IT NS 1 – CYBER SECURITY PRINCIPLES AND EMERGING

CHALLENGES

Chapter I
Introduction to Cybersecurity – Part 3

Introduction
Cybersecurity is a critical issue that affects both individuals and organizations
alike. With the increasing amount of sensitive data being stored and transmitted
electronically, it is essential to maintain robust cybersecurity measures to protect against
cyber-attacks, data breaches, and other malicious activities. However, cybersecurity
measures alone are not enough to protect against these threats. It is also important for
individuals and organizations to be aware of the risks and take proactive steps to prevent
and mitigate them. In this context, cybersecurity awareness plays a crucial role in
promoting safe online behavior and ensuring the security of information systems and data.

Learning Outcome
At the end of the unit, the student should be able to:
 Explain the principles of confidentiality, integrity, and availability in cybersecurity
 Define the different types of cyber-attacks
 Analyze the different risk management frameworks and their application in
cybersecurity.

Learning Content

OPERATIONAL ISSUES IN CYBERSECURITY

Operational issues in cybersecurity are critical concerns for organizations of all sizes and types.
These issues encompass a broad range of topics, including configuration management,
vulnerability management, access management, incident response, compliance, monitoring and
logging, patch management, network security, endpoint security, cloud security, identity and
access management, data protection, physical security, third-party risk management, and
security operations center (SOC) management. Each of these areas requires careful planning,
management, and execution to ensure that an organization's systems and data are protected
from cyber threats. With the increasing frequency and severity of cyber attacks, it is more
important than ever for organizations to prioritize operational issues in cybersecurity and develop
effective strategies for mitigating these risks.

Here is an overview of some common operational issues in cybersecurity:

1. Configuration Management: One of the biggest operational issues in cybersecurity is

configuration management. This includes maintaining consistent configurations across
 systems, applications, and networks, as well as ensuring that any changes to
configurations are properly documented and tested before being deployed.

2. Vulnerability Management: Another major operational issue in cybersecurity is vulnerability

management. This involves identifying and prioritizing vulnerabilities in systems and
applications, and then implementing patches and other remediation measures to address
them.

3. Access Management: Access management is the process of controlling who has access
to what resources within an organization. This includes managing user accounts and
permissions, as well as ensuring that sensitive data is protected through the use of
encryption and other security measures.

4. Incident Response: Incident response is the process of detecting, investigating, and

responding to security incidents. This includes developing an incident response plan,
establishing roles and responsibilities, and conducting regular testing and training to
ensure that the plan is effective.

5. Compliance: Compliance with regulatory requirements and industry standards is a major

operational issue in cybersecurity. This includes ensuring that all systems and applications
meet the necessary security standards, as well as maintaining appropriate documentation
and conducting regular audits.

6. Monitoring and Logging: Monitoring and logging are critical components of cybersecurity
operations. This includes monitoring for suspicious activity, tracking user behavior, and
maintaining comprehensive logs that can be used for forensic analysis in the event of a
security incident.

7. Patch Management: Patch management is the process of identifying and deploying

software updates and patches to address security vulnerabilities. This includes testing
patches before deploying them and ensuring that all systems and applications are up-to-
date with the latest security patches.

These are just a few of the operational issues that organizations must address to maintain
effective cybersecurity. Other issues may include network segmentation, data backup and
recovery, and security awareness training for employees.

Some additional operational issues in cybersecurity:

1. Network Security: Network security involves implementing measures to protect the

organization's network from unauthorized access, such as firewalls, intrusion prevention
systems, and network segmentation.

2. Endpoint Security: Endpoint security involves protecting individual devices such as

laptops, desktops, and mobile devices from threats such as malware and ransomware.

3. Cloud Security: With the increasing adoption of cloud computing, cloud security has
become a critical operational issue in cybersecurity. This includes ensuring that cloud-
based data and applications are properly secured, as well as implementing appropriate
access controls and encryption measures.
 4. Identity and Access Management: Identity and access management (IAM) involves
managing the identities and access permissions of users within an organization. This
includes implementing strong authentication measures, such as multi-factor
authentication, and monitoring user activity to detect unauthorized access attempts.

5. Data Protection: Data protection involves implementing measures to protect sensitive data
from unauthorized access, such as encryption, access controls, and data loss prevention
technologies.

6. Physical Security: Physical security involves protecting the organization's physical assets,
such as servers, data centers, and other critical infrastructure, from theft, vandalism, and
other physical threats.

7. Third-Party Risk Management: Many organizations rely on third-party vendors for various
services, such as cloud hosting or software development. Third-party risk management
involves assessing the security posture of these vendors and ensuring that they meet the
organization's security standards.

8. Security Operations Center (SOC) Management: A Security Operations Center (SOC) is

a centralized unit that monitors and responds to security incidents. SOC management
involves establishing and managing the SOC, including defining roles and responsibilities,
conducting regular training and testing, and ensuring that the SOC has the necessary tools
and resources to be effective.

In conclusion, operational issues in cybersecurity are complex and multifaceted challenges that
organizations must address to ensure the security of their systems and data. These issues
encompass a wide range of topics, from configuration and vulnerability management to access
control and incident response. As cyber threats continue to evolve and become more
sophisticated, it is essential for organizations to prioritize these operational issues and implement
robust security measures to protect against cyber attacks. By addressing these operational issues
through a comprehensive and proactive approach, organizations can help minimize the risk of
cyber incidents and ensure the confidentiality, integrity, and availability of their critical systems
and data.

Teaching and Learning Activities

Assess your understanding of operational issues in cybersecurity and identify areas for
further learning by answering this given checklist:

Operational Issue Comfortable Best

(C) or Want to Practice/Recommendation
(list 10 issues) Learn (W)
1
2
3
4
5
 Operational Issue Comfortable Best
(C) or Want to Practice/Recommendation
(list 10 issues) Learn (W)
6
7
8
9
10
Now that you have answered confidently the activity above, you are now ready to
take the quiz. Login to your Schoology app in your computer or phone and take the quiz,
or contactme if you have problem taking the online quiz.

Recommended learning materials and resources for supplementary reading

 Khan, U., & Ali, W. (2021). A Comprehensive Review of Operational Issues in
Cybersecurity. International Journal of Computer Science and Network Security, 21(3),
39-46.
 National Institute of Standards and Technology (NIST). (2020). Special Publication 800-
53 Revision 5: Security and Privacy Controls for Information Systems and Organizations.
Retrieved from https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final
 Microsoft. (2021). Security Operations Center. Retrieved from
https://docs.microsoft.com/en-us/security/compass/compass-security-operations-center
 SANS Institute. (2021). Critical Security Controls. Retrieved from
https://www.sans.org/critical-security-controls
Flexible Teaching Learning Modality (FTLM) adopted

Face to Face
 Classroom discussion
 Assessment activities
 Hands-on activities

Online (synchronous)
 Zoom Meeting as scheduled
 Messenger Application
Remote (asynchronous)
 Schoology Application. Instructions can be viewed at www.erickabuzo.com/class
 Printed Module


Assessment Task
Login to your Schoology app in your computer or phone and take the online
activity, orcontact me if you have problems in taking the online activity.

References
 Smith, T. J. (2021). Cybersecurity Operations Handbook (2nd ed.). Auerbach
Publications.

 Luiijf, E., & Besseling, K. (Eds.). (2020). Operational Cybersecurity Risk:

Cybersecurity and Resilience (1st ed.). Springer International Publishing.

 Willshere, L., & Abouelmehdi, K. (Eds.). (2019). Cyber Security: Threats and
Operational Challenges (1st ed.). Springer International Publishing.

 Ciampa, M. (2018). Security+ Guide to Network Security Fundamentals (6th

ed.). Cengage Learning., 