CYt100

Introduction to Cyber Security

School of Information & Communications Technology Kamyar Ghaderi ([email protected])

Introduction- Amir Ansari

School of Information & Communications Technology Kamyar Ghaderi ([email protected])

What is Cyber security

Protection of cyberspace from cyber attack

What is cyber space and need for its protection

What are cyber attacks

Need for
Information
Security
• Protection of information and
information systems from
unauthorized access, use, disclosure
to achieve CIA
• Information to be protected can
reside on the Internet, LAN, WAN,
Computer or Mobile computing
device
• Cyber security is a subset of the
larger field of Information Security
Stories are about "Lesson Learned"
 Cyber Security (CS)
1. Multiple layers of protection spread across
the computers, networks, programs, or data
that one intends to keep safe.
2. In an organization, the people, processes,
and technology must all complement one
another to create an effective defense from
cyber attacks. Computer
3. A unified threat management system can
automate integrations across select
"Security products" and accelerate key
security operations functions: detection, Network
investigation, and remediation.

Program Data
Concept of CIA triad

• There are two goals of cybersecurity

• Confidential information must be kept out of reach of potential
cyber attack and unauthorized individuals
• Cybersecurity measures must not hinder authorized users’ access to
the information
• There are three Main principles of cybersecurity
• Confidentiality
• Integrity
• Availabilty
Confidentiality –Integrity-Availability (CIA)
• Efforts of an organization to make sure data is kept secret or private.
• Access to information must be controlled to prevent the unauthorized sharing
of data.
• Making sure that data is trustworthy and free from tampering.
• Only if the data is authentic, accurate, and reliable.
• Data is available to users.
• System is accessible to use. Confidentiality

• What is "Data"? Data

Protected and
available to
stakeholders

Availability Integrity
Concept of CIA triad contd..

• Confidentiality – Information is only accessible to authorized users

• Integrity – Information remains accurate, consistent and must be
protected from any unauthorized modification
• Availability – Information is available to authorized users all the time
without any disruption.
• There is one more principle in modern cybersecurity called ‘Non-
repudiation’ where person can’t deny any modification done by him
 Data Classification

Government General Non-Government (Private) Impact

Top Secret Class-3 Confidential-Proprietary Grave Damage
Secret Class-2 Private Serious Damage
Confidential Class-1 Sensitive Damage
Unclassified Class-0 Public No Damage

Security Policy
Data Policy
 To Make a Political or Social point

Goals and Radical Hacking

Motivation
Financial gain
behind
Information Intellectual Challenge
Security
Business competition
Attacks
Cyberwarfare
Threat Actor

• Cyber threat actors are state-sponsored groups or individuals who with

malicious intent take advantage of vulnerabilities to gain unauthorized
access to information systems
• Threat actors are categorized by their motivations as
• Nation / state sponsored
• Cyber criminals
• Hacktivists
• Terrorist groups
• Thrill-seekers (Intellect)
• Insider threats
Types of Hackers

• Black hat – Hacker who hacks systems mostly for financial gain
• White hat – Hacker whose aim is to protect against black hats
• Grey hat – neither black nor white, hackers perform hacking just for
enjoyment (or to show intellect)
• Blue hat – Hacks system to take revenge. They are aggressive in every
way
• Red Hat – Similar to white hackers but works in anonymous way
Types of Hackers contd..

• Green Hat – New hackers trying to establish their way in a cyber world
• Script kiddies – Not an actual hacker but people who are curious to do
something exciting and cause disruption to the to services
 Unskilled individual who performs or
executes programs just for curiosity

They perform attack referring videos or

already created scrips by making changes
Script to them
Kiddies at a They use most easy routes to a hacking a
glance system and don’t invest money or energy
to perform the attack
They are annoying but not harmful at a
large level
Cybersecurity Framework

• Cybersecurity framework is a guidance on how both internal and

external stakeholders of organization can manage and reduce
cybersecurity risk
• These are standards, guidelines and best practices to manage risks that
arises in the digital world
• Framework’s objective is to avoid unauthorized system access with
controls like implementing username and password
Cybersecurity Framework contd..
• Frameworks are often mandatory or strongly encouraged for
companies in order to maintain compliance and regulations
• Some Top security frameworks are
• NIST cybersecurity framework
• CIS
• ISO/IEC 27001
• PDCA
• HIPAA
• GDPR
Information Classification
• Data classification, in the context of information security, is the
classification of data based on its level of sensitivity
• Restricted – access to internal employees
• Private- access to some group
• Public- access to everyone
• Confidential- access to management only
• Internal- access to internal employees
Information Classification Roles
• Data Sponsor – management and policy responsibility of a data
• Data Steward- operational responsibility of a data
• Data Custodian - who has controlled access of a data
• Data user – who has possession of data
• Certifying authority- authority which certifies accuracy of a data
Security Control Types

Technical Administrative Physical

Access Control lists Management controls Cameras
Configuration rules Operational controls Alarm systems
Security Guards
Bolted doors etc.
Policy, Standard, Guidelines and Procedures
• Management of any security program is determining and defining
how security will be maintained in the organization
• Policy - Policies are formal statements produced and supported by
senior management.
• Driven by business objectives and assessment risk management
• Regularly reviewed with approved changes made as needed
• Easily accessible and understandable
• Standard - mandatory courses of action or rules that give formal
policies support and direction.
Contd..
• One of the more difficult parts of writing standards for an information security program is getting a company-wide
consensus
• Used to indicate expected user behavior.
• Compulsory and must be enforced to be effective
• specifies what hardware and software solutions are available and supported.
• Procedures are detailed step-by-step instructions to achieve a given goal or mandate
• Cookbook to consult
• Guidelines are recommendations to users when specific standards do not apply.
• more general as compared to specific rules.
Roles and Responsibilities

The Information Security Board

Security and Information
of Review (ISBR)- appointed
Compliance Officers- The
administrative authority whose
Security and Information
role is to provide oversight and
Compliance Officers oversee
direction regarding information
the development and
systems security and privacy
implementation
assurance
Contd..

Data Owner- A Data Owner

Data Users - All users have a
is an individual or group or
critical role in the effort to
people who have been
protect and maintain
officially designated as
information systems and
accountable for specific
data
data
Types of attacks
• A cyberattack is a malicious and deliberate attempt by an individual or
organization to breach the information system of another individual
or organization
• Attackers usually seek benefit out of it
• They use botnets to remain undetected and goal is to increase
magnitude of the attack
• There are common types of attack as follows..
Types of attacks contd..
• Malware
• Phishing
• Vishing
• Man in the middle attack
• Denial of service (DoS attacks)
• SQL injection
• Zero day exploit
• DNS Tunneling