Cybersecurity Fundamentals

Cybersecurity Fundamentals

This blog is about to Cybersecurity Fundamentals, there are total ten agenda which has explained step by step.

Data Breach Statistics

Data Breach Statistics

What is Cybersecurity?

• The protection of information assets by addressing threats to information processed, stored and transported by internetworked information systems.

Cybersecurity

What is Information Security (InfoSec)?

• Infosec deals with information, regardless of its format (it encompasses paper documents, digital and intellectual property in people’s minds, and verbal or visual communications.

Information Security

• Cybersecurity on the other hand, is concerned with protecting digital assets, everything from networks to hardware and information processed, stored or/and transported by internetworked information systems.

Protecting Digital Assets

• The NIST (National Institute of Standards and Technology) & ENISA (European Union Agency for Network and Information Security) have identified 5 key functions necessary for the protection of digital assets

Key Concepts

• It is important to understand the elements of Information Security

Cybersecurity Roles

• Governance

̶ It’s the responsibility of the board of directors and senior management of the organization. Provide strategic direction, ensure that objectives are achieved, ascertain whether risk is being managed appropriately and verify that the organization’s resources are being used responsibly, are goals of the governance program

• Risk Management

̶ It’s the process by which an organization manages risk to acceptable levels, it requires the development and implementation of internal controls to manage mitigate risk throughout the organization, including financial and investment risk, physical risk and cyberrisk

• Compliance

̶ The act of adhering to mandated requirements defined by laws and regulations, this also includes contractual obligations with clients, partners and internal policies

Cybersecurity Concepts

• Risk:

̶ The combination of the probability of an event and its consequence (ISO/IEC 73:2009). Risk is mitigated through the use of controls or safeguards.

• Approaches

Risk Treatment

Risk Treatment (Contd)

What is Residual Risk?

• The risk that still remains after countermeasures and controls have been implemented.

• If residual risk is greater than the acceptable risk level, then it should be further treated with the option of additional mitigation through implementing more stringent controls

Essential Terminology

Essential Terminology (Contd)

Threat Agents

Leave a Comment

Your email address will not be published. Required fields are marked *

Open Whatsapp chat
Whatsapp Us
Chat with us for faster replies.