data
exposed to cyber adversaries, from mobile and edge devices like the Internet of
Things (IoT).
 Internet of Things (IoT) – IoT devices are everywhere, and every device in a
workplace now presents a potential security risk.
  Business Operations – Connectivity to the Internet improves operational tasks
dramatically, but increased connectivity also leads to new security vulnerabilities.
 Employees – Employees remain one of the most common causes of breaches, yet
they do not even realize the true threat they pose to an entire organization’s
cybersecurity.
 Regulatory – Increased regulation, laws, rules, and standards related to cyber are
designed to protect and insulate businesses and their customers.
 Board of Directors – Cybersecurity oversight continues to be a point of emphasis for
board directors and officers, but recent history has seen an expanding personal risk
raising the stakes.

4. Cybersecurity Threats and Vulnerabilities

 Ransomware is a type of malicious software designed to extort money by
blocking access to files or the computer system until the ransom is paid
 Malware is a type of software designed to gain unauthorized access or cause
damage to a computer.
 Social engineering is a tactic that adversaries use to trick a user into revealing
sensitive information.
 Phishing is the practice of sending fraudulent e-mails that resemble e-mails from
reputable sources.
 Crypting services - are used for encrypting malware to obscure and make the
data difficult to detect.
 Crimeware is the buying and selling of malware on the “Dark Web,” a black
market for cyber criminals.
 Card skimmers are implanted in places like Point-of-Sale (POS) machines, bank
teller machines, and gas pumps to steal identity and credit card account data.
 Leaked data are data stolen from a user’s machine that can easily be sold on the
Dark Web. Examples include credit card numbers, social security numbers, and
corporate login credentials.

5. Confidentiality ensures that sensitive information is accessed only by an authorized

person and kept away from those not authorized to possess them.
6. Integrity ensures that the information is in a format that is true and correct to its original
purposes. The receiver of the information must have the information the creator
intended him/her to have. Only the authorized persons can edit the information.
7. Availability ensures that information and resources are available to those who need
them.
8. Data Classification Standards:
 Understanding – The cycle of managing data begins with understanding what the
data is, how it has been classified, and where it will be located
  Creating – This includes, but is not limited to, collecting data, experimenting,
observing, and measuring and simulation.
 Storing – This includes, but is not limited to, designing research, locating existing
data, and capturing and creating metadata.
 Using – This includes, but is not limited to, entering data, digitizing, transcribing
and translating, checking, validating, filtering and cleaning data, anonymizing
data where necessary, describing, managing, interpreting, and deriving data, and
statistical analysis.
 Sharing – This includes, but is not limited to, distributing, sharing, promoting
data, controlling access, establishing copyright, producing research outputs and
author publications, preparing data for preservation, and using the data
classification definitions to help the user through this process.
 Archiving – This includes, but is not limited to, migrating data to the best format
and suitable medium, backing up and storing data, creating metadata and
documentation, and archiving data.
 Destroying – This includes, but is not limited to, disposing of data, destroying
paper records and electronic media, and electronic shredding.

Handout 2
1. People – Employees can create some of the greatest risks to cybersecurity. When they
are well informed, however, they can also be an asset and the first line of defense.
2. Processes – This layer of cybersecurity ensures that IT teams have strategies in place to
proactively prevent and to respond quickly and effectively in the event of a cybersecurity
incident.
3. Technology – There are hosts of technologies that security teams can implement to layer
their defenses.

4. Emerging Technologies in Cybersecurity:

 Hardware authentication is a well-known fact that a majority of data users’ passwords
and usernames are weak.
 Cloud technology is set to have a significant impact on the transformation of systems
security technology. More business enterprises and government agencies have
embraced cloud technology to store the vast amounts of information that they
generate daily.
 Deep learning encompasses some technologies like machine learning and artificial
intelligence.
5. Security policy is a set of rules that applies to activities for the computer and
communications resources that belong to an organization.
6. Resource Protection – The resource protection scheme ensures that only authorized
users can access objects on the system.
7. Authentication – The assurance or verification that the resource (human or machine) at
the other end of the session really is what it claims to be.
8. Authorization – This is an assurance that the person or computer at the other end of the
session has permission to carry out the request.
9. Integrity – This is an assurance that the arriving information is the same as what was
sent out.
10. Nonrepudiation – This is the proof that a transaction occurred, or that a user sent or
received a message.
 11. Confidentiality – This is the assurance that sensitive information remains private and is
not visible to an eavesdropper. Confidentiality is critical to total data security
12. Auditing Security Activities – These monitor security-relevant events to provide a log of
both successful and unsuccessful (denied) access.
13. National Institute of Standards and Technology (NIST) – It is a federal agency within the
United States Department of Commerce. NIST’s mission is to develop and promote
measurement, standards, and technology to enhance productivity, facilitate trade, and
improve the quality of life.
14. Security architecture is a unified security design that addresses the necessities and
potential risks involved in a particular scenario or environment.

15. The key attributes of security architecture are as follows:

 Relationships and Dependencies – These signify the relationship between the
various components inside IT architecture and how they depend on each other.
 Benefits – Security architecture’s main advantage is its standardization, which makes
it affordable. It is cost-effective due to the re-use of controls described in the
architecture.
 Form – Security architecture is associated with IT architecture; however, it may take a
variety of forms. It includes a catalog of conventional controls in addition to
relationship diagrams and principles.
 Drivers – Security controls are determined based on these four (4) factors:
o Risk management
o Benchmarking and good practice
o Financial
o Legal and regulatory
16. The key phases in the security architecture process are as follows:
 Architecture Risk Assessment – This evaluates the business influence of vital business
assets and the odds and effects of vulnerabilities and security threats.
 Security Architecture and Design – This is the design and architecture of security
services, which facilitate business risk exposure objectives.
 Implementation – Security services and processes are implemented, operated and
controlled. Assurance services are designed to ensure that the security policy and
standards, security architecture decisions, and risk management are mirrored in the
real runtime implementation.
 Operations and Monitoring – These are the day-by-day processes, such as threat and
vulnerability management and threat management. Measures are taken to supervise
and handle the operational state in addition to the depth and breadth of the system’s
security.