ch 1

avatar
Created by
hawraa ahmed

Cards (43)

  • Cloud security
    Relates to creating secure cloud architectures and applications for companies that use cloud service providers
  • Identity Management and Data Security

    Covers activities, frameworks, and processes that enable authorization and authentication of legitimate individuals to an organization's information systems
  • Mobile security
    Protects organizational and personal information stored on mobile devices like tablets, cell phones, and laptops from different threats like unauthorized access, device loss or theft, malware, viruses, etc.
  • Network security
    Covers hardware and software mechanisms that protect the network and infrastructure from disruptions, unauthorized access, and other abuses
  • Disaster Recovery and Business Continuity Planning

    Covers processes, alerts, monitoring, and plans designed to help organizations prepare for keeping their business-critical systems running during and after any sort of incident
  • User Education
    Covers cyber security-related classes, programs, and certifications to raise awareness about industry best practices, organizational procedures and policies, monitoring, and reporting suspicious, malicious activities
  • Cybercrime
    Any unauthorized activity involving a computer, device, or network
  • Types of cybercrime
    • Computer-assisted crimes
    • Crimes where the computer itself is a target
    • Crimes where the computer is incidental to the crime rather than directly related
  • Common cyber threats
    • Cyberterrorism
    • Malware
    • Trojans
    • Botnets
    • Adware
    • SQL injection
    • Phishing
    • Man-in-the-middle attack
    • Denial of Service
  • As data breaches, hacking, and cybercrime reach new heights, companies increasingly rely on cyber security experts to identify potential threats and protect valuable data
  • The cyber security market is expected to grow from $217 billion in 2021 to $345 billion by 2026, posting a Compound Annual Growth Rate (CAGR) of 9.7% from 2021 to 2026
  • Advantages of cyber security
    Helps to preserve the lifestyles we have come to know and enjoy by protecting devices and systems from attackers
  • Threat Actor
    Any individual or group that poses a threat to cybersecurity
  • Threat actors are the perpetrators behind cyberattacks, and are often categorized by a variety of factors, including motive, type of attack, and targeted sector
  • Today, the cyber threat environment is arguably more dynamic than ever before and threat actors are becoming more sophisticated
  • Understanding threat actors and their motives
    Can help organizations better protect themselves from the damage these actors cause as they exploit vulnerabilities, compromise user identities with elevated privileges, evade security controls, damage or delete data, or manipulate sensitive information
  • Threat actor targets
    • Large organizations for monetary gain, data, and sensitive intelligence, or to cause service disruption and reputational harm
    • Small and medium-sized businesses (SMBs) due to their relative lack of resources and weaker security systems
  • In today's threat landscape, most organizations are likely to be targeted by a threat actor, regardless of their size or industry
  • Businesses faced 50% more cyberattack attempts per week in 2021 compared to 2020
  • Threat actors can and will find a path straight to the crown jewels if the path is unprotected
  • Cybercriminals
    Individuals or groups who use digital technology to conduct illegal activity, often motivated by financial gain
  • Nation-states
    May fund threat actor groups to perform a variety of malicious activities on the networks of other governing entities including espionage or cyberwarfare
  • Terrorist Groups
    Their goal is typically to cause harm and destruction that furthers their cause, targeting businesses, state machinery, and critical infrastructures or services
  • Thrill-Seekers
    Threat actors who attack computer systems or networks for personal enjoyment, without necessarily intending to do much harm
  • Insider Threats
    • Malicious Insiders
    • Incautious Insiders
  • Hackers
    Someone who uses their computer skills to overcome a challenge or problem, for better or for worse
  • Types of Hackers
    • Black Hat Hackers
    • White Hat Hackers
    • Grey Hat Hackers
    • Green Hat Hackers
    • Blue Hat Hackers
    • Red Hat Hackers
    • Script Kiddies
    • Hacktivists
  • Malware
    Malicious software designed to damage or disable computers, can be used to steal data, take control of systems, or launch attacks
  • Phishing
    A type of cyberattack that uses emails or websites that appear to be from legitimate sources in order to trick users into disclosing sensitive information or clicking on malicious links
  • Denial-of-Service Attack (DoS Attack)

    A type of cyberattack that attempts to make a system or network unavailable to users, usually by flooding the target with traffic or requests
  • Ransomware
    A type of malware that encrypts files or locks systems, making them inaccessible to users, often forcing the user to pay a ransom to regain access
  • Denial-of-Service attack (DoS attack)

    A type of cyberattack that attempts to make a system or network unavailable to users
  • DoS attacks
    • Target websites or online services and can be used to take down entire systems
    • Usually carried out by flooding the target with traffic or requests until it can no longer handle the load and becomes unavailable
    • Can also be used to disable systems or networks by corrupting data, taking advantage of vulnerabilities, or overloading resources
  • Ransomware
    A type of malware that encrypts files or locks systems, making them inaccessible to users
  • Ransomware
    • Can be spread through email attachments, infected websites, or compromised software
    • Blocks access or encrypts assets, often forcing the user to pay a ransom to regain access to their device, files, or system
    • Threat actors are moving past traditional, time-consuming encryption and focused on destroying all stolen data or partial corruption to demand increasingly larger ransom demands
  • Drive-by download

    A type of cyberattack that involves infecting a system with malware without the user's knowledge or consent
  • Drive-by downloads
    • Usually happen when a user visits an infected website or clicks on a malicious link
    • Can be used to install all types of malware, including viruses, Trojans, and ransomware
  • Threat actors may be lone attackers or part of a larger, organized crime ring or cyber threat organization
  • Threat actor examples
    • MeteorExpress (wiper attack on Iranian national railway system)
    • 8220 Gang (targets cloud infrastructure services to deploy cryptocurrency miners)
    • REvil Ransomware (large-scale ransomware attack via Kaseya VSA servers)
    • Aoqin Dragon (Chinese-linked APT group conducting espionage)
    • Moshen Dragon (Chinese-aligned threat actor hijacking legacy security products)
  • Endpoint Protection, Detection, and Response (EDR)
    • Comprehensive endpoint security solutions that record and store endpoint-system-level behaviors, use data analytics to detect suspicious activity, provide contextual information, block malicious activity, and suggest remediation