Introduction to Cyber Security

Chapter one
Agenda
• Understanding Cybersecurity & its goal
• Principles of Cybersecurity
• Threat Landscape
• Cybersecurity Frameworks and Standards
• Cybersecurity Technologies and Tools
• Cyber security Architecture
• Cybersecurity Best Practices
Understanding Cybersecurity

Definition
Cybersecurity is the art of protecting networks,
devices, and data from unauthorized access or
criminal use and the practice of ensuring
confidentiality, integrity, and availability of
information (Cisa, 2021).
Understanding Cybersecurity

Goal of Cyber Security:

The goal of cyber security is to protect confidentiality,

integrity, and availability of an information.
Confidentiality, Integrity, and Availability

Confidentiality, integrity and availability, known as the

CIA triad, is a guideline for information security for an
organization.

• Confidentiality ensures the privacy of data by

restricting access through authentication encryption.
Confidentiality, Integrity, and Availability

• Integrity assures that the information is accurate

and trustworthy.

• Availability ensures that the information is accessible

to authorized people.
Confidentiality:
• Another term for confidentiality would be privacy.
Company policies should restrict access to the information
to authorized personnel and ensure that only those
authorized individuals view this data.
Integrity:
• Integrity is accuracy, consistency, and trustworthiness of
the data during its entire life cycle. Data must be
unaltered during transit and not changed by unauthorized
entities.
Availability:

Maintaining equipment, performing hardware repairs,

keeping operating systems and software up to date, and
creating backups ensure the availability of the network and
data to the authorized users.

• Plans should be in place to recover quickly from natural

or man-made disasters such as denial of service (DoS).
Principles of Cybersecurity
The fundamental principles of cybersecurity guide the design
and implementation of effective security measures.
These principles include:
• Confidentiality, Integrity, Availability (CIA).
• Non-repudiation: preventing individuals from denying their
actions in a digital transaction.
• Authentication: verifying the identity of users and devices.
Threat Landscape
Threat Landscape
The threat landscape in cybersecurity is diverse and
constantly evolving.
Cyber threats are diverse Common cyber threats Cyber-criminals target
and constantly evolving, include Advanced Persistent various sectors, including
ranging from common Threat (APT), phishing, finance, healthcare,
malware attacks to ransomware, social government, retail,
sophisticated nation- engineering, distributed education and critical

state-sponsored denial-of-service (DDoS) infrastructure.

campaigns. attacks, and insider threats.

Cybersecurity Frameworks
and Standards
Cybersecurity Frameworks and Standards
Overview of Frameworks and Standards: Cybersecurity
frameworks and standards provide guidelines and best
practices for organizations to assess, improve, and maintain
their cybersecurity posture.
• They offer structured approaches to managing
cybersecurity risks and complying with regulatory
requirements.
Cybersecurity Frameworks and Standards
NIST Cybersecurity Framework:

The NIST Cybersecurity Framework is a widely adopted

framework developed by the National Institute of Standards
and Technology (NIST) to help organizations manage and
reduce cybersecurity risks.
NIST Framework: Identify

• It consists of five Recover Protect

core functions for NIST Frame work

risk management.

Respond Detect
Cybersecurity Technologies and
Tools
Cybersecurity Technologies and Tools
Network Security Technologies:

Network security technologies such as firewalls,

intrusion detection systems (IDS), intrusion prevention
systems (IPS), and virtual private networks (VPNs) help
protect networks from unauthorized access, malicious
traffic, and cyber attacks.
Cybersecurity Technologies and Tools
Endpoint Security Technologies:

Endpoint security technologies such as antivirus software,

endpoint detection and response (EDR) solutions-SIEM-,
and mobile device management (MDM) tools help secure
endpoints such as computers, laptops, smartphones, and
tablets from malware, phishing, and other threats.
Cybersecurity Technologies and Tools
Encryption and Cryptography:

Encryption and cryptography technologies help protect

data in transit and at rest by converting it into
unreadable ciphertext that can only be decrypted with
the appropriate cryptographic keys.
• Encryption is used to ensure confidentiality, integrity,
and authenticity of data.
Cybersecurity Technologies and Tools
Access Control Mechanisms: Access control mechanisms
such as authentication, authorization, and accounting
(AAA) help enforce security policies and restrict access to
resources based on user roles, permissions, and
privileges.
• Access control technologies include passwords,
biometrics, role-based access control (RBAC), and
single sign-on (SSO) solutions.
Session 2
 Prevention Detection

What is security?

Response
What is security
What is security?
• S = Prevention + Detection + Response

• Security is a process, not an end state.

• No organization can be considered "secure" for any
time.
• Security is the process of maintaining an
acceptable level of perceived risk.
Cybersecurity Architecture
Cybersecurity Architecture
Five principles of cyber security architecture:

1- Defense-in-depth 2- Least privilege

3- Separation of duties 4- Security in design

5- Comply with Policy

Five principles of cyber security Arch.

• Defense-in-depth: is all about not relying on any

single security mechanism to keep the system
safe.
 Cyber Security Architecture

1. Defense-in-depth:
Strong Deploy
Encryption
Firewalls

Vulnerability
Multi-factor Implementing
assessment
Authentication EDR solutions
b/n WS & DB
(MFA)
Cyber Security Architecture

2) Least Privilege:
• Giving access privileges to those who are authorized,
justified, and required for the duration of their need
for that access right.
Things to consider:
✓ Hardening the system service configurations.
× Stop Privilege creep with users.
Cyber Security Architecture
3) Segregation of Duties:
• To avoid having a single point of control

Releasing Fund ✓ Approval Accessing DB

 Stakeholders Production

Test Requirement

Code/Install Design
4) Secure by DSN

• Security engineers
must create proper
architects.
 Production
4) Secure by DSN
• Security must implement
through start-to-finish. Test Requirement

• Security must NOT

implement after.
Code/Install Design
Cyber Security Architecture

5) Comply with Policy:

• Implementing understandable security policy.

• Roles and responsibilities must be clearly

defined.

• Perform Access rights revies (ARR): periodic log

reviews.
Cybersecurity Best
Practices
Cyber Security Best Practices

1) Employee Training and Awareness:

Employee training and awareness programs help

educate staff about cybersecurity risks, best
practices, and policies.

• By raising awareness and promoting security

hygiene, organizations can empower employees to
recognize and respond to cyber threats effectively.
Cyber Security Best Practices
2) Risk Assessment and Management:

Risk assessment and management processes help

organizations identify, evaluate, and prioritize cybersecurity
risks based on their likelihood and potential impact.

• By assessing risks proactively and implementing

appropriate controls, organizations can mitigate threats
and vulnerabilities effectively.
Cyber Security Best Practices
3) Incident Response Planning:

Incident response planning involves developing and testing

procedures for detecting, responding to, and recovering
from cybersecurity incidents.

• A well-defined incident response plan helps organizations

minimize the impact of security breaches and restore
normal operations promptly.
Cyber Security Best Practices
4) Legal and Compliance Considerations:

Privacy laws and data protection regulations such as the

General Data Protection Regulation (GDPR) impose
requirements for protecting personal data and ensuring
privacy rights.

• Compliance with privacy laws is essential for maintaining

trust and transparency with customers and stakeholders.
Cyber Security Best Practices

4) Legal and Compliance Considerations:

• Non-compliance can result in legal penalties, fines, and

reputational damage for organizations.
End Chapter 1
Chapter Summery
• Understanding Cybersecurity & its goal
• Principles of Cybersecurity
• Threat Landscape
• Cybersecurity Frameworks and Standards
• Cybersecurity Technologies and Tools
• Cyber security Architecture
• Cybersecurity Best Practices