Cyber Security - Revision history

User at 16:13, 17 July 2023

2023-07-17T16:13:12Z

User at 17:46, 12 April 2023

2023-04-12T17:46:14Z

Show changes

User at 21:04, 6 December 2022

2022-12-06T21:04:22Z

User at 19:55, 26 October 2022

2022-10-26T19:55:40Z

User: The LinkTitles extension automatically added links to existing pages (https://github.com/bovender/LinkTitles).

2021-02-06T15:05:01Z

The LinkTitles extension automatically added links to existing pages (https://github.com/bovender/LinkTitles).

Show changes

User at 18:17, 22 May 2020

2020-05-22T18:17:20Z

User at 18:15, 22 May 2020

2020-05-22T18:15:43Z

User at 14:27, 22 May 2020

2020-05-22T14:27:37Z

User at 14:16, 22 May 2020

2020-05-22T14:16:57Z

User at 14:10, 22 May 2020

2020-05-22T14:10:59Z

@@ Line 99: / Line 99: @@
 == See Also ==
 <div style="column-count:2;-moz-column-count:4;-webkit-column-count:4">
-[[Data Security]]<br />
+*[[Data Security]]
-[[Security Architecture]]<br />
+*[[Security Architecture]]
-[[Security Policy]]<br />
+*[[Security Policy]]
-[[Security Reference Model (SRM)]]<br />
+*[[Security Reference Model (SRM)]]
-[[Information Security Governance]]<br />
+*[[Information Security Governance]]
-[[Information Security]]<br />
+*[[Information Security]]
-[[Adaptive Security Architecture (ASA)]]<br />
+*[[Adaptive Security Architecture (ASA)]]
-[[Business Model for Information Security (BMIS)]]<br />
+*[[Business Model for Information Security (BMIS)]]
-[[Common Data Security Architecture (CDSA)]]<br />
+*[[Common Data Security Architecture (CDSA)]]
-[[Payment Card Industry Data Security Standard (PCI DSS)]]<br />
+*[[Payment Card Industry Data Security Standard (PCI DSS)]]
-[[Computer Security]]<br />
+*[[Computer Security]]
-[[Enterprise Information Security Architecture (EISA)]]<br />
+*[[Enterprise Information Security Architecture (EISA)]]
-[[Fault Configuration Accounting Performance Security (FCAPS)]]<br />
+*[[Fault Configuration Accounting Performance Security (FCAPS)]]
-[[Graduated Security]]<br />
+*[[Graduated Security]]
-[[Information Systems Security (INFOSEC)]]<br />
+*[[Information Systems Security (INFOSEC)]]
-[[Information Security Management System (ISMS)]]<br />
+*[[Information Security Management System (ISMS)]]
-[[Information Technology Security Assessment]]<br />
+*[[Information Technology Security Assessment]]
-[[Mobile Security]]<br />
+*[[Mobile Security]]
-[[Network Security]]<br />
+*[[Network Security]]
-[[Cyber Espionage]]<br />
+*[[Cyber Espionage]]
-[[Cybernetics]]<br />
+*[[Cybernetics]]
-[[Cyberspace]]<br />
+*[[Cyberspace]]
-[[Internet Crime]]<br />
+*[[Internet Crime]]
-[[Internet Reputation]]<br />
+*[[Internet Reputation]]
-[[Malvertising]]<br />
+*[[Malvertising]]
 </div>

← Older revision		Revision as of 21:04, 6 December 2022
Line 1:		Line 1:
−	'''Cybersecurity''' is the practice of protecting systems, [[Network\|networks]], and ~~[[Computer Program\|~~programs]] from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal [[Business Process\|business processes]].<ref>Defining Cybersecurity [https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html Cisco]</ref>	+	'''Cybersecurity''' is the practice of protecting systems, [[Network\|networks]], and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal [[Business Process\|business processes]].<ref>Defining Cybersecurity [https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html Cisco]</ref>

@@ Line 112: / Line 112: @@
 [[Common Data Security Architecture (CDSA)]]<br />
 [[Payment Card Industry Data Security Standard (PCI DSS)]]<br />
 [[Computer Security]]<br />
 [[Enterprise Information Security Architecture (EISA)]]<br />
@@ Line 122: / Line 121: @@
 [[Mobile Security]]<br />
 [[Network Security]]<br />
 [[Cyber Espionage]]<br />
 [[Cybernetics]]<br />

@@ Line 12: / Line 12: @@
 source: National Cyber Security Center
-Risk Management Regime: Embed an appropriate [[Risk Management|risk management regime]] across the organisation. This should be supported by an empowered [[Governance|governance]] structure, which is actively supported by the [[Board of Directors|board]] and senior managers. Clearly communicate your approach to risk management with the development of applicable policies and practices. These should aim to ensure that all employees, contractors and suppliers are aware of the approach, how decisions are made, and any applicable risk boundaries.
+*Risk Management Regime: Embed an appropriate [[Risk Management|risk management regime]] across the organisation. This should be supported by an empowered [[Governance|governance]] structure, which is actively supported by the [[Board of Directors|board]] and senior managers. Clearly communicate your approach to risk management with the development of applicable policies and practices. These should aim to ensure that all employees, contractors and suppliers are aware of the approach, how decisions are made, and any applicable risk boundaries.
 **Secure configuration: Having an approach to identify baseline technology builds and processes for ensuring [[Configuration Management (CM)|configuration management]] can greatly improve the security of systems. You should develop a [[Strategy|strategy]] to remove or disable unnecessary functionality from systems, and to quickly fix known vulnerabilities, usually via patching. Failure to do so is likely to result in increased risk of compromise of systems and information.
 **Network security: The connections from your networks to the [[Internet]], and other partner networks, expose your systems and technologies to attack. By creating and implementing some simple policies and appropriate architectural and technical responses, you can reduce the chances of these attacks succeeding (or causing harm to your organisation). Your organisation's networks almost certainly span many sites and the use of mobile or remote working, and cloud services, makes defining a fixed network boundary difficult. Rather than focusing purely on physical connections, think about where your data is stored and processed, and where an attacker would have the opportunity to interfere with it.

@@ Line 3: / Line 3: @@
 __TOC__
@@ Line 9: / Line 28: @@
 A data breach can have a range of devastating consequences for any business. It can unravel a company’s reputation through the loss of consumer and partner trust. The loss of critical data, such as source files or intellectual property, can cost a company its competitive advantage. Going further, a data breach can impact corporate revenues due to non-compliance with data protection regulations. It’s estimated that, on average, a data breach costs an affected organization $3.6 million. With high-profile data breaches making media headlines, it’s essential that organizations adopt and implement a strong cybersecurity approach.
 == Types of Cyber Attacks<ref>Types of Cyber Attacks [https://builtin.com/cybersecurity Builtin]</ref> ==
 Cyber attacks come in all shapes and sizes. Some may be overt ransomware attacks (hijacking important business products or tools in exchange for money to release them), while some are covert operations by which criminals infiltrate a system to gain valuable data only to be discovered months after-the-fact, if at all. Criminals are getting craftier with their malicious deeds and here are some of the basic types of cyber attacks affecting thousands of people each day.
-*Malware: [[Malware]] is used to describe malicious software, including [[Spyware|spyware]], [[Ransomeware|ransomware]] and [[Virus|viruses]]. It usually breaches networks through a vulnerability, like clicking on suspicious email links or installing a risky application. Once inside a network, malware can obtain sensitive information, further produce more harmful software throughout the system and can even block access to vital business network components (ransomware).
+*Malware: [[Malware]] is used to describe malicious software, including [[Spyware|spyware]], [[Ransomware|ransomware]] and [[Virus|viruses]]. It usually breaches networks through a vulnerability, like clicking on suspicious email links or installing a risky application. Once inside a network, malware can obtain sensitive information, further produce more harmful software throughout the system and can even block access to vital business network components (ransomware).
 *Phishing: [[Phishing]] is the practice of sending malicious communications (usually emails) designed to appear from reputable, well-known sources. These emails use the same names, logos, wording, etc., as a CEO or company to dull suspicions and get victims to click on harmful links. Once a phishing link is clicked, cyber criminals have access to sensitive [[Data|data]] like credit card, social security or login information.
 *Social Engineering: [[Social Engineering|Social engineering]] is the process of psychologically manipulating people into divulging personal information. Phishing is a form of social engineering, where criminals take advantage of people’s natural curiosity or trust. An example of more advanced social engineering is with voice manipulation. In this case, cyber criminals take an individual’s voice (from sources like a voicemail or social media post) and manipulate it to call friends or relatives and ask for credit card or other personal information.
@@ Line 35: / Line 66: @@
 Below is a graphic that shows how cyber security is often considered a part of Information Security.
-[[File:Cyber_Security_Vs_Information_Security.png|200px|Cyber Security Vs Information Security]]<br />
+[[File:Cyber_Security_Vs_Information_Security.png|400px|Cyber Security Vs Information Security]]<br />
 source: [https://www.novainfosec.com/2014/05/05/cyber-security-versus-information-security/ NovaInfosec]
@@ Line 66: / Line 97: @@
 However, new advances in machine learning and [[Artificial Intelligence (AI)|artificial intelligence (AI)]] have started to be developed to help in organizing and managing data -- although not to the effect needed.

@@ Line 20: / Line 20: @@
-== Cybersecurity Challenges<ref>Cybersecurity Challenges [https://searchsecurity.techtarget.com/definition/cybersecurity Techtarget]</ref> ==
+== Cyber Security vs. Computer Security vs. IT Security vs. Information Security ==
-Cybersecurity is continually challenged by hackers, data loss, privacy, [[Risk Management|risk management]], and changing cybersecurity strategies. Nothing currently indicates that cyber-attacks will decrease. Moreover, with the more entry points, there are for attacks, the more cybersecurity is needed to secure networks and devices.
+Cyber security is the practice of defending your electronic systems, networks, computers, mobile devices, programs and data from malicious digital attacks. Cybercriminals can deploy a variety of attacks against individual victims or businesses that can include accessing, changing or deleting sensitive data; extorting payment; or interfering with business processes.
-One of the most problematic elements of cybersecurity is the continually evolving nature of security risks. As new technologies emerge, and technology is used in new or different ways, new avenues of attack are developed as well. Keeping up with these continual changes and advances in attacks can be challenging to [[Organization|organizations]], as well as updating their practices to protect against them. This also includes ensuring that all the elements of cybersecurity are continually changed and updated to protect against potential vulnerabilities. This can be especially challenging for smaller organizations.
+Information technology (IT) security, also known as electronic information security, is the protection of data both where it is stored and while moving through a network. While cyber security only protects digital data, IT security protects both digital and physical data from intruders.
-Additionally, today, there is a lot of potential data an organization can gather on individuals who take part in one of their services. With more data being collected, the likelihood of a cybercriminal who wants to steal personally identifiable information is another concern. For example, an organization that stores personally identifiable information in the cloud may be subject to a ransomware attack, and should do what they can to prevent a cloud breach.
+Often information technology security professionals and cyber security professionals will work hand in hand to protect a company’s data and prevent unauthorized access. Although in many instances today, both an IT security professional and a cyber security professional will not both be employed by a company. In many companies, cyber security professionals will be found addressing the needs of protecting all data.
-Cybersecurity should also address end-user education, as an employee may accidently bring a virus into a workplace on their work computer, laptop, or smartphone.
+Cyber Security involves anything security-related in the cyber realm (or cyberspace). Information security involves the security of information or information systems regardless of the realm it occurs in (e.g., risk of exposure in physical world). Since anything that occurs in the cyber realm would involve the protection of information and information systems in some way, you can conclude that information security is a super-set of cyber security.
-Another large challenge to cybersecurity includes a job shortage. As growth in data from businesses become more important, the need for more cybersecurity personnel to analyze, manage and respond to incidents increases. It is estimated that there are two million unfilled cybersecurity jobs worldwide. Cybersecurity Ventures also estimates that by 2021, there will be up to 3.5 million unfilled cybersecurity jobs.
+Below is a graphic that shows how cyber security is often considered a part of Information Security.
-However, new advances in machine learning and [[Artificial Intelligence (AI)|artificial intelligence (AI)]] have started to be developed to help in organizing and managing data -- although not to the effect needed.
+[[File:Cyber_Security_Vs_Information_Security.png|200px|Cyber Security Vs Information Security]]<br />
@@ Line 47: / Line 52: @@
 === Managing Cyber Security<ref>Managing Cyber Security [https://digitalguardian.com/blog/what-cyber-security Digital Guardian]</ref> ===
 The National Cyber Security Alliance, through SafeOnline.org, recommends a top-down approach to cyber security in which corporate management leads the charge in prioritizing cyber security management across all business practices. NCSA advises that companies must be prepared to “respond to the inevitable cyber incident, restore normal operations, and ensure that company assets and the company’s reputation are protected.” NCSA’s guidelines for conducting cyber risk assessments focus on three key areas: identifying your organization’s “crown jewels,” or your most valuable information requiring protection; identifying the threats and risks facing that information; and outlining the damage your organization would incur should that data be lost or wrongfully exposed. Cyber risk assessments should also consider any regulations that impact the way your company collects, stores, and secures data, such as [[Payment Card Industry Data Security Standard (PCI DSS)|PCI-DSS]], [[Health Insurance Portability and Accountability Act (HIPAA)|HIPAA]], [[Sarbanes Oxley Act (SOX)|SOX]], [[Federal Information Security Management Act (FISMA)|FISMA]], and others. Following a cyber risk assessment, develop and implement a plan to mitigate cyber risk, protect the “crown jewels” outlined in your assessment, and effectively detect and respond to security incidents. This plan should encompass both the processes and technologies required to build a mature cyber security program. An ever-evolving field, cyber security best practices must evolve to accommodate the increasingly sophisticated attacks carried out by attackers. Combining sound cyber security measures with an educated and security-minded employee base provides the best defense against cyber criminals attempting to gain access to your company’s sensitive data. While it may seem like a daunting task, start small and focus on your most sensitive data, scaling your efforts as your cyber program matures.

@@ Line 1: / Line 1: @@
 '''Cybersecurity''' is the practice of protecting systems, [[Network|networks]], and [[Computer Program|programs]] from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal [[Business Process|business processes]].<ref>Defining Cybersecurity [https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html Cisco]</ref>
@@ Line 34: / Line 43: @@
 *Install a firewall. Firewalls may be able to prevent some types of attack vectors by blocking malicious traffic before it can enter a computer system, and by restricting unnecessary outbound communications. Some device operating systems include a firewall. Enable and properly configure the firewall as specified in the device or system owner’s manual.
 *Be suspicious of unexpected emails. Phishing emails are currently one of the most prevalent risks to the average user. The goal of a phishing email is to gain information about you, steal money from you, or install malware on your device. Be suspicious of all unexpected emails.

← Older revision		Revision as of 14:10, 22 May 2020
Line 9:		Line 9:
	*Man-in-the-Middle Attack: Man-in-the-Middle (MitM) attacks occur when criminals interrupt the traffic between a two-party transaction. For example, criminals can insert themselves between a public Wi-Fi and an individual’s device. Without a protected Wi-Fi connection, cyber criminals can sometimes view all of a victim’s information without ever being caught.		*Man-in-the-Middle Attack: Man-in-the-Middle (MitM) attacks occur when criminals interrupt the traffic between a two-party transaction. For example, criminals can insert themselves between a public Wi-Fi and an individual’s device. Without a protected Wi-Fi connection, cyber criminals can sometimes view all of a victim’s information without ever being caught.
	*Zero-day attack: Zero-day attacks are becoming more-and-more common. Essentially, these attacks occur between a network vulnerability announcement and a patch solution. In the name of transparency and security, most companies will announce that they found a problem with their network safety, but some criminals will take this opportunity to unleash attacks before the company can come up with a security patch.		*Zero-day attack: Zero-day attacks are becoming more-and-more common. Essentially, these attacks occur between a network vulnerability announcement and a patch solution. In the name of transparency and security, most companies will announce that they found a problem with their network safety, but some criminals will take this opportunity to unleash attacks before the company can come up with a security patch.
		+
		+
		+	== Cybersecurity Challenges<ref>Cybersecurity Challenges [https://searchsecurity.techtarget.com/definition/cybersecurity Techtarget]</ref> ==
		+	Cybersecurity is continually challenged by hackers, data loss, privacy, [[Risk Management\|risk management]], and changing cybersecurity strategies. Nothing currently indicates that cyber-attacks will decrease. Moreover, with the more entry points, there are for attacks, the more cybersecurity is needed to secure networks and devices.
		+
		+	One of the most problematic elements of cybersecurity is the continually evolving nature of security risks. As new technologies emerge, and technology is used in new or different ways, new avenues of attack are developed as well. Keeping up with these continual changes and advances in attacks can be challenging to [[Organization\|organizations]], as well as updating their practices to protect against them. This also includes ensuring that all the elements of cybersecurity are continually changed and updated to protect against potential vulnerabilities. This can be especially challenging for smaller organizations.
		+
		+	Additionally, today, there is a lot of potential data an organization can gather on individuals who take part in one of their services. With more data being collected, the likelihood of a cybercriminal who wants to steal personally identifiable information is another concern. For example, an organization that stores personally identifiable information in the cloud may be subject to a ransomware attack, and should do what they can to prevent a cloud breach.
		+
		+	Cybersecurity should also address end-user education, as an employee may accidently bring a virus into a workplace on their work computer, laptop, or smartphone.
		+
		+	Another large challenge to cybersecurity includes a job shortage. As growth in data from businesses become more important, the need for more cybersecurity personnel to analyze, manage and respond to incidents increases. It is estimated that there are two million unfilled cybersecurity jobs worldwide. Cybersecurity Ventures also estimates that by 2021, there will be up to 3.5 million unfilled cybersecurity jobs.
		+
		+	However, new advances in machine learning and [[Artificial Intelligence (AI)\|artificial intelligence (AI)]] have started to be developed to help in organizing and managing data -- although not to the effect needed.