Unlock the full potential of your projects.
Show full map
Copy and edit map Copy

Topic 1: Cybersecurity

Other
HL
Huyen Le
Get Started. It's Free
or sign up with your email address
Similar Mind Maps Mind Map Outline
Topic 1: Cybersecurity by Mind Map: Topic 1: Cybersecurity

1. Difference with information security (IS)

1.1. IS: The prevention of unauthorized access or alteration during the time of storing data or transferring it from one machine to another.

1.2. The difference is that information security belongs to cybersecurity

2. Principles of cybersecurity

2.1. CIA Triad

2.1.1. Confidentiality

2.1.1.1. Only authorized users are allowed to access

2.1.2. Integrity

2.1.2.1. maintained in a correct state

2.1.3. Availability

2.1.3.1. should be able to access data whenever they want

2.2. IAAA(N)

2.2.1. Identification

2.2.1.1. a process of professing an identity

2.2.2. Authorisation

2.2.2.1. permitted or privileged users are allowed to access

2.2.3. Authenticity

2.2.3.1. identities are verified

2.2.4. Accounting

2.2.4.1. keep track of what users do and when

2.2.5. Non-repudiation Protection

2.2.5.1. an assurance/agreement between two parties such as a signature

3. Definition

3.1. The defending of computers, servers, mobile devices, electronic systems, networks and data from malicious attacks which range from business organisations to personal devices.

3.2. Attacks can be divided into different categories, such as

3.2.1. network security

3.2.2. application security

3.2.3. information security

3.2.4. disaster recovery

3.2.5. business continuity

3.2.5.1. the ability to maintain functions during the disaster and after it has occured

3.3. Cyberspace

3.3.1. anything refers to information system, such as software, hardware, database, people, policy,...

4. The Design Concepts

4.1. Integrity

4.1.1. Least Common Mechanisms

4.1.1.1. access controls to many users should be minimized as much as possible

4.1.2. Economy of Mechanisms

4.1.2.1. design of security should be as small and simple as possible for better testing and verification

4.1.3. Separation of Duties

4.1.3.1. also known as segregation of duties, is the concept of having more than one person required to complete a task.

4.1.3.1.1. E.g: one person can place an order to buy an asset, but a different person must record the transaction in the accounting records.

4.1.4. Leveraging Existing Components

4.1.4.1. promotes the reuse of existing software components, code, and functionality.

4.1.4.2. It helps reduce the attack surface and avoid introducing new vulnerabilities. Save times and resources by using the components that are already available and tested

4.2. Authorisation

4.2.1. Defence in Depth

4.2.1.1. requires the formation of multiple layers to protect the system

4.2.2. Complete Mediation

4.2.2.1. should be checked constantly against the access control

4.2.3. Psychological Acceptability

4.2.3.1. intefaces should be easy to use to avoid mistakes

4.3. Authenticity

4.3.1. Least Priviledge

4.3.1.1. systems should only be given access to those who priviledged

4.3.2. Fail Safe/Fail Secure

4.3.2.1. Fail Safe means the system will automatically unlock if there is any invasion or emergency, or power outage

4.3.2.2. Fail Secure means the system will lock if there is any problem

4.3.3. Open Design

4.3.3.1. if users modify the system, others should be informed to know about the changes. No security through obscurity

4.3.4. Need to know

4.3.4.1. right to access should not be simply based on the privileges but also the relevance of data to the person who needs authorization

4.3.4.1.1. A given user Nathan may have “Top Secret” Clearance, but according to his Need-to-know would only ever get to see data concerning “Alpha”. just because Nathan has a Top Secret clearance, does not mean he can see Top Secret data. He must have a Need-to-know (and in fact additional add-on’s). Otherwise, all such data would be redacted.

5. OSI security architecture

5.1. Security Attack

5.1.1. Any action that compromises the security of information owned by an organisation

5.1.1.1. Active

5.1.1.1.1. Someone intercepting an email modifying the content before it reaches the receiver

5.1.1.2. Passive

5.1.1.2.1. someone spying and listening in on a private web conference is an example of a passive attack

5.2. Security Mechanism

5.2.1. A process that is designed to detect, prevent, or recover from a security attack.

5.3. Security Service

5.3.1. A processing or communication service that enhances the security of the data processing systems and the information transfers of an organisation.

5.3.2. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.

6. Information States

6.1. Processing

6.1.1. one might compresses data to occupy less space, another may encrypt it so that it becomes unintelligible to unintended third parties

6.1.2. This state focuses on how one operates on data to change its form.

6.1.3. E.g. The process itself could be one single operation as simple as circularly shifting characters a certain amount to the left or right

6.2. Storage

6.2.1. The requirement to keep the data intact, i.e., prevent its integrity while in storage

6.2.2. refers to the case when information rests in a storage media of choice for making it available in the future

6.2.3. E.g. a person can store family vacation pictures on his cell phone and then may decide to store them on a DVD for allocating more space on his cell phone storage.

6.3. Transmission

6.3.1. refers to the situation when information handled is transferred from one place (source) to another place (destination)

6.3.2. E.g. from the headquarter to the branch office

7. Assets, Threats, Vulnerabilities, and Risks

7.1. Assets are items of value that help firms achieve business objectives

7.1.1. E.g. customer data, employee records,..

7.2. Threats are events or conditions that might cause loss to assets

7.3. Risk is the likelihood and impact of a threat exploiting a vulnerability, to harm an asset

7.4. Vulnerabilities are weaknesses

7.4.1. Human

7.4.2. Technical

7.4.3. Physical and Environmental

7.4.4. Operational

7.4.5. Business Continuity and Compliance

8. Cyber Kill Chain

8.1. Reconnaissance

8.1.1. Determine targets

8.2. Weaponisation

8.2.1. Gain access

8.3. Delivery

8.3.1. Deliver malicious means

8.4. Exploit

8.4.1. Use the delivered means to exploit

8.5. Installation

8.5.1. Malware package is installed

8.6. Command and Control

8.6.1. Create command and control system to operate the malware remotely

8.7. Actions

8.7.1. Threats activated

9. Components of the Sorcery Cube

9.1. Countermeasures

9.1.1. People

9.1.2. Technology

9.1.3. Policies and Practices

9.1.3.1. Security Goals

9.1.3.1.1. Confidentiality

9.1.3.1.2. Integrity

9.1.3.1.3. Availability