Week 1

Question 1

What are the 4 parts of the framework for cybersecurity and resilience?

Answer 1

Policy

Mechanism

Incentives

Assurance

Question 2

Explain Policy

Answer 2

Specify objectives (Impact assessment, CIA, security levels)

Question 3

Explain mechanism

Answer 3

Implement security measures (physical, technical, encryption, organizational, security architecture)

Question 4

Explain Incentives

Answer 4

Motives for people (social engineering, fraud triangle, business model, risk appetite, proportionality)

Question 5

Explain assurance

Answer 5

Confidence that measures are meeting objectives (regulatory supervision, audit, monitoring, forensics, learning)

Question 6

Explain confidentiality

Answer 6

Confidentiality : Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.

Question 7

Explain Integrity

Answer 7

Integrity : Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity.

Question 8

Explain Availability

Answer 8

Availability : Ensuring timely and reliable access to and use of information.

Question 9

Explain Auditability

Answer 9

Auditability: ensuring that evidence of all crucial transactions is stored reliably for auditing purposes

Question 10

Difference between Information Security vs. Cybersecurity

Answer 10

Cybersecurity only concerns protection from threats that use cyberspace [narrower], and moreover, does not only cover information assets, but also physical assets, infrastructure, or social effects on society [wider].

Information security focuses on individual organizations; external risks are internalized. Cybersecurity looks at risks in the network as a whole.

Traditionally, information security focuses mostly on prevention, whereas cybersecurity focuses on resilience.

Question 11

What is a cyber-physical system (CPS)?

Answer 11

A cyber-physical system (CPS) is a mechanism that is controlled or monitored by computer-based algorithms, tightly integrated with the Internet and its users. Many of these examples involve Internet of Things (RFID technology) as sensors and actuators.

Examples: smart grid, autonomous vehicles, medical monitoring, public transport, process control, robotics.

Question 12

What is resilience?

Answer 12

Resilience: ability of assets, networks and systems to anticipate, absorb, adapt to (i.e. respond) and/or recover from a disruptive event or incident (PAS 555, 2.25)

Resilience is hard to measure, because safety means absence of incidents, so there is no data available. Resilience is about the capacity or ability, to deal with the unforeseen. Resilience is about trade-offs, for instance between flexibility and redundancy and aspects like cost, environmental impact and risk reduction.

Question 13

What is business resilience?

Answer 13

Business resilience: level of resilience against cyber-attack commensurate with the services, its assessed risk, and risk appetite.

Question 14

what is resilience preparedness?

Answer 14

Resilience preparedness: anticipation, assessment, prevention and preparation for recovery after an incident

Question 15

The total impact of an attack depends on the ability to: (name 4)

Answer 15

• prepare: readiness
• absorb: detect and respond to contain the damage
• recover: get back to business
• adapt: learn from mistakes (increase initial level of security)