Please enable JavaScript.
Coggle requires JavaScript to display documents.
What is cybersecurity?, application example of CIA Triad:
a bank ATM…
What is cybersecurity?
set of practices used to protect computers, computer servers, mobile devices, various electronic systems, communications, and computer networks, and data from malicious attacks and threats
the practice of protecting systems, networks, and programs from digital attacks.
— CISCO
-
-
Vulnerability
Threat
Exploit
-
a piece of software, data or sequence of commands that takes advantage of a vulnerability to cause unintended behaviour or to gain unauthorised access to sensitive data
malicious act that seeks to damage data, steal data, or disrupt digital life in general
computer as a target
-
Malware
short for malicious software, software intentionally designed to cause damage to a computer, server, client, or computer network
Trojan horse
malware designed to break into electronic and digital devices by disguising the program as a necessary software
SQL injection
incorporating malicious data into the user's digital device to enable the hacker to give unauthorised access to user information
DDOS
big network of devices (botnets) create a large number of fake requests together request the server at the same time
Spyware
unwanted software to infiltrate into a victim's computer in order to have access to their sensitive information and internet usage data without the user's knowledge
Phishing
attackers try to gain access personal information by pretending themselves as concerned competent authorities
-
computer as a tool
Man-in-the-Middle
when an attacker intercepts communications between two parties either to secretly eavesdrop or modify traffic traveling between the two
Social Engineering
uses psychological manipulation to trick users into making security mistakes or giving away sensitive information
Identity Theft
the crime of obtaining the personal or financial information of another person to use their identity to commit fraud
Fraud
use of Internet services or software with Internet access to defraud victims or to otherwise take advantage of them
Spoofing
the act of disguising a communication from an unknown source as being from a known, trusted source
-
-
Best Practices
-
Strong Password
The more characters, different capitalisations, special symbols a password has, the harder it is to “brute-force”
-
-
-
-
-
-
Framework
The NIST Framework
optional framework published by NIST, originally developed to protect critical infrastructure in the US from cyber threats.
5 Elements
- Identify - Identify and understand the threats and risks the organisation is likely to face
- Protect - Protect the organisation’s assets from those threats and risks
- Detect - Detect incidents, such as cyberattacks or other events
- Respond - Respond to incidents, preventing further damage
- Recover - Recover from incidents, evaluating how to prevent reoccurrence cleaning up any damage that occurred
-
Technologies
-
Firewall
A shield or barrier protecting a private network from unauthorised access, secures devices connected to the internet or another network such as a local area network
-
-
Anti-virus
software that protects against computer viruses, a type of malware that self-replicates by inserting its code into other software programs
-
-
-
-
application example of CIA Triad:
a bank ATM which offers users access to cash, bank balances, and other relevant information
-
Integrity
ensuring that any transaction made through the ATM is reflected in the accounting for the user's bank account
-
-
-
-
-
-
-
-
-
-