Professional Documents
Culture Documents
Outline
- Basic of Cybersecurity
- Adapting to New normal
- Trainings and Cerifications
Basics of Cybersecurity
- Layers of Protection
1. Technology
2. Process
Security process: password policy;
3. People
Most vulnerable; continuous training
Identity
o What are the assets we need to protect and stores?
Protect
o Safeguarding?
Detect
o We know who attacks or intrudes?
Respond
o What techniques from attacks?
o Track and prevent from spreading
Recover
o Availability
Threat
o Potential danger to an asset such as data or the network
Vulnerability and Attack Surface
o Weakness in a system or it its design that could be explained by a threat
o Attack surface – different points where an attacker could get into a system and could get
to the data (e.g. operating system without security patches)
Exploit
o Mechanism used to leverage a vulnerability to compromise an asset
o Remote – works ovet the network
o Local – insiders
Risk
o Results in an undesirable consequence
Types of Attackers
- Amateurs
- Script kiddies with little or no skills
- Using existing tools or instructions found online
- Hackers
Black hats – financial gain
White hats – vulnerability checks
Grey hat – log in the system but do not cause issues; usually reports it.
- Organized Hackers
Hacktivist
Voice out political points; leaked articles
State-sponsored hackers
Meddling with other countries
Types of Attacks
COVID-19 Scams
Potential risk