Unit 3 Digitisation risk and Cybersecurity Risk Flashcards
What is the difference between digitisation risk and cybersecurity risk?
Digitisation risk - risk of digitising business
Cybersecurity risk - protecting data
5 digital business models (Evans 2017)
Digitising products and services Amazon Running or participating on industry platforms Selling on Amazon Tapping into sharing economy Airbnb Reshaping value networks Uber New models of monetisation Facebook Zipcar
6 risks of digitising a business
Customer dissatisfaction Web site design poor Email correspondence - bad impression Digital payment systems Online anonymity - fraud IT systems require renewal
4 cyber threats
External malicious attacks
Process gaps
Unexpected user actions
Rogue insider activities
6 cyber security functions
Management
Chief Information Security Officer/Chief Cybersecurity
Officer
Cybersecurity Architect
Cyber Audit and Assessment
Audit Manager, Auditor Assessment Specialist
Event Monitoring and Alerts
Security & Events Manager, Security Incident
Responder, Cybersecurity and Network Intrusion
Analysts
Proactive Operations
Access administrators, Security Risk Consultants,,,
Environment Testing
Attack and Penetration Testers (Ethical Hackers),
Vulnerability Assessors
Specialists
Security controls designer, Cryptologist, Cryptoanalyst
What is cybersecurity?
The protection of digital devices and their communication channels to keep them stable, dependable and reasonably free from danger or threat usually by preventing unauthorised access.
Cybersecurity for beginners
What is a digital device?
Any electronic appliance that can create modify, archive, retrieve or transmit information eg desktop computers, smartphones, internet connected home devices.
Cybersecurity for beginners
What is defence in depth?
The use of multiple layers of security techniques to reduce the chance of a successful attack so if one security technique is bypassed there are others to address the attack. Should consider people and operations factors not just technology.
Cybersecurity for beginners
What is cryptanalysis?
Art of examining ciphered information to determine how to circumvent the technique that was used to encode or hide it.
Cybersecurity for beginners
What is the cloud?
Any technology service that uses software and equipment not physically managed or developed by the organisation using it eg applications hosted online SaaS (Software as a Service) IaaS (Infrastructure as a Service) PaaS (Platform as a Service).
Cybersecurity for beginners
What is a vulnerability?
A weakness usually in the design, implementation or operation of software (including operating systems) that could be compromised and result in damage or harm.
Cybersecurity for beginners
What is a vector?
Another word for method eg there were multiple vectors of attack.
Cybersecurity for beginners
What do we mean by bleeding edge?
Using inventions so new they have likelihood to cause damage to their population before they become stable or safe eg BYOD.
Cybersecurity for beginners
What do we mean by BYOD?
Bring your own device network allowing employees to purchase any phone or tablet then use it for company related work.
Cybersecurity for beginners
What is a control?
A method of regulating a process or behaviour to achieve a desired outcome usually the reduction of risk eg a firewall.
Cybersecurity for beginners
What is cyber insecurity?
Suffering from a concern that cyber security weaknesses are going to cause you personal or professional harm.
Cybersecurity for beginners
What is a hacker?
A person who engages in attempts to gain unauthorised access to one or more digital devices.
Cybersecurity for beginners
What is a cyber attack?
To take aggressive or hostile action by leveraging or targeting digital devices. The intended damage is not limited to the digital (electronic environment).
Cybersecurity for beginners
What is an exploit?
To take advantage of a security vulnerability.
Cybersecurity for beginners
What is a threat actor?
Umbrella term for people and organisations who work to create cyber attacks eg cyber criminals, hactivists, nation states.
Cybersecurity for beginners
What is patch management?
Controlled process used to deploy critical interim updates to software. Patches are often released to remove flaws or gaps in a software’s security.
Cybersecurity for beginners
What is malware?
Malicious software - disruptive, subversive or hostile programs that are inserted onto a digital device eg adware, ransomware.
Cybersecurity for beginners
What is a botnet?
Shortened version of robotic network a connected set of programs designed to operate together over the internet to achieve specific purposes good and bad eg denial of service attacks.
Cybersecurity for beginners
What is incident response?
Prepared set of responses to be triggered when an event could cause material damage to an organisation eg breach notification procedures.
Cybersecurity for beginners
What is a breach notification procedure?
Some types of information when suspected they have been lost or stolen must be reported to the authorities within a certain period also the organisation may be required to notify those affected eg customers. Large companies have pre defined breach notification procedures to meet these obligations.
Cybersecurity for beginners
What is a firewall?
Hardware (physical device) or software (computer program) used to monitor and protect inbound and outbound data. Usually deployed at a minimum at each network access point.
Cybersecurity for beginners
What do we mean by Governance?
Methods used by an organisation executive to keep his or her organisation on track with management’s goals and within acceptable performance standards.
Cybersecurity for beginners
What is the CISO Chef Information Security Officer?
A single point of accountability within any organisation for ensuring that an appropriate framework for managing dangers and threats to electronic and physical information assets is operating and effective.
Cybersecurity for beginners
What is a policy?
A high level statement of intent that provides guidance that an organisation follows eg the basic security policy is to prevent unauthorised access to the enterprise’s information.
Cybersecurity for beginners
What is a procedure?
Guidance on the process and methods that should be used to achieve a policy objective.
Cybersecurity for beginners
What is risk?
A situation involving exposure to a significant impact of loss often quantified in terms of its potential impact and likelihood.
Cybersecurity for beginners
What is a denial of service attack?
An attack designed to stop or disrupt usage of an organisations systems usually by targeting a specific device accessible by the internet.
Cybersecurity for beginners
What is a Distributed denial of services attack DDoS
Denial of service attack from multiple source locations. eg a botnet?
Cybersecurity for beginners
What is DLP (Data Loss Prevention)?
Technologies and strategies used to prevent data being taken out of an organisation without appropriate authorisation.
Cybersecurity for beginners
What is privileged account management?
Systems, technologies and processes used to monitor and control the activities of privileged accounts.
Cybersecurity for beginners
What is ethical hacking?
Process by which white hat penetration testing experts assist in finding security weaknesses and vulnerabilities.
Cybersecurity for beginners
What is a red team?
Team of penetration testers working together to test for potential exploits affecting any critical or sensitive system.
Cybersecurity for beginners
What is a penetration test?
Checks or scans any application or system to identify potential security vulnerabilities then identifies the extent to which those vulnerabilities could be exploited in an attack, Usually performed in a test area and emulate same techniques as an attacker.
Cybersecurity for beginners
What is a penetration tester?
Person who performs simulated attempts at attack of a system on behalf of the organisation who controls it.
Cybersecurity for beginners
What is a vulnerability assessment?
Identifies gaps in protection in computer. software application or a network but does not assess how they can be exploited?
Cybersecurity for beginners
What is a backdoor?
A covert method of accessing software or device that bypasses normal authentication requirements.
Cybersecurity for beginners
What is a BCP Business Continuity Plan?
Operational document that describes how an organisation can control its critical products and services to its customers should a substantial event that causes disruption to normal operations occur.
Cybersecurity for beginners
What is a Technical Disaster Recovery Plan?
Operational document that describes process, people information and assets required to put a digital system back in place within a timeline defined by the business continuity plan.
Cybersecurity for beginners
What is EGGE
Acronym for the desirable characteristics of a cybersecurity team.
Ethnically,Geographically, Gender and Educationally diverse.
What is a zero-day attack?
One that is discovered too late to do anything about,
either because it is a new kind of attempt on the security defences of an organisation, or because it is an attack based on a new type of malware.
What is a Digital Quotient?
A measure of your knowledge or familiarity with digital practices. It can be applied to test the digital know-how of the very young (six year-olds), who in 2018 are often ahead of adults.
What does the Cybersecurity Architect do?
He or she proactively designs security into an IT system through a masterplan dealing with security components, such as firewalls, password- protected access points, malware monitoring and so on. As in mainstream architecture, a ‘masterplan’ provides for the future growth of an architect- designed collection of digital devices and components.
What is a Faraday cage?
A Faraday cage is an environment impervious to an electro-magnetic pulse (EMP) which can destroy all data and digital devices with its range.
What is an EMP
Electro-magnetic pulse (EMP) which can destroy all data and digital devices with its range. An EMP is one of the most extreme cyber threats, and can be released as part of a military attack by one country on the digital assets of another.