Professional Documents
Culture Documents
Chapter5
Introduction to Cybersecurity
Presented by:
Dr. Orieb AbuAlghanam
1
Networks and Information Security Essentials
What is security??
• The state of being free or at liberty rather than in confinement or under physical restraint.
2
Networks and Information Security Essentials
3
Networks and Information Security Essentials
4
Networks and Information Security Essentials
What is cyber?
•Devices, which include computers, smart phones, tablets, smart watches, smart thermometers… anything can be connected
to a network.
•Communications, which include the Internet, WiFi, Bluetooth… these allow different devices to talk to each other.
•Systems, which include the operating systems such as Windows, Linux, macOS, iOS, Android, and all kinds of applications
such as CRM, ERP, Accounting, or Games.
•Information, which includes data in the database, documentation, videos, audios, pictures etc.
5
Networks and Information Security Essentials
What is CIA?
•Confidentiality – this focuses on protecting the “Read” operation. You do not want unauthorized people to read your
confidential information, for example, your credit card number, social insurance number, or payroll amount
•Integrity – this focuses on protecting the “Write” operation. You do not want to unauthorized people to modify your
data. For example, you do not want someone to withdraw money from your bank account without your permission.
•Availability – this means the systems and data are always accessible when you need them. For example, an online
banking system or an online shopping site should always be on. 6
Networks and Information Security Essentials
What is cybersecurity?
•Device Security – to protect the confidentiality, integrity, and availability of laptops, workstations, servers, phones,
IoTs, etc.
•Network and Communication Security – to protect the confidentiality, integrity, and availability of the Internet,
Intranet, WiFi, Bluetooth, etc.
•System and Application Security – to protect the confidentiality, integrity, and availability of Windows, Linux,
macOS, iOS, Android, applications, etc.
•Information Security – to protect the confidentiality, integrity, and availability of data, database, documents, files,
etc.
7
Networks and Information Security Essentials
InfoSec Vs Cybersecurity
• InfoSec differs from cybersecurity in that InfoSec aims to keep data in any form
secure, whereas cybersecurity protects only digital data. If your business is
starting to develop a security program, information security is where you should
first begin, as it is the foundation for data security.
• Cybersecurity, a subset of information security, is the practice of defending
your organization’s networks, computers and data from unauthorized digital
access, attack or damage by implementing various processes, technologies and
practices.
8
Networks and Information Security Essentials
• Cyber criminals now have the expertise and tools necessary to take down critical infrastructure and systems. Their tools
and techniques continue to evolve.
• Maintaining a secure network ensures the safety of network users and protects commercial interests. Organizations need
individuals who can recognize the speed and scale at which adversaries are amassing and refining their cyber weaponry.
All users should be aware of security terms in the table.
Assets An asset is anything of value to the organization. It includes people, equipment, resources, and data.
Vulnerability A vulnerability is a weakness in a system, or its design, that could be exploited by a threat.
Mitigation Mitigation is the counter-measure that reduces the likelihood or severity of a potential threat or risk. Network security
involves multiple mitigation techniques.
Risk is the likelihood of a threat to exploit the vulnerability of an asset, with the aim of negatively affecting an organization.
Risk Risk is measured using the probability of the occurrence of an event and its consequences.
9
Networks and Information Security Essentials
Data Loss
•Data loss or data exfiltration is when data is intentionally or unintentionally lost, stolen, or leaked to the
outside world. The data loss can result in:
• Brand damage and loss of reputation
• Loss of competitive advantage
• Loss of customers
• Loss of revenue
• Litigation/legal action resulting in fines and civil penalties
• Significant cost and effort to notify affected parties and recover from the breach
•Network security professionals must protect the organization’s data. Various Data Loss Prevention (DLP)
controls must be implemented which combine strategic, operational and tactical measures.
10
Networks and Information Security Essentials
Cyberwarfare
• Cyberspace has become another important dimension of warfare, where nations can
carry out conflicts without the clashes of traditional troops and machines. This allows
countries with minimal military presence to be as strong as other nations in
cyberspace.
• Cyberwarfare is an Internet-based conflict that involves the penetration of computer
systems and networks of other nations.
• These attackers have the resources and expertise to launch massive Internet-based attacks against
other nations to cause damage or disrupt services, such as shutting down a power grid.
• An example of a state-sponsored attack involved the Stuxnet malware that was designed
to damage Iran’s nuclear enrichment plant.
11
Networks and Information Security Essentials
InfoSec Terms
• Asset: An asset is an item that is to be protected. The assets of a computer
system can be categorized as follows:
1. Hardware: Including computer systems and other data processing, data storage, and data
communications devices.
2. Software: Including the operating system, system utilities, and applications.
3. Data: Including files and databases, as well as security-related data, such as password files.
Cont.
• Exploit – is a breach of
an IT system security
through vulnerabilities.
Cont.
• Zero-Day attack – is an attack that exploits the computer vulnerability
before software engineer releases a patch.
Cont.
• Threat: This is what you are protecting against.
• Anything that can exploit a vulnerability, intentionally or accidentally, and obtain, damage, or
destroy an asset.
• Risk: The potential for loss, damage or destruction of an asset as a result of a threat
exploiting a vulnerability
15
Networks and Information Security Essentials
Risk
• When conducting a risk assessment, the formula used to determine risk is…
A+T+V=R
That is, Asset + Threat + Vulnerability = Risk.
An asset is what we’re trying to protect.
A threat is what we’re trying to protect against.
A vulnerability is a weakness or gap in our protection efforts.
Risk is the intersection of assets, threats, and vulnerabilities.
• Risk is a function of threats exploiting vulnerabilities to obtain, damage or destroy
assets.
• Thus, threats may exist, but if there are no vulnerabilities then there is little/no
risk.
• Similarly, you can have a vulnerability, but if you have no threat, then you have
little/no risk.
16
Networks and Information Security Essentials
Cont.
17
Networks and Information Security Essentials
• Personally identifiable information (PII) is any information that can be used to positively
identify an individual.
• Examples of PII include: Name, Social security number, Birthdate, Credit card numbers, Bank account numbers, Government
issued ID, Address information (street, email, phone numbers)
18
Cont.
Networks and Information Security Essentials
19
Networks and Information Security Essentials
20
Networks and Information Security Essentials
21
Networks and Information Security Essentials
The Hacker
•Hacker is a common term used to describe a threat actor
These are ethical hackers who use their programming skills for good, ethical, and legal
White Hat Hackers purposes. Security vulnerabilities are reported to developers for them to fix before the
vulnerabilities can be exploited.
These are individuals who commit crimes and do arguably unethical things, but not for
Gray Hat Hackers personal gain or to cause damage. Gray hat hackers may disclose a vulnerability to the
affected organization after having compromised their network.
These are unethical criminals who compromise computer and network security for
Black Hat Hackers personal gain, or for malicious reasons, such as attacking networks.
22
Networks and Information Security Essentials
23
Networks and Information Security Essentials
24
Networks and Information Security Essentials
25
Networks and Information Security Essentials
Social engineering is a completely non-technical means for a criminal to gather information on a target.
Social engineering is an attack that attempts to manipulate individuals into performing actions or divulging confidential
information.
Social engineers often rely on people’s willingness to be helpful but also prey on people’s weaknesses.
How hackers exploit the seven deadly sins (of social engineering): curiosity , courtesy , gullibility , greed,
thoughtlessness , shyness and apathy
26
Networks and Information Security Essentials
27
Networks and Information Security Essentials
Think
28