What Is Cybersecurity?

Cybersecurity is the ongoing effort to protect individuals, organizations and governments from
digital attacks by protecting networked systems and data from unauthorized use or harm.

Levels of protection

 Personal: On a personal level, you need to safeguard your identity, your

data, and your computing devices
 Organizational: At an organizational level, it is everyone’s responsibility
to protect the organization’s reputation, data and customers
 Government: As more digital information is being gathered and shared,
its protection becomes even more vital at the government level, where
national security, economic stability and the safety and wellbeing of
citizens are at stake

Types of Organizational Data

1 Traditional Data
Traditional data is typically generated and maintained by all organizations, big and
small. It includes the following:

 Transactional data such as details relating to buying and selling, production

activities and basic organizational operations such as any information used to
make employment decisions.
 Intellectual property such as patents, trademarks and new product plans, which
allows an organization to gain economic advantage over its competitors. This
information is often considered a trade secret and losing it could prove disastrous
for the future of a company.
 Financial data such as income statements, balance sheets and cash flow
statements, which provide insight into the health of a company.

2 Internet of Things (IoT) and Big Data

IoT is a large network of physical objects, such as sensors, software and other
equipment. All of these ‘things’ are connected to the Internet, with the ability to collect
and share data. And given that storage options are expanding through the cloud and
virtualization, it’s no surprise that the emergence of IoT has led to an exponential growth
in data, creating a new area of interest in technology and business called 'Big Data.'

The Cube
The McCumber Cube is a model framework created by John McCumber in 1991 to help
organizations establish and evaluate information security initiatives by considering all of
the related factors that impact them. This security model has three dimensions:

1. The foundational principles for protecting information systems.

2. The protection of information in each of its possible states.
3. The security measures used to protect data.

FOUNDATIONAL PRINCIPLES FOR PROTECTING INFORMATION

 Confidentiality is a set of rules that prevents sensitive information from being

disclosed to unauthorized people, resources and processes. Methods to ensure
confidentiality include data encryption, identity proofing and two factor
authentication.
 Integrity ensures that system information or processes are protected from
intentional or accidental modification. One way to ensure integrity is to use
a hash function or checksum.
 Availability means that authorized users are able to access systems and data
when and where needed and those that do not meet established conditions, are
not. This can be achieved by maintaining equipment, performing hardware
repairs, keeping operating systems and software up to date, and creating
backups.

PROTECTION OF INFORMATION IN EACH SIDE

 Processing refers to data that is being used to perform an operation such as

updating a database record (data in process).
 Storage refers to data stored in memory or on a permanent storage device such
as a hard drive, solid-state drive or USB drive (data at rest).
 Transmission refers to data traveling between information systems (data in
transit).

THE SECURITY MEASURES USED TO PROTECT DATA

 Awareness, training and education are the measures put in place by an

organization to ensure that users are knowledgeable about potential security
threats and the actions they can take to protect information systems.
 Technology refers to the software- and hardware-based solutions designed to
protect information systems such as firewalls, which continuously monitor your
network in search of possible malicious incidents.
 Policy and procedure refers to the administrative controls that provide a
foundation for how an organization implements information assurance, such as
incident response plans and best practice guidelines.

Consequences of a Security Breach

  Reputation damage-A security breach can have a negative long-term impact
on an organization’s reputation that has taken years to build. Customers,
particularly those who have been adversely affected by the breach, will need to
be notified and may seek compensation and/or turn to a reliable and secure
competitor.

 Vandalism-A hacker or hacking group may vandalize an organization’s website

by posting untrue information. They might even just make a few minor edits to
your organization’s phone number or address, which can be trickier to detect.

 Theft-A data breach often involves an incident where sensitive personal data
has been stolen. Cybercriminals can make this information public or exploit it to
steal an individual’s money and/or identity.

 Loss of revenue-The financial impact of a security breach can be devastating.

For example, hackers can take down an organization’s website, preventing it
from doing business online.

 Damaged intellectual property-A security breach could also have a

devastating impact on the competitiveness of an organization, particularly if
hackers are able to get their hands on confidential documents, trade secrets and
intellectual property.

CYBER ATTACKERS

Attackers are individuals or groups who attempt to exploit vulnerability for personal or
financial gain.

Types of Attackers
1.Amateurs
The term 'script kiddies' emerged in the 1990s and refers to amateur or
inexperienced hackers who use existing tools or instructions found on the
Internet to launch attacks. Some script kiddies are just curious, others are
trying to demonstrate their skills and cause harm. While script kiddies may
use basic tools, their attacks can still have devastating consequences.
 2.Hackers
This group of attackers break into computer systems or networks to gain
access. Depending on the intent of their break in, they can be classified as
white, gray or black hat hackers.

 White hat attackers break into networks or computer systems to

identify any weaknesses so that the security of a system or network
can be improved. These break-ins are done with prior permission and
any results are reported back to the owner.
 Gray hat attackers may set out to find vulnerabilities in a system but
they will only report their findings to the owners of a system if doing so
coincides with their agenda. Or they might even publish details about
the vulnerability on the internet so that other attackers can exploit it.
 Black hat attackers take advantage of any vulnerability for illegal
personal, financial or political gain.

3.Organized hackers
 These attackers include organizations of cyber criminals, hacktivists,
terrorists and state-sponsored hackers. They are usually highly
sophisticated and organized, and may even provide cybercrime as a
service to other criminals.
 Hacktivists make political statements to create awareness about issues
that are important to them.
 State-sponsored attackers gather intelligence or commit sabotage on
behalf of their government. They are usually highly trained and well-
funded and their attacks are focused on specific goals that are
beneficial to their government.

CYBER WARFARE

Cyberwarfare, as its name suggests, is the use of technology to penetrate and attack
another nation’s computer systems and networks in an effort to cause damage or
disrupt services, such as shutting down a power grid.

The Purpose of Cyberwarfare

To gather compromised information and/or defense secrets

A nation or international organization can engage in cyberwarfare in order to steal

defense secrets and gather information about technology that will help narrow the gaps
in its industries and military capabilities.
Furthermore, compromised sensitive data can give attackers leverage to blackmail
personnel within a foreign government.

To impact another nation’s infrastructure

Besides industrial and military espionage, a nation can continuously invade another
nation’s infrastructure in order to cause disruption and chaos.