Cyber security Flashcards
System circumvention
A determined intruder will always be able to circumvent system. No security is 100% safe.
Ensuring cyber security does not necessarily mean it is impossible to gain access – there is a limit to what is reasonable and cost-effective.
ISO 27,001
Outlines cyber security requirements.
To achieve the status – compliance indicates a business achieves recognise acceptable cyber security standards which give customers and supplies more confidence in doing business
SOC2
Provide guidance and security.
There is no certification level just to report from an audit
Stakeholders and human behaviour
We cannot control the actions of stakeholders. They may take shortcuts. This weakens our cyber Security to a breach virus stakeholder.
Cyber security relies on humans being honest and reliable. Phishing and bribery can happen to anyone making this an inherent risk of a security breach.
Cyber security of devices
Wireless devices are less secure than wired. They can be accessed from close proximity.
Devices should not accept USB sticks and file access should be through a secure VPN
Password length, contains unique characters, reset every 30 days.
Training refreshed every year.