Linkedin Youtube

Key Cybersecurity and Information Security Concepts

Key Terminologies in Cybersecurity

Threat
• Threat: A harmful event or action that can cause damage to an organization's
assets, data, or operations.
o Types of Damage:
▪ Confidentiality: Unauthorized disclosure of sensitive
information.
▪ Integrity: Alteration or manipulation of data, leading to loss of
trust in the system.
▪ Availability: Disruption of system or service availability,
rendering them inaccessible when needed.
o Sources of Threats:
▪ Human-Made: Malicious insiders, hackers, cybercriminals, or
negligent employees.
▪ Non-Human-Made: Technical issues (e.g., malware, hardware
failure) or natural disasters (e.g., floods, fires).

Asset
• Asset: Any resource owned by an organization that provides economic or
strategic value.
o Types of Assets:
▪ Tangible Assets: Physical items like buildings, servers, and
hardware.
▪ Intangible Assets: Non-physical items like intellectual property
(patents, trademarks), strategic plans, trade secrets, and
reputation.

Page 1 of 4
www.cyvitrix.com [email protected]
 Linkedin Youtube

Vulnerability
• Vulnerability: A weakness or flaw in a system, application, network, or
human behavior that can be exploited by a threat actor.
o Types of Vulnerabilities:
▪ Technical Vulnerabilities: Unpatched software, open ports, or
outdated security protocols.
▪ Non-Technical Vulnerabilities: Lack of security awareness or
inadequate security training for employees.

The Relationship Between Threats, Assets, and

Vulnerabilities
• Exploitation Process: Threats exploit vulnerabilities tied to organizational
assets. This leads to potential damage or loss, whether through financial
harm, reputational damage, or operational disruption.
• Exploitation Example: Phishing attacks exploit human vulnerabilities by
creating urgency in emails to trick users into clicking malicious links or
sharing sensitive information.

Managing Vulnerabilities

• Tracking: Vulnerabilities are tracked by organizations like the Common

Vulnerabilities and Exposures (CVE) system, managed by MITRE.
o Identification: Vendors collaborate with organizations like MITRE to
receive unique CVE IDs for newly discovered vulnerabilities.
o Monthly Announcements: Vendors like Microsoft, Cisco, and Linux
announce vulnerabilities regularly and provide patches or mitigation
strategies.
o Purpose: Helps measure and categorize the severity of vulnerabilities.

Page 2 of 4
www.cyvitrix.com [email protected]
 Linkedin Youtube

• CVSS (Common Vulnerability Scoring System) Score:

o Definition: A numerical scale from 0 to 10, used to assess the
criticality of a vulnerability. A score of 10 represents the most severe
vulnerabilities.
o Usage: CVE ID combined with a CVSS score is used to prioritize
remediation efforts, determining how quickly the vulnerability must be
addressed.

Zero-Day Vulnerabilities
• Definition: Vulnerabilities that are actively exploited by threat actors but
have no available patch or fix, making them particularly dangerous.
o Impact: Zero-day vulnerabilities are highly effective in attacks due to
the lack of prior awareness or defenses against them.
o Mitigation: Employing proactive security measures such as prompt
patching, layered security defenses, and network segmentation to
limit the impact.

Exploitation and Attacks

• Exploitation Definition: The act of using a vulnerability to launch an attack

on a system or network.
o Tools: Exploits, scripts, or codes created by hackers or available on
the dark web are used to exploit vulnerabilities in systems.
o Zero-Day Attacks: Particularly dangerous because they target
vulnerabilities that are not yet publicly known or patched.

Holistic Security Approach

• Continuous Monitoring: A critical element for detecting abnormal behaviors,
unauthorized access, or suspicious activities in real-time to maintain a
strong security posture.
• Proactive Processes: Involves regularly identifying security vulnerabilities,
applying appropriate security controls, and remediating those vulnerabilities
before they are exploited.
Page 3 of 4
www.cyvitrix.com [email protected]
 Linkedin Youtube

o Security Program: A robust security program includes regular

patching, continuous monitoring, and the optimization and
enhancement of security controls, tools, and techniques to ensure
comprehensive protection.

Recap
• An attack results from the combination of a threat, a motivated threat actor,
and an exploitable vulnerability.
• Continuous monitoring and a holistic security approach are essential for
maintaining a mature and effective security posture.
• Security is an ongoing process that requires multiple layers of protection,
continuous improvement, and constant vigilance to adapt to evolving threats.

Page 4 of 4
www.cyvitrix.com [email protected]