What is “the protection of information assets by addressing threats to information processed, stored and transported by internetworked information systems.” ?
cybersecurity
What are attacks by an adversary who possesses sophisticated levels of expertise and significant resources, which allow the attacker to create opportunities to achieve its objectives using multiple attack vectors.
Advanced Persistent Threats (APTs),
What are some of the factors (6) that can impact security, such as:
- Platforms and tools used
- Network connectivity (internal, third-party, public)
- Level of IT complexity
- Operational support for security
- User community and capabilities
- New or emerging security tools
When evaluating business plans and the general business environment, consider drivers (7) such as:
- Nature of business
- Risk tolerance
- Security profile
- Industry trends for security
- Mergers, acquisitions and partnerships
- Consider type, frequency & level of integration
- Outsourcing services or providers
Cybersecurity addresses both internal and external threats to an organization’s digital information assets by focusing on what (4)?
critical electronic data processes,
signal processing,
risk analytics and
information system security engineering.
Estimated information security jobs available are expected by 2018
over 4.2 million
Information security deals with information, regardless of its format—it encompasses paper documents, digital and intellectual property in people’s minds, and verbal or visual communications. Cybersecurity, on the other hand, is concerned with protecting _________
digital assets
What does ENISA stand for?
European Union Agency for Network and Information Security
NIST and ENISA have identified five key functions necessary for the protection of digital assets:
- Identify: Use organizational understanding to minimize risk to systems, assets, data and capabilities.
- Protect: Design safeguards to limit the impact of potential events on critical services and infrastructure.
- Detect: Implement activities to identify the occurrence of a cybersecurity event.
- Respond: Take appropriate action after learning of a security event.
- Recover: Plan for resilience and the timely repair of compromised capabilities and services.
To better understand cybersecurity and the protection of cyberassets, it is helpful to consider three key
concepts that are used to guide security policies. The concepts are:
- Confidentiality - protection of information from unauthorized access or disclosure.
- Integrity - protection of information from unauthorized modification.
- Availability - ensures the timely and reliable access to and use of information and systems.
Confidentiality can be preserved using the following methods:
- Access Controls
- File Permissions
- Encryption
Integrity can be preserved using the following methods:
- Access controls
- Logging
- Digital Signatures
- Hashes
- Encryptions
Availability can be preserved using the following methods:
- Redundancy
- Backups
- Access Controls
Nonrepudiation refers to the concept that a message or other piece of information is _______.
genuine.
Nonrepudiation is implemented through _______.
1) transactional logs and
2) digital signatures.
The highest level of organizational structure to protect their assets and operations is generally referred to as ________ (GRC)
governance,
risk management and
compliance
Governance is the responsibility of the board of directors and senior management of the organization. A governance program has several goals:
- Provide strategic direction
- Ensure that objectives are achieved
- Ensure risk is being managed appropriately
- Verify that resources are being used responsibly
The board should periodically be provided with the high-level results of comprehensive _________
risk assessments and
business impact analyses (BIAs),
As opposed to being the decision maker, the manager’s role in this situation is often constrained to presentation of _____________
options and
key decision support information.
Generally, the cybersecurity manager will be responsible for: (10)
- Developing the security strategy
- Overseeing the security program and initiatives
- Coordinating with business process owners
- Ensuring that risk and BIAs are conducted
- Developing risk mitigation strategies
- Enforcing policy and regulatory compliance
- Monitoring utilization & effectiveness of resources
- Developing & implementing monitoring and metrics
- Directing and monitoring security activities
- Managing cybersecurity incidents and their remediation, as well as incorporating lessons learned
The cybersecurity domains covered in this guide are as follows: (5)
- Cybersecurity Concepts
- Security Architecture Principles
- Security of Networks, Systems, Applications & Data
- Incident Response
- Security Implications & Adoption of Evolving Tech
The Cybersecurity Concepts domain provides discussion of critical concepts such as: (4)
- Basic risk management
- Common attack vectors and threat agents
- Patterns and types of attacks
- Types of security policies and procedures
- Cybersecurity control processes
The Security Architecture Principles domain provides information that helps security professionals identify and apply the principles of security architecture. It discusses a variety of topics, including:
- Common security architectures and frameworks
- System topology and perimeter concepts
- Firewalls and encryption
- Isolation and segmentation
- Methods for monitoring, detection and logging
The Security of Networks, Systems, Applications & Data domain addresses basic system hardening techniques and security measures, including:
• Process controls
- Risk assessments
- Vulnerability management
- Penetration testing
• Best practices for securing
- System & application security threats & vulnerabilities
- Effective controls for managing vulnerabilities
