Friday, January 22, 2021

1.1 CYBER SECURITY DEFINITION

 1.1 CYBER SECURITY DEFINITION

Definition: Cyber security refers to the protection of information systems (hardware,

software and associated infrastructure), the data on them, and the services they provide,

from unauthorised access, harm or misuse. This includes harm caused intentionally

by the operator of the system, or accidentally, as a result of failing to follow security

procedures.

UK National Cyber Security Strategy 

This is a succinct definition but expresses the breadth of coverage within the topic. Many

other definitions are in use, and a document from ENISA surveys a number of these.

The consideration of human behaviours is a crucial element of such a definition—but arguably

still missing is a mention of the impact on them from loss of information or reduced safety,

or of how security and privacy breaches impact trust in connected systems and infrastructures.

Moreover, security must be balanced with other risks and requirements—from a human

factors perspective there is a need not to disrupt the primary task.

A large contributor to the notion of cyber security is Information Security, widely regarded as

comprised of three main elements:

Definition: Information security. Preservation of confidentiality, integrity and availability

of information.

In addition, other properties, such as authenticity, accountability, non-repudiation, and

reliability can also be involved.

ISO 27000 definition 

For definitions of the subsidiary terms, the reader is referred to the ISO 27000 definitions .

Through the developing digital age other ‘securities’ have had prominence, including Computer

Security and Network Security; related notions include Information Assurance, and Systems

Security — perhaps within the context of Systems Engineering or Security Engineering.

These terms are easily confused, and it seems that often one term is used when another is

meant.

Many of those terms were subject to the criticism that they place an over-reliance on technical

controls, and focus almost exclusively on information. Stretching them to relate to cyberphysical

systems may be taking them too far: indeed, our working definition above privileges

the notion of information (whilst also mentioning services) — whereas in the case of networkconnected

actuators, the pressing challenge is to prevent unwanted physical actions.

1.2 CYBER KNOWLEDGE AREAS

Our categories are not entirely orthogonal. These are intended to capture knowledge relating

to cyber security per se: in order to make sense of some of that knowledge, auxiliary and

background knowledge is needed — whether in the design of hardware and software, or in

diverse other fields, such as law.

Human, Organisational, and Regulatory Aspects

Risk Management &

Governance

Security management systems and organisational security controls, including standards,

best practices, and approaches to risk assessment and mitigation.

Law & Regulation International and national statutory and regulatory requirements, compliance obligations, and

security ethics, including data protection and developing doctrines on cyber warfare.

Human Factors Usable security, social & behavioural factors impacting security, security culture and

awareness as well as the impact of security controls on user behaviours.

Privacy & Online Rights

Techniques for protecting personal information, including communications, applications, and

inferences from databases and data processing. It also includes other systems supporting

online rights touching on censorship and circumvention, covertness, electronic elections, and

privacy in payment and identity systems.

Attacks and Defences

Malware & Attack

Technologies

Technical details of exploits and distributed malicious systems, together with associated

discovery and analysis approaches.

Adversarial Behaviours The motivations, behaviours, & methods used by attackers, including malware supply chains,

attack vectors, and money transfers.

Security Operations &

Incident Management

The conguration, operation and maintenance of secure systems including the detection of

and response to security incidents and the collection and use of threat intelligence.

Forensics The collection, analysis, & reporting of digital evidence in support of incidents or criminal

events.

Systems Security

Cryptography Core primitives of cryptography as presently practised & emerging algorithms, techniques for

analysis of these, and the protocols that use them.

Operating Systems &

Virtualisation Security

Operating systems protection mechanisms, implementing secure abstraction of hardware,

and sharing of resources, including isolation in multiuser systems, secure virtualisation, and

security in database systems.

Distributed Systems

Security

Security mechanisms relating to larger-scale coordinated distributed systems, including

aspects of secure consensus, time, event systems, peer-to-peer systems, clouds, multitenant

data centres, & distributed ledgers.

Authentication,

Authorisation, &

Accountability

All aspects of identity management and authentication technologies, and architectures and

tools to support authorisation and accountability in both isolated and distributed systems.

Software and Platform Security

Software Security

Known categories of programming errors resulting in security bugs, & techniques for avoiding

these errors—both through coding practice and improved language design—and tools,

techniques, and methods for detection of such errors in existing systems.

Web & Mobile Security Issues related to web applications and services distributed across devices and frameworks,

including the diverse programming paradigms and protection models.

Secure Software

Lifecycle

The application of security software engineering techniques in the whole systems

development lifecycle resulting in software that is secure by default.

Infrastructure Security

Network Security

Security aspects of networking & telecommunication protocols, including the security of

routing, network security elements, and specic cryptographic protocols used for network

security.

Hardware Security Security in the design, implementation, & deployment of general-purpose and specialist

hardware, including trusted computing technologies and sources of randomness.

Cyber-Physical Systems

Security

Security challenges in cyber-physical systems, such as the Internet of Things & industrial

control systems, attacker models, safe-secure designs, and security of large-scale

infrastructures.

Physical Layer &

Telecommunications

Security

Security concerns and limitations of the physical layer including aspects of radio frequency

encodings and transmission techniques, unintended radiation, and interference.


Labels:

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home