Lecture 1
Cards (50)
- CybersecurityThe protection of information systems (hardware, software and associated infrastructure), the data on them, and the services they provide, from unauthorised access, harm or misuse
- NIST definition of CybersecurityThe ability to protect or defend the use of cyberspace from cyber attacks
- Pillars of Cybersecurity
- Confidentiality
- Integrity
- Availability
- ConfidentialityThe property of information security that information is not made available or disclosed to unauthorised individuals, entities, or processes
- IntegrityGuarding against improper information modification or destruction
- AvailabilityAssures that systems work promptly and service is not denied to authorized users
- Other concepts in Cybersecurity
- Authentication
- Authorization
- Accountability
- Non-Repudiation
- AuthenticityThe property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, or a message, or its originator
- AccountabilityGenerates the requirement for actions of an entity to be traced uniquely to that individual to support nonrepudiation, deference, fault isolation, etc.
- Non-RepudiationAssurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender's identity, so neither can later deny having processed the information
- You will never own a perfectly secure system
- Threats to a system
- Viruses
- Trojan horses
- Denial of Service
- Stolen Customer Data
- Modified Databases
- Identity Theft
- Equipment Theft
- The only system which is truly secure is one which is switched off and unplugged, locked in a titanium safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn't stake my life on it.
- Reasons for hacking
- Financial (theft, fraud, blackmail)
- Political /state (state level/ military)
- Fame/ kudos (fun/ status)
- Hacktivism (cause)
- Pentesters (legal hacking)
- Business Intelligence
- Insider (personal, revenge, etc.)
- Using computing resources (mining, DoS attacks, botnets, etc.)
- Cybersecurity is about protecting information systems, the data on them, and the services they provide, from unauthorised access, harm or misuse
- The Equifax breach resulted in the theft of PII on approximately 148 million Americans as of March 2018 (more than 40% of the US population) and a $700 million loss
- The Equifax breach was caused by issues like not sufficiently isolated domains/servers, storing credentials in plain text, expired SSL certificate, complex IT infrastructure, lack of audits, poor accountability of senior officials, lack of urgency, no routine system diagnostics and updates, and unencrypted data and data storage malpractice
- Stuxnet was a malware developed by the United States and Israel to sabotage the Iranian nuclear program by infecting systems running PCS 7 SCADA and altering how the machinery was being controlled/run
- Cybersecurity is about preserving the Confidentiality, Integrity and Availability (CIA triad) of information
- Privacy is the right to keep information about yourself, confidential. This includes what you do, when you do it, who you do it with, where you do it
- Data integrity assures that information and programs are changed only in a specified and authorized manner, while system integrity assures that a system performs its operations in unimpaired manner
- EncryptionEncrypting information at rest and in transit
- GovernanceOversight of how the organisation manages data lifecycle
- Cybersecurity principles
- Confidentiality
- Privacy
- Data Protection
- Integrity
- Availability
- Non-repudiation
- Identity and Authentication
- Authorization
- ConfidentialityInformation is not made available or disclosed to unauthorised individuals, entities, or processes
- PrivacyThe right to keep information about yourself, confidential. This includes what you do, when you do it, who you do it with, where you do it
- IntegrityGuarding against improper information modification or destruction. Protects the reliability and correctness of systems and data. Prevents unauthorized alterations of data
- Integrity example
- You deposit $200 into your account which holds $1,000 : you want to be certain that after the transaction, it holds $1,200
- Integrity
- Authenticity, Nonrepudiation, Accountability, Confidentiality
- AvailabilityInsure that authorized subjects get timely and uninterrupted access to objects (the data and information they need)
- Threats to availability
- Distributed Denial of Service (DDoS) attacks
- Ransomware attacks
- Device failures
- Software errors
- Environmental issues (Fire, Flood, Wind, Power loss)
- Non-repudiationStops a subject from claiming that an event or action did not occur. Essential part of accountability. Needs proof of identity. Usually implemented through digital signatures
- IdentityBeing able to prove to a system that you are who you say you are
- AuthenticationVerifies the identity using authentication factors like passwords, smartcards, tokens, biometrics
- AuthorizationDetermines what actions a subject can carry out on an object. Common access control schemes include Mandatory Access Control (MAC), Role-Based Access Control (RBAC), Rule-Based Access Control
- Security protection mechanisms
- Authentication (who are you?)
- Authorization (what are you allowed to do?)
- AccountabilityBeing able to identify all relevant information regarding actions in a system. Relies on identity and authorisation. Implemented with monitoring and logging
- Levels of security breach impact
- Low: limited impact
- Moderate: serious effect
- High: severe or catastrophic adverse effect
- Examples of security requirements: Confidentiality
- Student grade information: very high confidentiality
- Student enrollment information: moderate confidentiality
- Directory information: low confidentiality
- Examples of security requirements: Integrity
- Patient allergy information: high integrity
- Online newsgroup registration data: moderate integrity
- Anonymous online poll: low integrity