Week 4 - Mitigation, patching and insider threats Flashcards
Define security control
any form of safeguard countermeasure to protect CIA of a database or infrastructure against risk
categories of security control directive
encourages less risky behaviour
categories of security control preventative
stops risky actions
categories of security control compensating
security controls that are too difficult to implement, a compensatory control is put in place.
categories of security control detective
controls to identify attacks
categories of security control corrective
controls to minimise impact if a risk materialises.
categories of security control recovery
repair damage after an incident.
cyber security controls consist of
hardware
software
infrastructure
people and cultures
attitudes and processes
procedures and standards
Mandatory controls are?
legislation
legislation can mandate security controls to operate within the law i.e Data protection act 2018
industry-standard regulations
following specific regulations within their industry e.g financial transactions Card industry data security standards
NCSC Cyber Essential
a simple set of guidelines for implementation of security controls to demonstrate compliance.
legislation, standards and regulations are?
the minimum level of security control for compliance
software patching
software updates are designed to eliminate vulnerabilities.
legacy systems are kept because..
cost
risk of disruption to services
NCSC recommends replacement due to risk
Zero days
a vulnerability in an application that is known to authors but not yet realised by hostile actors.
defending against zero days
effective patch management
additional security measure
antivirus, firewall, blocking removable media.
develop a security conscious culture
training and awareness of phishing attacks.
insider threats
someone trusted to work within a system but does not work in that systems interest
employees, contractors, partners, third-party vendors.
factors that increase the risk of insider threats
economic factors
employees unhappy with benefits and wage decrease
cultural factors
employees working overseas - espionage
clashes in cultures
different part of a business having their own cultures causing conflict
political
not inline with the organisation
organisational specific factors
military and security or large income such as pharmaceuticals are prone, employees may take secrets with them.
unintentional insider threats (UIT)
through action or inaction without malicious intent, causes harm
forgetting to lock a computer, fails to update software.
6 psychological characteristics of insider threats frustration
difficult circumstances, negative attitude towards authority, poor social skills
6 psychological characteristics of insider threats computer dependency
prefer to engage in online activities instead of socialising
6 psychological characteristics of insider threats ethical flexibility
inadequate training in ethics and privacy and poor social skills.
6 psychological characteristics of insider threats reduced loyalty
prefer their speciality with hacking with a sense of entitlement and lack of empathy
6 psychological characteristics of insider threats entitlement
believe to have special privilege and become offended if given a task they consider menial or a punishment.
6 psychological characteristics of insider threats lack of empathy
the distancing effect of using computers, attackers fail to recognise the potential or actual impact of their actions
how to reduce insider threat
develop security solutions and workplace condition to minimise threats