1.1 CYBER SECURITY DEFINITION
1.1 CYBER SECURITY DEFINITION
Definition: Cyber security refers to the protection of information systems (hardware,
software and associated infrastructure), the data on them, and the services they provide,
from unauthorised access, harm or misuse. This includes harm caused intentionally
by the operator of the system, or accidentally, as a result of failing to follow security
procedures.
UK National Cyber Security Strategy
This is a succinct definition but expresses the breadth of coverage within the topic. Many
other definitions are in use, and a document from ENISA surveys a number of these.
The consideration of human behaviours is a crucial element of such a definition—but arguably
still missing is a mention of the impact on them from loss of information or reduced safety,
or of how security and privacy breaches impact trust in connected systems and infrastructures.
Moreover, security must be balanced with other risks and requirements—from a human
factors perspective there is a need not to disrupt the primary task.
A large contributor to the notion of cyber security is Information Security, widely regarded as
comprised of three main elements:
Definition: Information security. Preservation of confidentiality, integrity and availability
of information.
In addition, other properties, such as authenticity, accountability, non-repudiation, and
reliability can also be involved.
ISO 27000 definition
For definitions of the subsidiary terms, the reader is referred to the ISO 27000 definitions .
Through the developing digital age other ‘securities’ have had prominence, including Computer
Security and Network Security; related notions include Information Assurance, and Systems
Security — perhaps within the context of Systems Engineering or Security Engineering.
These terms are easily confused, and it seems that often one term is used when another is
meant.
Many of those terms were subject to the criticism that they place an over-reliance on technical
controls, and focus almost exclusively on information. Stretching them to relate to cyberphysical
systems may be taking them too far: indeed, our working definition above privileges
the notion of information (whilst also mentioning services) — whereas in the case of networkconnected
actuators, the pressing challenge is to prevent unwanted physical actions.
1.2 CYBER KNOWLEDGE AREAS
Our categories are not entirely orthogonal. These are intended to capture knowledge relating
to cyber security per se: in order to make sense of some of that knowledge, auxiliary and
background knowledge is needed — whether in the design of hardware and software, or in
diverse other fields, such as law.
Human, Organisational, and Regulatory Aspects
Risk Management &
Governance
Security management systems and organisational security controls, including standards,
best practices, and approaches to risk assessment and mitigation.
Law & Regulation International and national statutory and regulatory requirements, compliance obligations, and
security ethics, including data protection and developing doctrines on cyber warfare.
Human Factors Usable security, social & behavioural factors impacting security, security culture and
awareness as well as the impact of security controls on user behaviours.
Privacy & Online Rights
Techniques for protecting personal information, including communications, applications, and
inferences from databases and data processing. It also includes other systems supporting
online rights touching on censorship and circumvention, covertness, electronic elections, and
privacy in payment and identity systems.
Attacks and Defences
Malware & Attack
Technologies
Technical details of exploits and distributed malicious systems, together with associated
discovery and analysis approaches.
Adversarial Behaviours The motivations, behaviours, & methods used by attackers, including malware supply chains,
attack vectors, and money transfers.
Security Operations &
Incident Management
The conguration, operation and maintenance of secure systems including the detection of
and response to security incidents and the collection and use of threat intelligence.
Forensics The collection, analysis, & reporting of digital evidence in support of incidents or criminal
events.
Systems Security
Cryptography Core primitives of cryptography as presently practised & emerging algorithms, techniques for
analysis of these, and the protocols that use them.
Operating Systems &
Virtualisation Security
Operating systems protection mechanisms, implementing secure abstraction of hardware,
and sharing of resources, including isolation in multiuser systems, secure virtualisation, and
security in database systems.
Distributed Systems
Security
Security mechanisms relating to larger-scale coordinated distributed systems, including
aspects of secure consensus, time, event systems, peer-to-peer systems, clouds, multitenant
data centres, & distributed ledgers.
Authentication,
Authorisation, &
Accountability
All aspects of identity management and authentication technologies, and architectures and
tools to support authorisation and accountability in both isolated and distributed systems.
Software and Platform Security
Software Security
Known categories of programming errors resulting in security bugs, & techniques for avoiding
these errors—both through coding practice and improved language design—and tools,
techniques, and methods for detection of such errors in existing systems.
Web & Mobile Security Issues related to web applications and services distributed across devices and frameworks,
including the diverse programming paradigms and protection models.
Secure Software
Lifecycle
The application of security software engineering techniques in the whole systems
development lifecycle resulting in software that is secure by default.
Infrastructure Security
Network Security
Security aspects of networking & telecommunication protocols, including the security of
routing, network security elements, and specic cryptographic protocols used for network
security.
Hardware Security Security in the design, implementation, & deployment of general-purpose and specialist
hardware, including trusted computing technologies and sources of randomness.
Cyber-Physical Systems
Security
Security challenges in cyber-physical systems, such as the Internet of Things & industrial
control systems, attacker models, safe-secure designs, and security of large-scale
infrastructures.
Physical Layer &
Telecommunications
Security
Security concerns and limitations of the physical layer including aspects of radio frequency
encodings and transmission techniques, unintended radiation, and interference.
Labels: CYBER SECURITY



0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home