Cybersecurity Concepts and Strategies

Effective Cybersecurity Training

• Effective training, good policies, and strong security tools are crucial to achieving the highest level of cybersecurity.

Key Concepts in Cybersecurity

Defense in Depth

• Definition: A security strategy that employs multiple layers of diverse security controls rather than relying solely on perimeter defenses.

Security Controls

• Definition: Technologies or procedures implemented to mitigate vulnerabilities and risks, ensuring the confidentiality, integrity, and availability (CIA) of information.

Confidentiality, Integrity, Availability (CIA)

• Confidentiality: Ensures that information is accessed only by authorized individuals.
• Integrity: Assures that information is accurate and unaltered except by authorized parties.
• Availability: Guarantees that information and resources are accessible to authorized users when needed.

Separation of Duties

• Definition: A security policy concept that advocates dividing duties and responsibilities among individuals to prevent ethical conflicts and abuses of power.

Network Segmentation

• Definition: The practice of enforcing a security zone by isolating a segment of the network from the rest.
• Methods of Implementation:
  • Firewalls
  • Virtual Private Networks (VPNs)
  • Virtual Local Area Networks (VLANs)
• Air-Gapped Networks: Refers to a physically separate network or host with no cabling or wireless connections to other networks. Also referred to as segmentation or network segmentation enforcement.

Firewalls

• Functional Role: Used as part of a defense in depth strategy to create a protective barrier at the network edge, where access attempts are most frequent.
• Vulnerability: While firewalls provide an initial layer of protection, they remain susceptible to modern malware and insider threats.
• Complementary Measures: The importance of using antivirus software and keeping software updated to bolster cybersecurity defenses.