Skip to main content

P1L1 The Security Mindset

Definition

Project something valuable from criminal activities.

Threat source

Cyber-criminals: want to profit from others' sensitive data.
Hacktivists: don't like something you do or something you are.
Nation-Sates: political advantage or for espionage.

Vulnerabilities and attacks

Threat actors exploit vulnerabilities to launch attacks.
Attacks lead to compromise or security breaches
Vulnerabilities in software, networks and humans.

Real world attacks

2013 Target store breach.

Sony Pictures hack

Relationship of Key Cyber Security Concepts

Data requirements (CIA)

Confidentiality
Integrity: should not be modified, change or corrupted.
Availability

How to protect?

Prevention
Detection
Response
Recovery and remediation
Policy (What) vs. mechanism(how)

world-wide $500 Billion annual loss

Example Stuxnet

Stuxnet: How It Infects PLCs (Links to an external site.)

The Real Story of Stuxnet (Links to an external site.)

Summary

Cyber Security

Huge problem for people, governments, companies, etc.
Enhance the level of assurance of systems

The security mindset requires we know:

Threats
actors/motivations
How they successfully attack.

Definition
Threat source
Vulnerabilities and attacks
Real world attacks
- Relationship of Key Cyber Security Concepts
- Data requirements (CIA)
How to protect?
- Example Stuxnet
Summary
- Cyber Security