Cyber Defense
In today’s world we have to understand what Cyber means, the original origin comes from Cyberspace; which is "the notional environment in which communication over computer networks occurs”. As a social experience, individuals can interact, exchange ideas, share information, provide social support, conduct business, direct actions, create artistic media, play games, engage in political discussion, and so on, using this global network.
Today we can clearly expand Cyberspace to beyond just connected computers: we now refer to this today as the Internet of Things, if we look at our daily life everything is now connected to Cyberspace. Our sleep is monitored by computers that we wear on our wrist, they wake us up in the morning, they tell us what we need to do, where we need to be, they control the shower temperature and the climate of our homes, they control our fridge, what we see on television and now they drive our cars and help us determine the best way to get to the office and once we get to the office we spend most of our day pushing buttons or sliding our fingers on computers and interacting through cyberspace.
Cyberspace was once a realm of communication but now our way of life is depending on it, our countries governments, economies in which trillions of $ pass through cyberspace each year, our critical infrastructure for energy, healthcare, banking, transportation and water are now at risk on how well we protect and secure the systems and data that control those infrastructures.
The security of cyberspace is more important today than ever before, in 2012 according to Cisco the number of Internet connected devices was 8.7 billion andthis will rise to 15 billion in 2015 and 40 billion by 2020.
Cyber Security is the balance between protecting information and sharing information to authorized digital identities. This derives to three main goals of Cyber Security, which are Confidentiality, Integrity and Availability also commonly known as the CIA Triad.
At ESC Cyber Defense and Cyber Security Division we help transportation, governments, financial and healthcare institutions identify the potential targets and security threats that underlay the confidentiality, integrity and availability of the critical systems and information. We help identify the most likely attackers to prepare for, deter and effective responses for when a cyber security incident occurs.
CIA Triad
The goals of security in a system and information environment result from of these goals: Confidentiality, Integrity and Availability as mentioned previously also known as the CIA Triad.
It is important to understand each of these areas and how they affect the way we utilize the systems and information in the organizations. When applying the appropriate security counter measures in an organizations those countermeasures and proactive preventions will fall into one of these categories below, whether it is preventing unauthorized access to a system via confidentiality or integrity using encryption, secure communications and availability using data backup, disaster recovery scenarios or counter measures against a Denial of Service Attack.
Confidentiality
Confidentiality refers to preventing the disclosure of information to unauthorized individuals or systems. For example, a credit card transaction on the Internet requires the credit card number to be transmitted from the buyer to the merchant and from the merchant to a transaction processing network. The system attempts to enforce confidentiality by encrypting the card number during transmission, by limiting the places where it might appear (in databases, log files, backups, printed receipts, and so on), and by restricting access to the places where it is stored. If an unauthorized party obtains the card number in any way, a breach of confidentiality has occurred.
Confidentiality is necessary for maintaining the privacy of the people whose personal information is held in the system.
Integrity
In information security, data integrity means maintaining and assuring the accuracy and consistency of data over its entire life-cycle. This means that data cannot be modified in an unauthorized or undetected manner. This is not the same thing as referential integrity in databases, although it can be viewed as a special case of consistency as understood in the classic ACID model of transaction processing. Integrity is violated when a message is actively modified in transit. Information security systems typically provide message integrity in addition to data confidentiality.
Availability
For any information system to serve its purpose, the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades.
Ensuring availability also involves preventing denial-of-service attacks, such as a flood of incoming messages to the target system essentially forcing it to shut down.
At ESC Cyber Security it is important to find the right balance across Security Protection Layers, Vulnerability Assessments and People.