Almost everything cyber And information security! Cybersecurity is the main line of defense for the next generations to come!
Who would be better to define this for us, but the legendary CISA! Since the definitions are so universal, i’m just going to leave the link here.
https://www.cisa.gov/news-events/news/what-cybersecurity
According to CISA, Cybersecurity is the art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information. It seems that everything relies on computers and the internet now—communication (e.g., email, smartphones, tablets), entertainment (e.g., interactive video games, social media, apps ), transportation (e.g., navigation systems), shopping (e.g., online shopping, credit cards), medicine (e.g., medical equipment, medical records), and the list goes on. How much of your daily life relies on technology? How much of your personal information is stored either on your own computer, smartphone, tablet or on someone else’s system?
There’s so much to learn, and so little time. Let’s start off with the foundations, like how do you protect data or information?
Security within an organization is a combination of frameworks, security controls, policies, and procedures. All of these components are put together to form a strong security posture. Understanding each section adds a significant increase in ones capability to integrate the knowledge in both a enterprise and a personal environment. Every aspect of Information security, network security, or even cybersecurity’s fall under one of the three major security controls.
Security Control Categories
Irrespective of the IT infrastructure’s size, you would want to protect it from various types of security threats. To do that, you need to apply different security measures and ensure that the organization’s assets are protected and safeguarded. These measures are known as security controls, which help you protect the infrastructure, be it physical or logical.
The security controls are implemented to handle risks in different ways. They can be implemented to protect the infrastructure by reducing or eliminating the risks. There is no fixed method of applying security controls in the infrastructure. The number and types of security controls will depend on various factors, including the architecture of the infrastructure, the size of the infrastructure, and the nature of the business.
It is important to note that no control works in isolation. Multiple control mechanisms need to be layered, which is known as defense-in-depth. Many security administrators make the mistake of adding too many security control mechanisms to protect the infrastructure. However, this adds to the complexity of the infrastructure. Therefore, an administrative policy should be implemented to prevent the over implementation of security measures. This policy needs to be measurable, effective, objective, and enforceable.
A security control must involve four key entities – people, processes, operations, and technology. The security controls must also be designed to protect the assets and, more specifically, the information for confidentiality, integrity, authenticity, and availability.
There are three different categories of security controls:
1. Administrative
2. Technical
3. Physical
Administrative
Administrative controls are implemented and applied to the individuals within an organization. The idea of administrative controls is to lay down a set of rules that must be adhered to. Some of the key examples are: • Training • Personnel recruitment • Change management • Access management • Employee screening • Certification programs • Non-disclosure agreements (NDA) • Disaster preparedness and recovery plans
Technical
Technical controls are also known as logical controls, which apply to the systems and devices. These controls can be in software or hardware forms that are used to protect the information assets. Some of the key examples are: • Encryption • Smart cards • Passwords • Firewalls • Routers • Network Authentication • Access Control Lists (ACLs) • Intrusion detection systems
Physical
Physical controls are designed to prevent unauthorized access to the data center’s physical location and the entire infrastructure. Some of the key examples are: • Barricades • Locked doors • Alarm systems • Security guards • Surveillance cameras • Dead-bolted steel doors
Control Types
Each of the control categories can have various types of security controls, which are primarily:
Directive: Directs the users to a specific positive and acceptable behavior.
Preventive: Prevents undesirable events, which can be a risk or a threat, to occur.
Detective: Identifies a security risk, which can be present in a policy, process, or procedure.
Deterrent: Poses a warning that displays the consequences of unacceptable behavior.
Corrective: Defines measures that are designed to react to an incident. These controls are used to either reduce or eliminate a threat.
Recovery: Used to restore a system after an incident.
Compensating: Alternative controls that can be used in place of security controls that were difficult to implement. The compensating control works similarly to the original security control.
Administrative
• Directive: Policies, guidelines • Preventive: Non-Disclosure Agreement (NDA), separation of duties, warning banner • Detective: Investigation, log reviews • Deterrent: Demotion • Corrective: Penalty, administrative leave, termination • Recovery: Business Continuity Planning (BCP), Disaster Recovery Planning (DRP) • Compensating: Supervision, job rotation
Technical
• Directive: Standards • Preventive: User authentication, multi-factor authentication, firewalls, Intrusion Prevention System (IPS), encryption • Detective: Intrusion Detection System (IDS), SNMP • Deterrent: Violation report • Corrective: Update of access privileges, change in firewall policies • Recovery: Backups, rebuilding the system • Compensating: Keyboard logging
Physical
• Directive: Security guard • Preventive: Fences, bollards • Detective: CCTV, sensors • Deterrent: A warning sign • Corrective: Fire extinguishers • Recovery: Reconstruct, rebuild • Compensating: Layered defenses
