Principles of

Cybersecurity
 Roles and Responsibilities of Cyber Security
Professionals
IT security professional need to stay up to date with the
latest tactics hackers are employing in the field. In
addition to the high-level responsibilities mentioned
above, some specific duties IT security teams do,
include: Daniel Gallego Olivia Wilson

▪ Set am implement user access controls and identity

and access management systems.
 Roles and Responsibilities of Cyber Security
Professionals
▪ Monitor network and application performance to
identify and irregular activity.
▪ Perform regular audits to ensure security practices are
compliant.
▪ Deploy endpoint detection and prevention tools to
thwart malicious hacks. Daniel Gallego Olivia Wilson

▪ Set up patch management systems to update

applications automatically.
 Roles and Responsibilities of Cyber Security
Professionals
▪ Implement comprehensive vulnerability
management systems across all assets on premises
and in the cloud.
▪ Work with IT operations to set up a shared disaster
recovery/business continuity plan.
Daniel Gallego Olivia Wilson
▪ Work with HR and/or team leads to educate
employees on how to identify suspicious activity.
Three critical
Skills for Cyber
Security
Professionals
1. Strategists
▪ Cyber Security professionals
should be able to proactively
implement security measures and
controls within organizations,
weighing the consequences of any
action. Advanced security
protocols require tactical and
strategic evaluations of
workflows, dependencies,
budgets, and resources.
2. Communications
▪ Management and
communication skills
ensure effective
coordination with teams
and clients. Technology and
security touch every
professional in an
organization.
3. Lifelong Learners
▪ With the pace of development
in IT security, this means
ongoing research, training,
and earning standard
certifications. These
professionals should
constantly be learning new
advanced technology skills to
be able to resolve complex
security issues.
Cybersecurity
Models
What is cybersecurity model?
▪ A cybersecurity model is the cyber security plan or
framework used by an organization to measure an
organization's level of maturity and ability to
identify cybersecurity threats and risk and to guide
the selection of policies, strategies, and programs to
Daniel Gallego Olivia Wilson
defend against threats and mitigate risk.
 3 Primary Frameworks
1. NIST Cyber Security Framework
▪ National Institute of Standards and Technology
(NIST) is a cybersecurity model commonly used
by organizations in the US. Establishing and
communicating your organization’s tolerance
for risk is key to increase program maturity, in
accordance to this model.
 3 Primary Frameworks
The NIST cybersecurity model follows FIVE key
phases to reaching a mature security
management program:
1. Identify - organizations establish a business-wide
approach to cybersecurity management, including an
understanding of the current risks to the network,
what sensitive information lives throughout the
organization, and what critical business operations exist
that need to be protected from cybersecurity threats.
 3 Primary Frameworks
2. Protect - The next step in building program maturity
according to NIST’s cybersecurity model is to organize
and define the defenses necessary to protect the
identified critical pieces of your security program.
3. Detect - This phase is probably what most
organizations dive right into when it comes to
cybersecurity program management, including
establishing the most effective and encompassing
monitoring tools to identify risks efficiently and
effectively.
 3 Primary Frameworks
4. Respond - The fourth step to increase program
maturity according to NISTs cybersecurity model is to
tackle the threats to your organization.
5. Recover - Just as detection and remediation are
important to program maturity, having it in your
management process to schedule time to recover and
reflect on damages will allow for real program
improvements and better protection of your network
in the future.
 3 Primary Frameworks
2. ISO 27000
▪ ISO 27000 is an international standard, created by
the Internal Organization for Standardization (ISO)
to highlight best practices for information security
management systems. This cybersecurity model is
more popular among organizations in the European
Union and focuses attention on the three main
areas of a mature cybersecurity management
program: people, processes, and technology.
 3 Primary Frameworks
The recommendations of the ISO 27000
cybersecurity model is broken down into the
following areas for security managers to use best
practices to reach program maturity:
• Security risk assessment
• Security policy
• Asset management
• Human resources security
• Physical and environmental security
 3 Primary Frameworks
• Communications and operations management
• Access control
• Information systems acquisition, development, and
maintenance
• Information security incident management
• Business continuity management
 3 Primary Frameworks
3. CIS
▪ Critical Security Control (CIS) the final
cybersecurity model many organizations
follow. Designed by the Center for Internet
Security after the US defense industry
experienced a data breach in 2008.
 3 Primary Frameworks
The CIS is broken down into 3 main categories of
controls:
1. Basic Controls (like inventory control, continuous
vulnerability management, and controlled
employee privileges)
2. Foundational Controls (like malware defenses,
data protection, or wireless access controls)
3. Organizational Controls (like training programs
and creation of incident response teams)
 3 Secondary Frameworks
1. HIPAA
▪ Specific to the healthcare sector, the Health
Insurance Portability and Accountability Act
(HIPAA) was created to require healthcare
organizations to protect the privacy and highly
sensitive information of patients.
 3 Secondary Frameworks
The cybersecurity model mainly applies to
healthcare organizations that need to follow
three (3) key components:
1. Administrative requirements
2. Physical security requirements
3. Technical security requirements
 3 Secondary Frameworks
2. PCI DSS
▪ The Payment Card Industry (PCI) Data Security
Standard (DSS) regulations focus on the protection
of consumer payment information stored by card
processing transactions. There are 12 requirements
for an organization to be deemed PCI DSS
compliant, which is required by all companies that
process or transmit cardholder information as part
of their business.
 3 Secondary Frameworks
3. GDPR
▪ The European Union’s General Data Protection
Regulation (GDPR) focuses on the
requirements of organizations in the EU to
protect consumer data. The cybersecurity
model also includes data protection for
information transferred from an EU-based
organization to somewhere else
geographically.
 3 Secondary Frameworks
The GDPR requirements include:
1. Lawfulness, fairness and transparency
2. Purpose limitation
3. Data minimization
4. Accuracy
5. Storage limitation
6. Integrity and confidentiality (security)
7. Accountability
Purpose of the
Cyber Security
Principles
The purpose of the cyber security principles is to
Statistics
provide strategic guidance on how an organization
can protect their systems and data from cyber
threats. These cyber security principles are grouped
into four key activities: govern, protect, detect and
respond.

Customer
Satisfaction
Govern Principles
Statistics
The govern principles are:
• G1: A Chief Information Security Officer provides
leadership and oversight of cyber security.
• G2: The identity and value of systems, applications
and data is determined and documented.
• G3: The confidentiality, integrity and availability
requirements for systems, applications and data
Customer
Satisfaction

are determined and documented.

Govern Principles
Statistics
The govern principles are:
• G4: Security risk management processes are
embedded into organizational risk management
frameworks.
• G5: Security risks are identified, documented,
managed and accepted both before systems and
applications are authorized for use, and
Customer
Satisfaction

continuously throughout their operational life.

Protect Principles
Statistics
The protect principles are:
• P1: Systems and applications are designed,
deployed, maintained and decommissioned
according to their value and their confidentiality,
integrity and availability requirements.
• P2: Systems and applications are delivered and
supported by trusted suppliers.
Customer
Satisfaction
Protect Principles
Statistics
The protect principles are:
• P3: Systems and applications are designed and
configured to reduce their attack surface.
• P4: Systems and applications are administered in a
secure and accountable manner.
• P5: Vulnerabilities in systems and applications are
identified and mitigated in a timely manner.
Customer
Satisfaction
Protect Principles
Statistics
The protect principles are:
• P6: Only trusted and supported operating systems,
applications and computer code can execute on
systems.
• P7: Data is encrypted at rest and in transit between
different systems.
• P8: Data communicated between different systems
Customer
Satisfaction

is controlled and inspectable.

Protect Principles
Statistics
The protect principles are:
• P9: Data, applications and settings are backed up in a
secure and proven manner on a regular basis.
• P10: Only trusted and vetted personnel are granted
access to systems, applications and data repositories.
• P11: Personnel are granted the minimum access to
systems, applications and data repositories required
Customer
Satisfaction
for their duties.
Protect Principles
Statistics
The protect principles are:
• P12: Multiple methods are used to identify and
authenticate personnel to systems, applications and
data repositories.
• P13: Personnel are provided with ongoing cyber
security awareness training.
• P14: Physical access to systems, supporting
Customer

infrastructure and facilities is restricted to authorized

Satisfaction

personnel.
Detect Principles
Statistics
The detect principles are:
• D1: Event logs are collected and analyzed in a
timely manner to detect cyber security events.
• D2: Cyber security events are analyzed in a timely
manner to identify cyber security incidents.

Customer
Satisfaction
Respond Principles
Statistics
The respond principles are:
• R1: Cyber security incidents are reported both
internally and externally to relevant bodies in a
timely manner.
• R2: Cyber security incidents are contained,
eradicated and recovered from in a timely manner.
• R3: Business continuity and disaster recovery plans
Customer
Satisfaction

are enacted when required.

Maturity Modelling
Statistics
the five levels in the maturity model are:
• Incomplete: The cyber security principles are
partially implemented or not implemented.
• Initial: The cyber security principles are
implemented, but in a poor or ad hoc manner.
• Developing: The cyber security principles are
sufficiently implemented, but on a project-by-
Customer
Satisfaction

project basis
Maturity Modelling
Statistics
the five levels in the maturity model are:
• Managing: The cyber security principles are
established as standard business practices and
robustly implemented throughout the organization.
• Optimizing: A deliberate focus on optimization and
continual improvement exists for the
implementation of the cyber security principles
Customer
Satisfaction
throughout the organization.
THANK YOU!