Cybersecurity Fundamentals
Cyber Security Fundamentals provide a comprehensive overview of concepts such as threat and vulnerabilities, policy, reference monitor, OSI model, topology, network scanning, intrusion detection, incident response and privacy goals. It seeks to educate on the importance of cybersecurity practices and how they impact an organization. Practitioners learn how to identify and mitigate common risks, threats, and vulnerabilities, and how to employ tools and techniques to protect networks, devices, people, and data from unauthorized access.
Cybersecurity practitioners are expected to be ethically responsible and are entrusted to use their skills in ensuring that data is safe and secure. It is their ethical principles which separate them from would be hackers. Organizations hire cybersecurity practitioners with the expectation that they would protect the organization’s sensitive information from cyber-attacks.
Threats and Vulnerabilities
A threat is an event or a condition with the potential to adversely impact operations. Examples of threats include, viruses, spyware, denial-of-service attacks, phishing attacks and trojans. When there exists a gap or weakness in an information system, that has the potential to be exploited by a threat agent, it is considered a vulnerability (Rapid7, 2023). If a bug is found in software and it is deemed to be a vulnerability, the MITRE organization registers it as a Common Vulnerability Exposure (CVE) and assigns a Common Vulnerability Scoring System (CVSS) score. This score reflects the severity of the security risk which could be introduced into an organization. Security professionals are duty bound in ensuring that applications and information systems are scanned regularly for vulnerabilities, and the latest patches are installed. They are expected to protect the confidentiality of the information they come upon, when using penetration tools and techniques to assess the security of software, networks, and information systems.
Some organizations implement vulnerability and patch management solutions so that they could maintain a secured and resilient environment. A patch management solution ensures that organizations have control over application, platform and operating system updates. It assists in maintaining the functionality and security of their software and devices. Patch management also facilitates the timely application of patches such as security and feature updates, and bug fixes provided by software vendors. With a Vulnerability Management Solution (VMS) in place, organizations have the ability to proactively identify, prioritize, assess and remediate vulnerabilities in their environment.
Below is an example of a Threat Statement Table depicting a list of threats, their description, and impact to data or systems.
References:
Rapid7. (2023). Vulnerabilities, Exploits, and Threats. Retrieved from Rapid7.com: https://www.rapid7.com/fundamentals/vulnerabilities-exploits-threats/
Policy
Organizations employ security policies to support their legal and ethical responsibilities. Security Policies reflect the risk appetite of upper management, define what is required of employees, and serve as a mechanism to hold individuals accountable for compliance. They support the organization’s mission, hence when security professionals write policies, the organization’s mission and senior leadership’s concerns should be in the forefront of their thoughts. (Dunham, 2020). Security policies should be enforceable and it is important that everyone reads and signs off on it. If there are policies exceptions, then the exception approval process should be stated, along with any introduced risk and how it would be mitigated. Security policies should be brief, succinct, and written in simple language so that all employees could understand.
Below is an artifact which I wrote on Security Policy.
References:
Dunham, R. (2020, May 5). Information Security Policies: Why They Are Important To Your Organization. Retrieved from Linnfordco.com: https://linfordco.com/blog/information-security-policies/
The OSI Model
The Open Systems Interconnection (OSI) Model is a seven-layer architecture model where each layer has a specific function to perform. It is a conceptual framework that specifies how network systems communicate and serves as a common language for cybersecurity professionals to collaborate with each other on network vulnerabilities, troubleshooting issues, understanding security weaknesses in protocols, and developing robust security measures (Eldemir, 2023). In employing the OSI framework, security professionals could effectively isolate problems, resolve issues faster by identifying at which layer a network issue occurs, and thus reduce security risks. When security professionals embrace the OSI framework, they are empowered with the knowledge to adjust to evolving threats and stay ahead in a constantly changing security landscape.
References:
Eldemir, E. (2023, May 22). The Crucial Role of Understanding the OSI Model in Cybersecurity Defense. Retrieved from LinkedIn.com: https://www.linkedin.com/pulse/crucial-role-understanding-osi-model-cybersecurity-defense-eldemir
Ethical Hackers Academy. (n.d). Top Network Security Cheat Sheet. Retrieved from https://media.licdn.com/dms/image/D5622AQF9xLXJdB9pOQ/feedshare-shrink_1280/0/1710502270391?e=1713398400&v=beta&t=AW95O46cooQhvoFfCpeJ4O4U-yhc_5S7_ZvvtoWcXwM
Privacy Goals
While the chosen artifact does not specifically address the topic of privacy goals, the entire concept of the paper addresses protection of information. It embraces the listed topics, and its ultimate focus is about protecting the confidentiality, integrity, and availability of data. This document details how security professionals can protect applications and systems from threats and vulnerabilities by utilizing a patch management system to mitigate vulnerabilities. While not specifically mentioned, it would employ network scanning to ensure that after patch updates, security vulnerabilities are fixed. Because of the sensitive nature of the data, the organizational policy is amended to control access to the lab, and the data is encrypted both at rest and in transit.
While the reference monitor is not specifically mentioned, VLANS are configured to provide access-control, thus tightening network security, confining broadcast domains, and reducing network traffic. Intrusion detection and incident response are implemented to proactively monitor for unusual traffic and guarantee efficient identification, containment, and resolution of security incidents. The OSI framework ensures that there is seamless communication within the network (topology) by providing a common reference point, and the privacy goals are to protect the development projects’ sensitive data. Organizations entrust security professionals with valuable information and in turn, it is their responsibility to prioritize network security, and protect data privacy and confidentiality.
Reflections
Security professionals are tasked with protecting an organization’s data. It is important that they are cognizant of the daily threats that emerge, which could potentially harm the organization. According to Forbes in 2023, it is estimated that 560,000 new pieces of malware are detected every day and almost 340 million people have been affected by publicly reported data breaches or leaks (Brooks, 2023). With the growing increase of data and the global expansion of internet connectivity, hackers have been taking advantage of security gaps and vulnerabilities in a more exploitable attack surface. I chose the artifact on threats because it presents a variety of threats in its list, as well as categorizing the threat’s impact to data or systems based on the CIA triad. In addition, it gives a description of each threat and, in some cases, real-life examples of breaches where the specified threat exploited a vulnerability in the system.
On the topic of Policy, I chose the specified artifact because policies shape the way that we do things. While security policies are in place to protect an organization’s physical and digital assets, they also protect individual employees and the entire organization. Depending on the scope and purpose of a policy, security policies could be categorized into three types (Lutkevich, 2021):
· Organizational policies serve as the as the master blueprint for the entire security program.
· System-specific policies dictate security procedures for information systems or networks.
· Issue-specific policies target specific aspects of the larger organizational policy.
For the OSI model, this artifact was chosen because it presents a visual of the seven layers along with protocols and threats at each layer. This model assists network engineers in determining what hardware and software they would need, and to understand how network components communicate across the network. It is also important to note that this model facilitates equipment manufacturers to maintain interconnectivity with other manufacturers as they define their standards and protocols.
The Research Innovation Lab artifact illustrates how the listed topics could be incorporated into a solution. In our daily professional lives, we interact with all of the presented topics and more. As a security professional, I am duty-bound to protect the organization’s assets. My main responsibility as an ISO 27001 Project Manager is to ensure that the Information Security Management System (ISMS) controls are sufficient to secure the organization’s data, documents, and other information assets. My duties include conducting policy review meetings to verify that policies are still effective and there are no gaps, conducting risk assessments to ensure that the controls in place are still effective against threats, and performing physical on-site audits to confirm that the business units are following the ISMS policies and procedures for maintaining the organization’s privacy goals. As a member of the cybersecurity team, I keep abreast with released Common Vulnerabilities and Exposures (CVEs) and use tools such as Tenable Nessus vulnerability assessment tool to scan endpoints in subnets. Throughout my profession, the OSI Model has served as a guidepost in troubleshooting network issues. As a security professional, I am expected to exhibit due care, professionalism, objectivity, and good conduct while executing my duties.
References:
Brooks, C. (2023, May 5). Cybersecurity Trends & Statistics; More Sophisticated And Persistent Threats So Far In 2023. Retrieved from Forbes.com: https://www.forbes.com/sites/chuckbrooks/2023/05/05/cybersecurity-trends--statistics-more-sophisticated-and-persistent-threats-so-far-in-2023/?sh=4ce5716d7cb6
Lutkevich, B. (2021, September). What is a Security Policy. Retrieved from Techtarget.com: https://www.techtarget.com/searchsecurity/definition/security-policy#:~:text=Why%20are%20security%20policies%20important,all%20threats%20to%20those%20assets.