Cybersecurity Fundamentals

&
Cryptography
What Is Cyber Security?

▪ The protection of the assets of a computer system

▪ Hardware
▪ Software
▪ Data
Assets Are…

Hardware Software/Network Data

• Computers but also: • Operating systems, • Files, photos, music,
• Medica l devices applica tions but also databases but also:
• Automobiles • Acce ss control • Location
• Industrial controllers mechanisms • Actions
• Security systems • Physica l Acce ss • Network identity
• Household appliances • Loca tion services • Acce ss list
• Scientific equipment • Network traffic • Payment info
• Tracking/location • Actions • Response/Status
devices • Device identity • Monitored activity
• …and more • …and more • …and more
 Basic Terms
• Vulnerability – weakness in a system
• Threat – circumstance with potential to c ause harm
• Attack – exploit of a vulnerability
• Countermeasure or control – action or device that removes or
reduces a vulnerability
Cybersecurity principles: confidentiality, integrity, and availability
(CIA)
C-I-A Triad
▪ Confidentiality - Only persons authorized to access information or systems
should get access to the information or system.
▪ Integrity - Only those persons or applications authorized to alter the system or
information may do so, and alterations are made under controlled
circumstances.
▪ Availability - The information or system, along with the applications, and other
hosts used to access, store and manipulate it, is available when needed.
▪ Sometimes two other desirable characteristics:
▪ Authentication – Confirm identity of a sender/signer.
▪ Nonrepudiation – Confirm that asserted action can’t be denied.
 Overview of cyber threats:
Malware ,Ransomware, Phishing, DDoS attacks
 BASICS OF CRYPTOGRAPHY:
Encryption, decryption, and Cryptographic algorithms
 CRYPTOGRAPHY
Cryptography is the science of secret, or hidden writing
• Encryption: Practice of hiding messages so that they can not be read by anyone other
than the intended recipient
• Cipher Text is unreadable encrypted message
• Plain Text message is the original message
• Decryption: It is the process of converting Cipher Text back to Plain Text.
• Private Key: It is used to decode the encrypted data at receiver's end
• Public Key: It is used to encrypt the message at sender's end
CIPHER
• Cipher is a method for encrypting messages

Plain Text Encryption Cipher Text Decryption Plain Text

Algorithm Algorithm

Key A Key B

• Encryption algorithms are standardized & published

• The key which is an input to the algorithm is secret
• Key is a string of numbers or characters
• If same key is used for encryption & decryption the algorithm is called symmetric
• If different keys are used for encryption & decryption the algorithm is called
asymmetric
 Cryptographic Algorithms
• Symmetric-Key Algorithms (same key is used for both encryption and decryption)
• AES (Advanced Encryption Standard)
• DES (Data Encryption Standard)

• Asymmetric-Key Algorithms (a public key for encryption and a private key for decryption)
• RSA (Rivest–Shamir–Adleman)
• DSA (Digital Signature Algorithm)

• Hash Functions (generate a fixed-size, unique output (hash) from input data)
• SHA-256 (Secure Hash Algorithm)
• MD5 (Message Digest Algorithm 5)
 IMPORTANCE OF CYBERSECURITY

• Protection of Sensitive Data

• Rising Cyber Threats
• Preserving Business Continuity
• Legal and Regulatory Compliance
• Economic Impact
• Safeguarding Innovation
• Protecting Critical Infrastructure
• Social Responsibility
• Empowering Users
• Adapting to Evolving Technologies
 CYBERSECURITY TEAM:

These teams work together in what's known as "Purple Teaming," where Red and Blue teams collaborate to strengthen
overall security.