What is Cybersecurity? - Welcome to IOBSE...
Transcript of What is Cybersecurity? - Welcome to IOBSE...
Dr. Stephanie CarterCISM, CISSP, CISA
• LO1– Will learn the theological and practitioner definition of
cybersecurity
• LO2– Will learn the dependency between physical and cyber
security domains
• LO3– Will learn the constraints to physical and cyber security
convergence
• LO4– Will learn pros and cons of physical and cyber security
convergence
Learning Objectives (LO)
What is Cybersecurity?
Cybersecurity
• Cybersecurity – The ability to protect or defend the use of cyberspace from cyber attacks (CNSSI 4009)– Cyberspace
• A global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. (CNSSI 4009)
– Cyber Attack• An attack, via cyberspace, targeting an enterprise’s use of
cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information. (CNSSI 4009)
AuditorAnalyst (Security, Forensic)Engineers (Network, Security)Architects (Enterprise, Network, Security)Forensics (Analysts)Intelligence (Analyst, Officers)Information Security OfficerSecurity Officer/Security Guard
LegalHuman ResourceIT AccountingAcquisitionFinancialMarketingSales & ServicesResearch & DevelopmentOperations
CYBERSECURITY
DEFENDERS
ENFORCERS
When you think of cybersecurity, is physical security a part of that
thought?
Security Objectives
Confidentiality
– Ensuring no unauthorized access to data
Integrity
– Ensuring no unauthorized modification of data
Availability
– Ensuring data is always available to authorized subjects
Security Safeguards
Operating Procedures
Physical Security
Management Procedures
Hardware and Software
Security measures used to meet security objectives (i.e., confidentiality, integrity, andavailability) to protect the organization’s most valuable asset – data/information. Thesemeasures are translated in the form of security controls and countermeasures created foreach area.
Administrative
-Preventive
-Detective
-Corrective
Logical (Technical)
-Preventive
-Detective
-Corrective
Physical
-Preventive
-Detective
-Corrective
Controls
Cybersecurity• Deter Potential
Threat• Detect Threats• Monitor/Record
Threats
• Trigger Incident Response
• Assess Threat• Contain Threat• Report Threat• Remediate Threat• Assess Controls• Update polices,
procedures, security documentation
Physical Security• Deter Potential
Threat• Detect Threats• Monitor/Record
Threats
• Trigger Incident Response
• Assess Threat• Contain Threat• Report Threat• Remediate Threat• Assess Controls• Update policies,
procedures, security documentation
Security Interdependencies
• Physical threats have an impact on cyber operations
– Stealing, leaking, compromising information
• Cyber threats have an impact on physical operations
– Automated systems controlling physical access
• Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. (NIST SP 800-53; SP 800-53A; SP 800-27; SP 800-60; SP 800-37; CNSSI-4009)
• The potential source of an adverse event. (NIST SP 800-61)
• Threat – Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. Also, the potential for a threat-source to successfully exploit a particular information system vulnerability. (FIPS 200)
Threats
CONS• Inhibits identity of
vulnerabilities• Hinders proper risk
management• Increases useless investments
in IT, security controls & countermeasures
• Difficult to identify physical intruders
• Poor detecting of cyber infiltration efforts
• Impedes information sharing• Prevents transparency across
the organization
Bridging the Gap
PROS• Effective risk management• Increased security• Alignment of security
processes/goals with business processes/goals
• Increased organization-wide information sharing
• Tips the scale of importance• More thorough investigations• Creates an organizational
culture of diversity and appreciation
Where do we go from here?
Security Safeguards
Operating Procedures
Physical Security
Management Procedures
Hardware and Software
Security measures used to meet security objectives (i.e., confidentiality, integrity, andavailability) to protect the organization’s most valuable asset – data/information. Thesemeasures are translated in the form of security controls and countermeasures created foreach area.
AuditorAnalyst (Security, Forensic)Engineers (Network, Security)Architects (Enterprise, Network, Security)Forensics (Analysts)Intelligence (Analyst, Officers)Information Security OfficerSecurity Officer/Security Guard
LegalHuman ResourceIT AccountingAcquisitionFinancialMarketingSales & ServicesResearch & DevelopmentOperations
CYBERSECURITY
DEFENDERS
ENFORCERS
How is cybersecurity the real threat?
Cybersecurity
• Cybersecurity – The ability to protect or defend the use of cyberspace from cyber attacks (CNSSI 4009)– Cyberspace
• A global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. (CNSSI 4009)
– Cyber Attack• An attack, via cyberspace, targeting an enterprise’s use of
cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information. (CNSSI 4009)
Security Safeguards
Operating Procedures
Physical Security
Management Procedures
Hardware and Software
Security measures used to meet security objectives (i.e., confidentiality, integrity, andavailability) to protect the organization’s most valuable asset – data/information. Thesemeasures are translated in the form of security controls and countermeasures created foreach area.
Questions?