Lecture 4 - Cybersecurity Flashcards
What are the problems of cybersecurity according to van den Bergh?
- But difficult to understand.
- A complex beast
- Who fixes it and how? (shared responsibility and privately owned)
Where lies the focus of cybersecurity?
Protection of Systems, Networks & Data -> Against intentional threats
Focus is on Intentional Threat, Cyber Threats and about object of harm (affecting systems).
What are examples of accidental and intentional forms of harm in cyberspace.
Accidental: Error, Outage, Failure
Intentional: Attack, Disruption, Theft Exploit
What are the 3 phases of Cyber Security Incidents?
- Preventing Incidents
- Detecting incidents
- Responding to incidents
What doesd the Preventing Incidents phase of Cyber Security Incidents entail?
- Preventing incidents
a. Risk management
i. The dominant way of thinking about Cyber Security
b. Behaviour change
i. E-learnings etc
c. Governance
i. Policy
What does the detection phase of cyber security incidents entail?
- Detection: noticing incidents
a. average time between intrusion and detection is +- 9 Months
b. Solution: high-quality logging & monitoring
What does the incident response phase of cyber security incidents entail?
a. 4 Phases:
i. Analysis
ii. Containment
iii. Recovery
iv. Learning & Adjustment
How can you analyse who or what causes a cyber incident?
Cyber Accidents Model
What are the 3 sequential elements in the Cyber Accidents Model?>
Actor -> Cause -> Impact
What are examples of actors in the cyber incident model?
- Human Being
- Nature
o Storms etc disturbing critical infrastructure - Animal
o Animals interfering with wiring - System
o Exploding batteries, shorting
What are the two types of causes in human errors?
- Execution Error
o Things you actually do wrong (by accident)
o Two types
Slip - Ex. Falling of the stairs, because you lost focus
- Ex. Losing a USB stick with important data
Lapse - You know the rule, you know how to do, but you forget momentarily
- Planning Error
Rule-based mistake - In principle the rule is correct, but not applicable to this situation
Knowledge-based mistakes - No knowledge about cyber security, so not noticing that default password needed to be changed.