What Is Cybersecurity?

Cybersecurity is the ongoing effort to protect individuals, organizations and governments from digital attacks
by protecting networked systems and data from unauthorized use or harm.

1.1.2 Protecting Your Personal Data

Personal data is any information that can be used to identify you, and it can exist both offline and online.

Many people think that if they don’t have any social media or online accounts set up, then they don’t have an online
identity. This is not the case. If you use the web, you have an online identity.

1.1.3 Your Online Identity

It’s your first day on the job, and it’s time to choose a username for your online identity. Which of the following
options would you choose?

1.1.4 Your Data

Image with selectable areas. Select each button to show more information.

Personal data describes any information about you, including your name, social security number, driver license
number, date and place of birth, your mother’s maiden name, and even pictures or messages that you exchange
with family and friends.

Types of Data

1. Sensitive data

Sensitive data is any data that contains sensitive information. This data must be kept safe without being
accessible to anyone unless they have explicit authorization to access the data.
Sensitive data is information that a person or organization wants to keep from being publicly available
because the release of that information can lead to harm such as identity theft or other crimes. In some
cases, sensitive data is related to individuals, such as payment information or birth date, etc. In other
cases, sensitive data can be proprietary corporate information.
1. Personal Data
2. Employee Data
3. Intellectual Property and Trade Secret Data
4. Operational Data
5. Financial Data

2. Non-Sensitive Data means publicly available data. Examples of non-sensitive data would include
gender, date of birth, place of birth and postcode .Although this type of data isn’t sensitive, it can be
combined with other forms of data to identify an individual.

3. Personal data is any piece of information that can be used to identify someone,

Information such as:

 Name & surname

 Email
 Location data
 Home address
 IP address

4. personally identifiable information PII is any information about an individual maintained by an

agency, including
1) any information that can be used to distinguish or trace an individual‘s identity, such as name, social
security number, date and place of birth, mother‘s maiden name, or biometric records;
2) any other information that is linked or linkable to an individual, such as medical, educational, financial,
and employment information.
What is Cyber Security?
Cyber Security is the practice of protecting systems, networks, and programs from malicious attacks .
These cyber-attacks are usually aimed at accessing, changing, or destroying sensitive information; extorting
money from users; or interrupting normal business processes. Cyber security is a technology and process that is
designed to protect network and devices from attack, damage or unauthorized access.

Cyber Security principles CIA, AAA

CIA Model

The CIA model describes the three important goals of cybersecurity. The C stands for confidentiality.
Cybersecurity requires privacy in data and information. Certain people, devices, or processes should be
permitted or restricted from seeing data, files, and items, like username, password combinations, medical
records, etc. Confidentiality is concerned with viewing of data or information because if the wrong people see
data or information they are not authorized, many problems could arise.

The I in the CIA model stands for integrity. Cybersecurity requires us to feel safe that data transmitted,
processed, and stored has not been changed from its original form either accidentally or maliciously. For
example, if one bit of a message is change, the whole message could change. Also, the whole message could be
corrupted or unreadable.

For the last letter A, it stands for availability. This means that the information is available to authorized users
when it is needed. It requires that authorized users should be able to access the resources they need to do their
job with easy.

AAA Model

The objectives of cybersecurity are realized using the AAA or triple-A model. The first A refers to
Authentication, which is the process of proving that you are who you say you are. When you claim to be
someone, that is called identification; but when you prove it, that is authentication.

Authentication requires proof in one of three possible forms: something you know, like a password; something
you have, like a key; something you are, like fingerprint. The combination of more than one of these categories
is called multifactor authentication. Multifactor authentication makes it hard to authenticate as someone else.

The second A in the AAA model is Authorization. Authorization means providing correct level of access that a
user should have based on their credentials. This is tied to the principle of least privilege, which state that users,
devices, programs and processes should be granted enough permission to do their required functions and not a
single drop more.
The last A in the AAA model is accounting, which is keeping track of what users do while they are logged into
a system. Keeping track of users and their actions is very important. From a forensics perspective, tracing back
to events leading up to a cybersecurity incident can prove very valuable to an investigation.

Vulnerability
Vulnerability is a weakness that can be exploited by cybercriminals to gain unauthorized access to a computer
system.

The four main types of vulnerabilities types

1. Network vulnerabilities are weaknesses within an organization’s hardware or software infrastructure that allow
cyberattackers to gain access and cause harm. These areas of exposure can range from poorly-protected wireless
access all the way to misconfigured firewalls that don’t guard the network at large.
2. Operating system (OS) vulnerabilities are exposures within an OS that allow cyberattackers to cause damage on
any device where the OS is installed. An example of an attack that takes advantage of OS vulnerabilities is a
Denial of Service (DoS) attack, where repeated fake requests clog a system so it becomes overloaded. Unpatched
and outdated software also creates OS vulnerabilities, because the system running the application is exposed.

3. Process vulnerabilities are created when procedures that are supposed to act as security measures are
insufficient. One of the most common process vulnerabilities is an authentication weakness, where
users, and even IT administrators, use weak passwords.

4. Human vulnerabilities are created by user errors that can expose networks, hardware, and sensitive
data to malicious actors. They arguably pose the most significant threat, particularly because of the
increase in remote and mobile workers. Examples of human vulnerability in security are opening an
email attachment infected with malware, or not installing software updates on mobile devices.

Cyber Threat
A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in
general. Cyber threats include computer viruses, data breaches, Denial of Service (DoS) attacks,

It aims to gain unauthorized access, damage, disrupt, or steal an information technology asset, computer network,
intellectual property, or any other form of sensitive data.

Where Do Cyber Threats Come From?

1. Hostile Nation-States

2. Terrorist Groups

3. Hackers

4. Criminal groups

5. Malicious insiders
Cyber Risk
Cyber security risk is the probability of exposure or loss resulting from a cyber-attack or data breach on your
organization.

Cyber Attack
A cyber-attack is any attempt to gain unauthorized access to a computer, computing system. A cyber attack is
an attempt to disable computers, steal data, or use a breached computer system to launch additional attacks.

Types of Cyber Attacks

1. Web Based Attacks

These are the attacks which occur on a website or web applications. Examples are
 Injection attacks
 DNS Spoofing
 Session Hijacking
 Phishing

2. System Based Attacks

These are the attacks which are intended to compromise a computer or a computer network. Examples are

 Virus
 Worm
 Trojan horse
 Backdoors
 Bots

Impact of Cyber Security

1. Disrupting Business continuity
2. Information theft and manipulate data
3. Creating fear and chaos by disrupting critical infrastructure
4. Financial Losses
5. Achieving state military objectives
6. Demanding Ramson
7. Damaging the reputation of the target

People Process and Technology

The people do the work. Processes make this work more efficient. Technology helps people do their tasks and
also helps automate the processes. Thus, businesses can achieve organizational efficiency by balancing the three
and optimizing the relationships between people, processes, and technology.
A good way to think of the framework is to think of it as a three-legged table. If one of the legs is a bit longer or
shorter, the whole table will lose its balance. Similarly, if the technology changes, you need to modify the
people and processes to adapt to the new tools. Thus, businesses need to find the right balance between these
three critical components.

If organizations don’t implement strong processes, the actions of the people will be highly ineffective.

The People
The “people” refers to the human resources available in the firm. People are the ones who do the tasks described
in the process. One of the main tasks is to onboard the right people. Businesses need to identify their key
employees with the right skills, experience, and attitude for the job at hand. The people also need clear role
definitions so everybody knows their responsibilities. IT teams are trained with the latest cyber security skills
and qualifications to implement the controls, technologies, and best practices for your organisation.

The Process
A process is the steps or actions that combine to produce a particular goal. The process in the PPT framework
mostly defines the “how” aspect. How will we achieve the desired result? How do we utilize the people and
technology to solve the business problem? Processes are repeatable actions that theoretically produce the same
result independent of who performs them. Bring in a coherent structure, and way of working to
mitigate risks or deal with threats in real-time. Continually update documents because
hackers are constantly evolving their attack techniques.

The Technology

The technology provides the tools that the people can use to implement the process. It also helps automate some
parts of the process. Technology without a doubt raises the levels of defence.

These three pillars of cyber security—people, processes, and technology—should all work together to build a
sturdy defense network. However, when an organization effectively balances people, process, and technology, it
is possible to establish a synergistic framework that fully supports cybersecurity.

McCumbers Cube
The McCumber Cube is a model framework created by John McCumber in 1991 to help organizations establish
and evaluate information security initiatives by considering all of the related factors that impact them. This
security model has three dimensions:
1. The foundational principles for protecting information systems.
2. The protection of information in each of its possible states.
3. The security measures used to protect data.
1. The foundational principles for protecting information systems.

 Confidentiality is a set of rules that prevents sensitive information from being disclosed to unauthorized
people, resources and processes Methods to ensure confidentiality include data encryption, identity
proofing and two factor authentication.
 Integrity ensures that system information or processes are protected from intentional or accidental
modification. One way to ensure integrity is to use a hash function or checksum.
 Availability means that authorized users are able to access systems and data when and where needed
and those that do not meet established conditions, are not. This can be achieved by maintaining
equipment, performing hardware repairs, keeping operating systems and software up to date,
and creating backups.

2. The protection of information in each of its possible states.

 Processing refers to data that is being used to perform an operation such as updating a database record
(data in process).
 Storage refers to data stored in memory or on a permanent storage device such as a hard drive, solid-
state drive or USB drive (data at rest).
 Transmission refers to data traveling between information systems (data in transit).

3. The security measures used to protect data.

 Awareness, training and education are the measures put in place by an organization to ensure
that users are knowledgeable about potential security threats and the actions they can take to protect
information systems.
 Technology refers to the software- and hardware-based solutions designed to protect information
systems such as firewalls, which continuously monitor your network in search of possible malicious
incidents.
 Policy and procedure refers to the administrative controls that provide a foundation for how an
organization implements information assurance, such as incident response plans and best practice
guidelines.
Hackers

Hacking is the act of identifying and then exploiting weaknesses in a computer system or network, usually to gain
unauthorized access to personal or organizational data.

A hacker is a person who breaks into a computer system. The reasons for hacking can be
many: installing malware, stealing or destroying data, disrupting service, and more. .

Types of Hackers

1. White hat
2. Black Hat: Carry out with negative intension illegal hacking
3. Grey hat
https://www.javatpoint.com/types-of-hackers

Although there is no specific step-by-step methodology used by all hackers, a typical hacking process comprises
of the following steps:

Hacking Methodology

1. Footprinting – the process of using passive methods of gaining information about the target system prior to
performing the attack. The interaction with the target system is kept at minimum in order to avoid detection
and alert the target about the attack. The footprinting can reveal vulnerabilities of the target system and
improve the ease with which they can be exploited. Various methods are employed for footprinting, for
example whois queries, Google searches, job boards search, network enumeration, operating system
identification, etc.
2. Scanning – the process of taking information obtained from the footprinting phase in order to target the
attack more precisely. Some of the metods used in this phase are port scans, ping sweeps, operating systems
detection, observation of facilities used by the target, and so on.
3. Enumeration – the process of extracting more detailed information about the information obtained during
the scanning phase to determine its usefulness. Some of the methods used in this step are user accounts
enumeration, SNMP enumeration, UNIX/Linux enumeration, LDAP enumeration, NTP enumeration, SMTP
enumeration, DNS enumeration, etc.
4. System hacking – the process of planning and executing the attack based on the information obtained in the
previous phases. In this phase the attacker performs the actual hacking process using hacking tools.
5. Escalation of privilege – the process of obtaining privileges that are granted to higher privileged accounts
than the attacker broke into originally. The goal of this step is to move from a low-level account (such as a
guest account) all the way up to administrator.
6. Covering tracks – the process of removing any evidence of the attacker’s presence in a system. The attacker
purges log files and removes other evidence needed for the owner of the system to determine that an attack
occured.
7. Planting backdoors – the process of securing unauthorized remote access to a computer, so the attacker can
access the system later without being detected. Backdoors are usually computer programs that give an
attacker the remote access to a targeted computer system.



Benefits of cybersecurity
The following are the benefits of implementing and maintaining cybersecurity:

o Cyberattacks and data breach protection for businesses.

o Data and network security are both protected.
o Unauthorized user access is avoided.
o After a breach, there is a faster recovery time.
o End-user and endpoint device protection.
o Regulatory adherence.
o Continuity of operations.
o Developers, partners, consumers, stakeholders, and workers have more faith in the
company's reputation and trust.