IT Security

Who

Authentication proves who you are.

What

Authorization defines what you can do.

When

Auditing records when you did something.

Database

Cloud

Jira AWS Security

Middleware

Coding

Applications

Infrastructure

Linux Network Monitoring

Encryption

Security (Safety) Standards

STRIDE

DREAD

CIA

Spoofing

Tampering

Repudiation

Information disclosure

Denial of service

Elevation of privilege

Damage

how bad would an attack be?

Reproducibility

how easy is it to reproduce the attack?

Exploitability

how much work is it to launch the attack?

Affected users 

how many people will be impacted?

Discoverability

how easy is it to discover the threat?

Confidentiality

Integrity

Availability

STA

STAR

PAUSE

Stop

before you send the email, click on the link, post the file, fill out the form, open the door, install the software

Think

Is there data? Should you password protect? Check the link. Check the sender. Do you need permission?

Act

Strong Passwords. MFA. Encrypted email. Locked file sharing sites. Know Policy & Process.

Stop

Do not rush into your jobs

Think

About what you are going to do BEFORE you do it

Act

Do the job SAFELY

Ask

If in Doubt Ask!

Review

Did you do the job as safely as possible?  If not, what can you do to make it safer next  time?
https://thesheshow.com/star-stop-think-act-ask-review

Protect

Resources, Buildings, Yourself

Acceptable Use

Be responsible, Follow standards, Don't bypass Security Software

Understand the Risk

Follow best practice, STAR

Secure Data & Devices

Close & Lock, No tailgating, Screen Lock, Tidy Desk, Permissions and Privileges

Environment

Prioritize Health, Safety & Security, Report Hazards & Incidents, Prepare for Disasters

Auditing

Social Engineering

Manipulating, influencing, or deceiving you into taking some action that isn’t in your own best interest or the best interest of your organization.

"more than 80% of cyberattacks are targeted at humans"

KnowBe4

Phishing

Using emails disguised to look like they are coming from a trusted source.

Spoofing

Making the email addresses that an email is sent from look like it comes from a trusted source.

Spear Fishing

A targeted attack. i.e. the emails are tailored to be more specific to you than other, more opportunistic phishing attacks.

Vishing

Voice Phishing. Gaining information via a phone call.

Smishing

Short Message Service (SMS) phishing.

Pretexting

Using information gathered from social media to create a credible story to build a flase sense of trust.

Quid Pro Quo

Getting something in exchange for something. e.g. a voucher in exchange for clicking on a link.

Tailgating

Gaining access to a secure location by following an authorised person through a secure entry. e.g. someone gaining entry to a room which needs keycard access without having a keycard themselves, by using a door opened by someone who does have a keycard. Often accompanied by social engineering. e.g. by joining in a conversation with the person about to be tailgated.

Insider Threat

An attack originating inside your organisation. The Verizon 2021 Data Breach Investigations Report suggests this accounts for approx 22% of security incidents.

Threat Landscape

Malware

Malicious Software

Ransomware

Malware that encrypts data on your hard drive and demands a ransom in exchange for decrypting the data.

Ransomware variants on Linux...

Steps to mitigate Ransomware attack...

The NIST 3-2-1-1 Rule

Spyware

Malware that allows data harvesting and/or surveillance.

USB Drives

USB drives containing malware. This takes advantage of a person's natural curioisity to find out what's on the drive to install malware onto an otherwise secure computer.

Bad Actor

Data Breach

Data Harvesting

Public WiFi

Never use public WiFi without using a VPN.

Links

Bibliography

https://www.makeuseof.com/tag/security-checkup/https://www.makeuseof.com/category/security/https://www.makeuseof.com/tag/red-alert-10-computer-security-blogs-you-should-follow-today/https://www.makeuseof.com/tag/stay-safe-online-follow-10-computer-security-experts-on-twitter/https://www.youtube.com/user/InfosecCynichttps://en.wikipedia.org/wiki/STRIDE_(security)https://en.wikipedia.org/wiki/DREAD_(risk_assessment_model)https://en.wikipedia.org/wiki/Information_security#Key_conceptshttps://blog.knowbe4.com/https://www.darkreading.com/https://www.csoonline.com/article/567859/what-is-osint-top-open-source-intelligence-tools.html
https://www.cisecurity.org/insights/blog/why-are-authentication-and-authorization-so-difficult
CVSShttps://www.first.org/cvss/specification-document
CVE Detailshttps://www.cvedetails.com/https://www.opencve.io/https://docs.opencve.io/
Phishinghttps://www.makeuseof.com/tag/anatomy-scam-windows-tech-support-con-examined/https://www.makeuseof.com/tag/spotters-guide-fake-virus-malware-warnings/https://www.makeuseof.com/tag/spot-phishing-email/
Insider Threatshttps://financesonline.com/insider-threat-statistics
CipherTrust Data Security Platformhttps://cpl.thalesgroup.com/resources/encryption/ciphertrust-data-security-platform-data-sheethttps://cpl.thalesgroup.com/sites/default/files/content/data_sheets/field_document/2023-03/cdsp-data-security-platform-ds.pdf
Ransomwarehttps://socradar.io/redalert-ransomware-targets-windows-and-linux-mware-esxi-servers/ (RedAlert)https://www.mimecast.com/content/ransomware-backup/https://www.pcrisk.com/removal-guides/28248-c3rb3r-ransomware (C3RB3R)
OSINThttps://osintframework.com/