Information and

Communication
Technologies (ICT)

Cybersecurity
 Lecture 8
• Last week: Networks and Telecommunications:
• End devices, data transmission devices, data transmission
medium. Types of networks. Stack protocols: TCP/IP, OSI. IP
addressing. Local and global networks. Wired and wireless
networking technologies. DHCP. Technologies of connection to
the Internet. Telecommunication technologies
• Overview of Today’s Lecture
• Threats to information security and their classification
• Standards and specifications in the field of information security
• Measures and means of information protection
• Electronic digital signature. Encryption
• Malicious programs. Anti-virus programs
• Archivers

2
 Objectives
• Understand the definition of information security
• Comprehend the history of computer security and
how it evolved into information security
• Understand the key terms and concepts of
information security
• Outline the phases of the security systems
development life cycle
• Understand the roles of professionals involved in
information security within an organization

3
Introduction

Information security: a “well-informed sense of assurance that the

information risks and controls are in balance.”

—Jim Anderson, Inovant (2002)

4
What is a Cyber Security?
‘Cybersecurity is the body of technologies, processes
and practices designed to protect networks,
computers, programs and data from attack, damage
or unauthorized’

http://whatis.techtarget.com/definition/cybersecurity

‘A major part of Cyber Security is to fix broken

software’

5
Cybersecurity
• Ensuring cybersecurity requires coordinated efforts
throughout an information system
• Elements of cybersecurity include:

Application security
Information security
Network security
Disaster recovery / business continuity planning
Operational security
End-user education

6
What is a Cyber Crime?

Cyber crime encompasses any criminal act dealing with

computers and networks (called hacking).
Additionally, cyber crime also includes traditional crimes
conducted through the Internet.

A major attack vector of Cyber Crime is to exploit

broken software

encompass, embody, comprise, imply, embrace, implicate

7
Cybersecurity

A major part of Cyber Security

is to fix broken software

A major attack vector of Cyber

Crime is to exploit broken
software

exploit, operate, run, take advantage of 8

Cybersecurity

• The Coin : Broken/Complex Software

• Cyber Security : One side of the coin

• Cyber Crime : Other side of the coin

9
 VS Graph - two sides of the same coin

Cyb u ri ty
e r S ec
r Cr e
ime Cyb

Cyber Crime
Cyber Security

Decrease in broken software =

Increase in good software
10
Cybersecurity

We must penalize broken software and

reward good software

That will decrease Cyber Crime and increase

Cyber Security!

11
What Is Security?

• How do you define security?

• Specialized areas of security

• Physical
• Operations
• Communications
• Network

Each of these areas contribute to the

information security program as a whole
12
What Is Information Security?

What is Information Security?

How do we achieve Information Security?

Policy
Technology
Training and Awareness Programs

Role of information security is to protect an

organization’s information assets
13
What is Security?

• “The quality or state of being secure—to be free

from danger”
• A successful organization should have multiple
layers of security in place:
• Physical security
• Personal security
• Operations security
• Communications security
• Network security
• Information security

14
Components of an Information System

• Information system (IS) is entire set of

components necessary to use information
as a resource in the organization
• Software
• Hardware
• Data
• People
• Procedures
• Networks

15
necessary to use information as a resource in the organization
Figure 5

Hardware
Software
People

Procedures
Data
Components of an Information System
16
Key Information Security Concepts

Access  Protection Profile or

Asset Security Posture
Attack  Risk
Control, Safeguard,  Subjects and Objects
or Countermeasure  Threat
Exploit
 Threat Agent
Exposure
 Vulnerability
Loss

17
18
CNSS Security Model (cont’d.)

C.I.A. triangle
–Confidentiality, integrity, and availability
–Has expanded into a more comprehensive list
of critical characteristics of information

NSTISSI (CNSS) Security Model

–Provides a more detailed perspective on
security
–Covers the three dimensions of information
security
–Primary purpose: identify gaps in the coverage
of an information security program
CNSS – Committee on National Security Systems

NSTISSI – National Security Telecommunications and Information

Systems Security Instruction 19
 Figure 1-4 – NSTISSC Security
Model NSTISSC Security Model
– Must address all 27 cells when designing/reviewing a
program

Main Purpose: identify gaps in an information security program

NSTISSC – National Security Telecommunications and Information Systems 20
Security Committee
 What is Information Security?
• The protection of information and its critical
elements, including systems and hardware that use,
store, and transmit that information
• Necessary tools: policy, awareness, training,
education, technology
• C.I.A. triangle was standard based on confidentiality,
integrity, and availability
• C.I.A. triangle now expanded into list of critical
characteristics of information

C.I.A. Confidentiality, integrity, and availability

21
How to measure the value of information - CIA Triangle

The value of information comes from the

characteristics it possesses

Exp
a nd
incl ed to
ud e Identification
Authentication
Authorization
Privacy
Accountability
22
Confidentiality

The characteristic of information whereby only those

with sufficient privileges may access certain information

Measures used to protect confidentiality:

–Information classification
–Secure document storage
–Application of general security policies
–Education of information custodians and end users

23
Integrity

The quality or state of being whole, complete, and

uncorrupted

Threats to information integrity:

–Corruption
–Damage
–Destruction
–Other disruption of its authentic state

24
Availability

The characteristic of information that

enables user access to information in a
required format, without interference or
obstruction (obstacle)

Availability does not imply that the

information is accessible to any user
(Implies availability to authorized users)

25
Critical Characteristics of
Information
• The value of information comes from the
characteristics it possesses:
• Availability
• Accuracy
• Authenticity (originality)
• Confidentiality
• Integrity
• Utility
• Possession

26
Identification and Authentication

Identification
–An information system possesses the characteristic of
identification when it is able to recognize individual users
–Identification and authentication are essential to establishing
the level of access or authorization that an individual is
granted

Authentication
–Occurs when a control proves that a user possesses the
identity that he or she claims

27
Authorization

Assures that the user has been specifically and

explicitly authorized by the proper authority to access,
update, or delete the contents of an information asset

Authorization occurs after authentication

28
Privacy

Information collected, used, and stored by

an organization is to be used only for the
purposes stated to the data owner at the
time it was collected

Privacy as a characteristic of information

does not signify freedom from observation
• Means that information will be used only in
ways known to the person providing it

29
Components of an Information
System
• Information System (IS) is entire set of software,
hardware, data, people, procedures, and networks
necessary to use information as a resource in the
organization

30
Securing Components

• Computer can be subject of an attack and/or the

object of an attack
• When the subject of an attack, computer is used as
an active tool to conduct attack

• When the object of an attack, computer is the entity

being attacked

31
Figure 1-5 – Subject and Object
of Attack

32
Figure 5

Hardware
Software
People

Procedures
Data
Components of an Information System
33
Figure 6
Internet

Computer as Subject of Crime

Computer as Object of Crime

Hacker Remote System

34
 Access vs. Security

• When considering security it is important to realize that it is

impossible to obtain perfect security. Security is not an
absolute. Instead security should be considered a balance
between protection and availability.
• It is possible to have unrestricted access to a system, so that
the system is available to anyone, anywhere, anytime,
through any means. However, this kind of random access
poses a danger to the integrity of information.
• On the other hand complete security of an information
system would not allow anyone access at any given time.

35
Figure 7

Security
Access

Balancing Security and Access- Too much security might

make access hard to get and people will stop using the
system. On the other hand, a too easy access protocol, might
be a security hole for the network. A balance must be
achieved between those two major “players”
36
Balancing Information Security and Access

Security

Functional Usability
ity

37
Balancing Information Security and Access

• Impossible to obtain perfect security—it is a process,

not an absolute

• Security should be considered balance between

protection and availability

• To achieve balance, level of security must allow

reasonable access, yet protect against threats

38
Figure 1-6 – Balancing Security
Balancing
and AccessInformation Security and Access

39
Principles of Information Security
Management

Include the following characteristics that will

be the focus of the current course (six P’s):
1. Planning
2. Policy
3. Programs
4. Protection
5. People
6. Project Management

http://csrc.nist.gov/publications/PubsTC.html
40
Approaches to Information Security
Implementation: Bottom-Up Approach

• Grassroots effort: systems administrators attempt to

improve security of their systems
• Key advantage: technical expertise of individual
administrators
• Seldom works, as it lacks a number of critical features:
• Participant support
• Organizational staying power

41
 What is Encryption ?
Encryption is the process of converting messages,
information, or data into a form unreadable by anyone
except the intended recipient. As shown in the figure
below, Encrypted data must be deciphered, or
decrypted, before it can be read by the recipient

The root of the word encryption—crypt—comes from the

Greek word kryptos, meaning hidden or secret

decipher, decrypt, decode, unscramble, paraphrase 42

 Examples
Type Cryptographic Authentication Biometric/
Accelerator Token Recognition
Definition Coprocessor External External
that calculates device that device that
and handles the interfaces with measures
Random device to grant human
Number access. 2 body factors
Generation types: contact to allow
and access
NonContact
Examples PCI coprocessor Credit Card, Fingerprint,
RSA SecurID Optical,
Voice and
Signature
recognition

43
 Biometrics Devices

The iris of your eye is the colored part that

surrounds your black pupil, the black part.
Every iris is different

If a scan of a user’s iris matches the one in the

security system’s memory, access is allowed
44
 Biometrics Devices

Another trait unique to every individual is his or

her voice. The user speaks a specified word or
sentence to gain access to a secured computer.
Distinct patterns, tones, and other qualities in the
voice must match the authorized user’s voice in
the computer’s security system.

45
 Biometrics Devices

Another biometric option is

the fingerprint and its
unique identifying
characteristics
Placed on a special
reading pad, a designated
finger’s print is recognized
by a computer. A similar
biometric device scans a
person’s whole hand
46
 Biometrics Devices
The blood vessels in a person’s face radiate heat. The patterns
of those vessels, and the heat scan, are completely individual
and could be recognized and required for computer access

47
Antivirus software
• Antivirus or anti-virus software (often abbreviated
as AV), sometimes known as anti-malware
software, is computer software used to prevent,
detect and remove malicious software.[1]
• Antivirus software was originally developed to
detect and remove computer viruses, hence the
name.
• However, with the proliferation of other kinds of
malware, antivirus software started to provide
protection from other computer threats.

https://en.wikipedia.org/wiki/Antivirus_software
48
The Best Antivirus Protection of
2019

http://www.pcmag.com/article2/0,2817,2372364,00.asp 49
 REFERENCES
Authoritative Security Alert Information

• securityresponse.symantec.com/ (Symantec)

• www.microsoft.com/security
(Microsoft)

• www.apple.com/support/security/
(Apple)

50
 Authoritative Anti-Virus Organizations

• www.cert.org
(Computer Emergency Response Team-CMU)

• www.ciac.org/ciac
(CIAC-Department of Energy)

• www.sans.org/aboutsans.php
(Server and Network Security)

• www.first.org
(Forum of Incident Response and Security
Teams)

• www.cirt.rutgers.edu 51
 Authoritative Free Public Anti-Virus
Removal Tool Information

• securityresponse.symantec.com/avcenter/to
ols.list.html

• vil.nai.com/vil/averttools.asp

• mssg.rutgers.edu/documentation/viruses
(Rutgers)

• some professional library sites have pointers

to reliable anti-virus information
52