Goals of Security in Cybersecurity

In cybersecurity, the primary goal is to protect information assets from various threats, ensuring their confidentiality, integrity, and availability. This lecture provides a comprehensive overview of the key concepts, types of damage, nature of cyber attacks, authorization, risk management, goals of cybersecurity, and the importance of monitoring and auditing.

Key Concepts

1. Definition of Cybersecurity:

• Cybersecurity is the study of methods used to reduce the likelihood of cyber attacks, regardless of their origin or motivation. These attacks target information assets, which include both information and information processing resources.

2. Types of Damage in Cybersecurity:

• Unauthorized Disclosure: Sensitive data accessed without permission.
• Unauthorized Modification: Data altered without authorization.
• Loss of Availability: Data or data processing resources becoming unavailable, either temporarily or permanently.

3. Nature of Cyber Attacks:

• Intentional Attacks: Carried out by malicious parties aiming to damage information assets.
• Accidental Damage: Resulting from accidents or natural disasters, often addressed through measures like data backups.

Authorization in Cybersecurity

4. Authorization in Cybersecurity:

• Individuals: Authorization aligns with personal use and needs.
• Organizations: Authorization is formalized through security policies, which are sets of rules governing security practices.
  • High-level Security Policies: Endorsed by senior management and accessible to all members of the organization.
  • Detailed Policies: Govern specific aspects of cybersecurity, reflected in system configurations like access control settings.

Risk Management

5. Risk Management:

• Involves understanding the value of assets and the magnitude of threats they face.
• Risk Assessment: Cataloging risks and assessing their seriousness to prioritize security measures.
  • Helps allocate limited security budgets effectively to address the most significant risks.

6. Assessing Risks:

• Likelihood: Probability of a risk occurring (e.g., phishing attacks are common; terrorist attacks on systems are less likely).
• Impact: Potential damage if the risk is realized, quantified financially or rated qualitatively (high, medium, low).

Goals of Cybersecurity

7. Goals of Cybersecurity:

• Maintain Security Policies: Ensure the organization’s security policies are upheld.
• Select Appropriate Security Controls: Minimize risks to information assets.
• Continuous Monitoring and Updating: Adapt to new threats and evolving systems.

8. Monitoring and Auditing:

• Continuous Monitoring: Ensures the effectiveness of security controls and tracks the changing security landscape.
• Audits: Include paper-based audits and penetration tests to ensure security controls are effective and to identify vulnerabilities.

Book References for Further Reading

1. “Security Engineering: A Guide to Building Dependable Distributed Systems” by Ross J. Anderson
   • Explores security engineering principles, including the development and implementation of security policies and risk management strategies.
2. “Risk Assessment and Decision Analysis with Bayesian Networks” by Norman Fenton and Martin Neil
   • Focuses on risk assessment methodologies using Bayesian networks to model and analyze risks, applicable to cybersecurity risk management.
3. “The Risk IT Framework” by ISACA
   • Provides a structured approach to risk management in IT environments, including practical guidelines for assessing and prioritizing risks.
4. “Information Security Policies, Procedures, and Standards: A Practitioner’s Reference” by Thomas R. Peltier
   • Offers practical guidance on developing and implementing information security policies and standards within an organization.
5. “Managing Information Security Risks: The OCTAVE Approach” by Christopher Alberts and Audrey Dorofee
   • Describes the OCTAVE approach to risk assessment and management, providing a structured method for identifying and mitigating risks.
6. “NIST Special Publication 800-30: Guide for Conducting Risk Assessments” by National Institute of Standards and Technology (NIST)
   • Comprehensive instructions for conducting risk assessments, including identifying threats, vulnerabilities, and controls, widely used in the field of cybersecurity.

Summary

Lecture 3 focuses on the goals of cybersecurity, emphasizing the protection of information assets from malicious attacks. It covers the types of damage that can occur, the importance of formalized security policies in organizations, and the critical role of risk management. The lecture highlights the need for continuous monitoring and updating of security measures to adapt to evolving threats. The recommended books provide in-depth knowledge on security engineering, risk assessment methodologies, and practical guidelines for developing and implementing effective security policies and controls.