Operational Cybersecurity 1A: Introduction
Kibernetinio saugumo specialistas
Karjeros kelio kursų skyriai
Unit 1: Advanced Networking Concepts
In all likelihood, the device you are using at this very moment is connecting you to the internet over a wireless connection. Perhaps you are at home, in an office building, in a coffee shop, or at an airport. Is the wireless network you are connected to secure? Do you know if anyone is capturing your data? Have you entered a username or password into any webpages? The reality is that most personal and professional computing devices in use today connect to wireless networks. But how do we begin to analyze risks and then secure and protect our wireless networks against those risks? This unit will introduce you to the OPSEC framework and how it is applied to protect users, data, and the wireless networks we all use.
Unit 2: Virtual Local Area Networks
We’ve already seen the critical role played by the physical data network in providing access to data for organizations, employees, and customers. In this unit, we dive a little deeper to see how a specific network configuration tool allows CISOs and network administrators to separate network systems from their data. Once the team has used the OPSEC framework, identified what systems are on the network, and determined how they should be allowed to communicate, the team can employ virtual local area networks (VLANs) as part of a layered defense. To bring these concepts to life, we will go through a case analysis of an attack waged on the 25th largest school district in the United States.
Unit 3: Cryptology, Keys, & Certificates
Encryption is one of the most effective tools available to secure both the files on our systems and the packets that flow across data networks. Encryption is the tool that facilitates the use of digital keys and certificates that are applied to servers and network protocols. You interact with all of these in your everyday use of digital devices while browsing the internet but very likely never realized they were being utilized in the background. For a CISO, this is a best-case scenario. The end user’s equipment and their data are secure, and little or no effort is required on their part. In this unit, we will explore how these technologies work and how to deploy them in a production network. Then, we will look at how encryption technologies power and account for new forms of digital currency.
Unit 4: Assessing Risk
Every day, we make choices in our lives, and naturally, some of these are riskier than others. In this unit, we will be taking a fresh look at risk through a new lens. To start, consider that each business that utilizes technology invites an element of risk into its environment. This is because risks aren’t just about hackers; they include factors such as hardware reliability and the policies that determine how technology should and should not be used in the workplace. When analyzed through a formal risk assessment, these factors provide management teams with actionable information on how to make decisions. The results reveal to companies what their risks are and how they can best invest their time and resources to avoid those risks.
Unit 5: Risk Mitigation & Management
Once the process for a security risk assessment concludes, you will enter the risk mitigation phase. Learning how to mitigate and manage identified risks in the organization is an important part of the CISO’s role. This task incorporates a wide array of skills that are needed to understand the variety of technology platforms involved and the risks associated with each of them. In addition to supporting both legacy and current technologies, the CISO must keep an eye on emerging technologies. The reality is that users begin to operate new devices in the office before a strategy has been developed to manage them safely. The other harsh reality is that, even with exceptional planning implemented to manage risk, there is the constant threat that an attacker will find a way into the network. When it happens, you must be ready!
Unit 6: Assessing & Mitigating Network Attacks
Networks are the objects of constant reconnaissance performed by actors looking for vulnerabilities to exploit. Sometimes, these actors are the good guys looking for a way in so that holes in the network can be patched, but at other times, they are bad guys finding a way into the network before those holes are secured. In either case, the methods employed to gain access to a network are the same. In this unit, we’ll take a deep dive into the technical mitigations that should be considered to minimize these types of network attacks. From physically locking the network closet door to writing the proper firewall rule, there is much to consider when trying to secure a network. This unit will require you to explore the technical part of your CISO brain.
Unit 7: Social Engineering, Email, & File Attacks
The world is an increasingly complicated place. Communications have moved almost completely to digital platforms, and coworkers can now collaborate via phone, video, and email, virtually removing the need to meet in person at all. However, email has an inherent fault: There is an implied trust that what people read on a screen was created by the sender identified in the “From” field. Likewise, we trust that what a “friend” sends us on social media is a genuine message. This is important because, today, digital platforms such as these form a trusted part of our lives. But what happens when threat actors exploit that trust and use these platforms to launch campaigns to gather information about your company’s employees as well as your personal life? It’s time to explore that question by covering the techniques that cybercriminals use and the ways you must continue to build layered defenses to protect information.
Unit 8: Assessing & Mitigating Malware Attacks
Even though malware has been around since the 1970s, we still frequently hear about malicious software attacks being launched against major organizations. It seems logical enough to think of this as a problem that should have been solved by now, so why hasn’t it been? As you progress through this unit, you will discover why malware attacks continue to occur and what next-generation attacks will look like. Along this journey, we will explore how to detect that a system has been infected and investigate the possible recovery strategies. As you now know, even when the OPSEC framework is followed at every step, every connected device represents a potential malware infection.