Lecture 1
Overview of Cybersecurity and Information Assurance
Some of the key issues in cybersecurity and information assurance are identify access management, real-time activity monitoring, auditing, and vulnerability management. Cybersecurity security should support the mission on the organization, have explicit responsibilies, require a comprehensive and integrated approach, be periodically reassessed, and be constrained by societal factors.
Common threats:
- Errors and omissions
- Fraud and theft
- Employee sabotage
- Loss of physical and infrastructure support
- Malicious hackers
- Industrial espionage
- Malicious code
- Foreign government espionage
- Threats to personal privacy
Some controls for these threats:
| Management | Operational | Technical |
|---|---|---|
| policies | personnel / user issues | identification and authentication |
| program management | preparing for contingencies and disaster | logical access control |
| risk management | incident reporting and handling | audit trails |
| life cycle planning | security awareness training | cryptography |
| assurance | security considerations in support and operations | |
| physical and environmental security |
Management Controls
- Policies - program policies, issue-specific and system-specific policies, cost considerations, interdependencies
- Program Management - structure of a computer security program, system-level computer security programs, interdependencies, cost considerations
- Risk Management - risk assessment, risk mitigation, uncertainty analysis, interdependcies, cost considerations
- Life Cycle Planning - benefetis of integrating security in the system life cycle planning, overview of the information security life cycle, computer security act issues for Federal systems
- Assurance - accreditation, planning, design and implementation, operational assurance
Operational Controls
- Personnel / User Issues - staffing, user administration
- Preparing for Contingencies and Disasters - Buiness Plan, BCP, DRP
- Incident Reporting and Handling - benefits of an incident handling capability, technical support for incident handling, incident response plans and procedures
- Security Awareness Training - behavior, accountability, awareness, training, education, implementation
- Security Considerations: Support and Operations - user support, software support, configuration management, backups, media controls, documentation, maintenance
- Physical and Environmental Security - physical access controls, fire safety factors, interception of data, mobile and portable systems, failure of supporting utilities, structural collapse, plumbing leaks
Technical Controls
- Identification and Authenication - identification, authenication, passwords, dual factor
- Logical Access Control - access criteria, access control policies
- Audit Trails - benefits, audit trails and logs, audit trail reviews
- Cryptography - basic cryptographic technologies, interdependencies
Last modified January 7, 2020