General Cybersecurity

Cybersecurity (also “Information Security” or “IT Security”) is the practice of protecting systems, networks, and programs from digital attacks through the implementation of technical, organizational, and physical controls. These cyber attacks typically aim to access, change, or destroy sensitive information, disrupt normal operations, or extort organizations, being fundamental for organizations to implement defense in depth strategies, risk management, and incident response to protect their information assets and maintain the confidentiality, integrity, and availability of their systems and data.

What is Cybersecurity?

Cybersecurity is the set of technologies, processes, and practices designed to protect networks, devices, programs, and data from attacks, damage, or unauthorized access.

Fundamental Concepts

Information Security

Information security refers to the protection of information and information systems against unauthorized access, use, disclosure, disruption, modification, or destruction.

Network Security

Network security is the practice of protecting a computer network from intruders, whether targeted attackers or opportunistic malware.

System Security

System security focuses on protecting operating systems and applications from threats.

Basic Principles: CID/CIA

Confidentiality (Confidentiality)

Ensure that information is only accessible by authorized persons.

Integrity (Integrity)

Ensure that information is not modified without authorization.

Availability (Availability)

Ensure that information and resources are available when needed.

Common Threats

Security Breaches

A security breach is an incident that results in unauthorized access to data, applications, services, networks, or devices.

Attack Vectors

An attack vector is the method or route that an attacker uses to access a system or network.

Patient Zero

Patient Zero is the first case identified in a malware outbreak or security incident.

IOC (Indicators of Compromise)

Indicators of Compromise are observable artifacts in a system or network that indicate an intrusion.

APT (Advanced Persistent Threat)

Advanced Persistent Threats are prolonged and targeted cyber attacks.

Operational Continuity

Operational continuity is an organization’s ability to maintain critical functions during and after an incident.

Related Concepts

• CID / CIA (Confidentiality, Integrity, Availability) - The three fundamental pillars of information security
• Security Breaches - Incidents that compromise security
• Attack Vectors - Methods used by attackers
• Patient Zero - First system compromised in an incident
• IOC - Indicators of compromise
• APT - Advanced persistent threats
• SIEM - Central tool for security event management
• SOAR - Incident response automation
• EDR - Endpoint detection and response
• Firewall - First line of defense in networks
• VPN - Secure connections for remote access

References

• NIST Cybersecurity Framework
• ISO/IEC 27001
• CIS Controls