Introduction To Cybersecurity: Dr. Orieb Abualghanam

Networks and Information Security Essentials
Chapter5
Introduction to Cybersecurity
Presented by:
Dr. Orieb AbuAlghanam
1
What is security??
• The state of being free or at liberty rather than in confinement or under physical restraint.
• exemption from external control, interference, regulation, etc.
• The power to determine action without restraint.
• Political or national independence.
• Personal liberty, as opposed to bondage or slavery:
• Exemption from the presence of anything specified.freedom from fear.
2
What is Network security??

Network security is the protection of the underlying
networking infrastructure from unauthorized access,
misuse, or theft. It involves creating a secure
infrastructure for devices, applications, users, and
applications to work in a secure manner.
3
What is Information Security?

Information security (also known as InfoSec) ensures that both physical and digital data is protected from
unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction.
4
What is cyber?
In short, cyber is a digital

world which has numerous
connected devices powered by
all kinds of systems to
exchange information.
•Devices, which include computers, smart phones, tablets, smart watches, smart thermometers… anything can be connected
to a network.
•Communications, which include the Internet, WiFi, Bluetooth… these allow different devices to talk to each other.
•Systems, which include the operating systems such as Windows, Linux, macOS, iOS, Android, and all kinds of applications
such as CRM, ERP, Accounting, or Games.
•Information, which includes data in the database, documentation, videos, audios, pictures etc.
5
What is CIA?
•Confidentiality – this focuses on protecting the “Read” operation. You do not want unauthorized people to read your
confidential information, for example, your credit card number, social insurance number, or payroll amount
•Integrity – this focuses on protecting the “Write” operation. You do not want to unauthorized people to modify your
data. For example, you do not want someone to withdraw money from your bank account without your permission.
•Availability – this means the systems and data are always accessible when you need them. For example, an online
banking system or an online shopping site should always be on. 6
What is cybersecurity?
•Device Security – to protect the confidentiality, integrity, and availability of laptops, workstations, servers, phones,
IoTs, etc.
•Network and Communication Security – to protect the confidentiality, integrity, and availability of the Internet,
Intranet, WiFi, Bluetooth, etc.
•System and Application Security – to protect the confidentiality, integrity, and availability of Windows, Linux,
macOS, iOS, Android, applications, etc.
•Information Security – to protect the confidentiality, integrity, and availability of data, database, documents, files,
etc.
7
InfoSec Vs Cybersecurity
• InfoSec differs from cybersecurity in that InfoSec aims to keep data in any form
secure, whereas cybersecurity protects only digital data. If your business is
starting to develop a security program, information security is where you should
first begin, as it is the foundation for data security.
• Cybersecurity, a subset of information security, is the practice of defending
your organization’s networks, computers and data from unauthorized digital
access, attack or damage by implementing various processes, technologies and
practices.
8
Current State of Affairs
• Cyber criminals now have the expertise and tools necessary to take down critical infrastructure and systems. Their tools
and techniques continue to evolve.
• Maintaining a secure network ensures the safety of network users and protects commercial interests. Organizations need
individuals who can recognize the speed and scale at which adversaries are amassing and refining their cyber weaponry.
All users should be aware of security terms in the table.
Security Terms Description
Assets An asset is anything of value to the organization. It includes people, equipment, resources, and data.
Vulnerability A vulnerability is a weakness in a system, or its design, that could be exploited by a threat.
Threat A threat is a potential danger to a company’s assets, data, or network functionality.
Exploit An exploit is a mechanism that takes advantage of a vulnerability.
Mitigation Mitigation is the counter-measure that reduces the likelihood or severity of a potential threat or risk. Network security
involves multiple mitigation techniques.
Risk is the likelihood of a threat to exploit the vulnerability of an asset, with the aim of negatively affecting an organization.
Risk Risk is measured using the probability of the occurrence of an event and its consequences.
9
Data Loss
•Data loss or data exfiltration is when data is intentionally or unintentionally lost, stolen, or leaked to the
outside world. The data loss can result in:
• Brand damage and loss of reputation
• Loss of competitive advantage
• Loss of customers
• Loss of revenue
• Litigation/legal action resulting in fines and civil penalties
• Significant cost and effort to notify affected parties and recover from the breach
•Network security professionals must protect the organization’s data. Various Data Loss Prevention (DLP)
controls must be implemented which combine strategic, operational and tactical measures.
10
Cyberwarfare
• Cyberspace has become another important dimension of warfare, where nations can
carry out conflicts without the clashes of traditional troops and machines. This allows
countries with minimal military presence to be as strong as other nations in
cyberspace.
• Cyberwarfare is an Internet-based conflict that involves the penetration of computer
systems and networks of other nations.
• These attackers have the resources and expertise to launch massive Internet-based attacks against
other nations to cause damage or disrupt services, such as shutting down a power grid.
• An example of a state-sponsored attack involved the Stuxnet malware that was designed
to damage Iran’s nuclear enrichment plant.
11
InfoSec Terms
• Asset: An asset is an item that is to be protected. The assets of a computer
system can be categorized as follows:
1. Hardware: Including computer systems and other data processing, data storage, and data
communications devices.
2. Software: Including the operating system, system utilities, and applications.
3. Data: Including files and databases, as well as security-related data, such as password files.
• Vulnerability- Weakness in an information system, system security

procedures, internal controls, or implementation that could be
exploited or triggered by a threat source.
• That exploitation might result from a malicious attack, or it might be accidentally triggered
because of a failure or weakness in the policy, implementation, or software running on the
network.
12
Cont.
• Exploit – is a breach of
an IT system security
through vulnerabilities.
• Payload – is the part of

an exploit code that
performs an intended
malicious action.
13
Cont.
• Zero-Day attack – is an attack that exploits the computer vulnerability
before software engineer releases a patch.
• Daisy chaining – it involves gaining access to a network and /or

computer and then using the same information to gain access to
multiple networks and computers that contains desirable information.
Dr. Abdelrahman H. Hussein & Dr. Mosleh Abualhaj 14

Cont.
• Threat: This is what you are protecting against.
• Anything that can exploit a vulnerability, intentionally or accidentally, and obtain, damage, or
destroy an asset.
• Risk: The potential for loss, damage or destruction of an asset as a result of a threat
exploiting a vulnerability
• Countermeasure: A countermeasure is a device or process (a safeguard) that is

implemented to counteract a potential threat, which thus reduces risk.
• Attack: is an intentional activity conducted or initiated by a human, attempting to cause
a breach in a system or to compromise a system.
15
Risk
• When conducting a risk assessment, the formula used to determine risk is…
A+T+V=R
That is, Asset + Threat + Vulnerability = Risk.
An asset is what we’re trying to protect.
A threat is what we’re trying to protect against.
A vulnerability is a weakness or gap in our protection efforts.
Risk is the intersection of assets, threats, and vulnerabilities.
• Risk is a function of threats exploiting vulnerabilities to obtain, damage or destroy
assets.
• Thus, threats may exist, but if there are no vulnerabilities then there is little/no
risk.
• Similarly, you can have a vulnerability, but if you have no threat, then you have
little/no risk.
16
Cont.
• Encryption : is the process of encoding a message or information in such a

way that only authorized parties can access it and those who are not
authorized cannot.
• Penetration testing: (also called pen testing) is the practice of testing a computer
system, network or Web application to find vulnerabilities that an attacker could exploit.
17
PII and PHI
• Personally identifiable information (PII) is any information that can be used to positively
identify an individual.
• Examples of PII include: Name, Social security number, Birthdate, Credit card numbers, Bank account numbers, Government
issued ID, Address information (street, email, phone numbers)
18
Cont.
19
20
21
The Hacker
•Hacker is a common term used to describe a threat actor
Hacker Type Description
These are ethical hackers who use their programming skills for good, ethical, and legal
White Hat Hackers purposes. Security vulnerabilities are reported to developers for them to fix before the
vulnerabilities can be exploited.
These are individuals who commit crimes and do arguably unethical things, but not for
Gray Hat Hackers personal gain or to cause damage. Gray hat hackers may disclose a vulnerability to the
affected organization after having compromised their network.
These are unethical criminals who compromise computer and network security for
Black Hat Hackers personal gain, or for malicious reasons, such as attacking networks.
22
23
24
25
Social engineering is a completely non-technical means for a criminal to gather information on a target.
Social engineering is an attack that attempts to manipulate individuals into performing actions or divulging confidential
information.
Social engineers often rely on people’s willingness to be helpful but also prey on people’s weaknesses.
How hackers exploit the seven deadly sins (of social engineering): curiosity , courtesy , gullibility , greed,
thoughtlessness , shyness and apathy
26
27
Think
What is the difference between hacker and attacker????
28

Introduction To Cybersecurity: Dr. Orieb Abualghanam

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Introduction To Cybersecurity: Dr. Orieb Abualghanam

Uploaded by

Copyright:

Available Formats

Networks and Information Security Essentials

• exemption from external control, interference, regulation, etc.

• The power to determine action without restraint.

• Political or national independence.

• Personal liberty, as opposed to bondage or slavery:

• Exemption from the presence of anything specified.freedom from fear.

What is Network security??

What is Information Security?

In short, cyber is a digital

Current State of Affairs

Security Terms Description

Threat A threat is a potential danger to a company’s assets, data, or network functionality.

Exploit An exploit is a mechanism that takes advantage of a vulnerability.

• Vulnerability- Weakness in an information system, system security

• Payload – is the part of

• Daisy chaining – it involves gaining access to a network and /or

Dr. Abdelrahman H. Hussein & Dr. Mosleh Abualhaj 14

• Countermeasure: A countermeasure is a device or process (a safeguard) that is

• Encryption : is the process of encoding a message or information in such a

PII and PHI

Hacker Type Description

What is the difference between hacker and attacker????

You might also like