Introduction to Cyber Security

and CET324 module

1
 Objectives
• To introduce the module.
• Module assessment.
• Study requirements.
• Set context for learning and teaching.
• Provide overview of cybersecurity
environment.
• Consider employability opportunities in
cybersecurity
2
 Nature of the Module
• The focus of the module is to identify cybersecurity issues and deconstruct
the issues using empirical evidence and research.

• Share and discuss experiences and situations in order to stimulate thought

and debate.

• Consider role of programming in developing the cybersecurity professional.

• Encourage wide reading on subjects and informed discussion of topics.

• Utilise problem based learning.

• Help to formulate individual student perspective and viewpoint.

3
 Assessment
• 2 pieces of summative assessments:
– First assessment is a technical report.

– Second assessment a consideration and application of

coding in cybersecurity.

• A series of formative assessments:

– exercises in labs / seminars,

– keep in reflective portfolio.

4
 Suggested Reading
• Anderson, R. J., (2008) Security Engineering: A Guide to Building Dependable Distributed Systems, 2 nd edition, J.
Wiley and Sons
• Bainbridge, D., (2007) Introduction to Information Technology Law, Longman
• Bartlett, J., (2014) The Dark Net, Corner Stone Digital
• Calder, A. and Watkins, S., (2015) IT Governance: An International Guide to Data Security and
ISO27001/ISO27002, Kogan Page
• Howard, M., LeBlanc, D., and Viega, J., (2009) “24 Deadly Sins of Software Security: Programming Flaws and How
to Fix Them”, McGraw Hill Osborne
• Llyod, I. J., (2011) “Information Technology Law”, 6th edition, Oxford University Press
• Martin, K. M., (2012) “Everyday Cryptography: Fundamental Principles and Applications”, Oxford University Press
• Mowbray, T. J., (2013) Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions, J. Wiley
and Sons
• Panko, R., R., (2010).  Corporate Computer and Network Security, 2nd edition, Pearson Education
• Pfleeger, C. P., Pfleeger, S. L. and Margulies, J., (2015) Security in Computing, 5th edition, Prentice Hall
• Rao, U. H. and Nayak, U., (2014) “The InfoSec Handbook: An Introduction to Information Security”, Apress
• Shostack, A., (2014) Threat Modeling: Designing for Security, John Wiley and Sons
• Singer, P. W. and Friedman, A., (2013) “Cybersecurity and Cyberwar: What Everyone Needs to Know”, Oxford
University Press
• Stallings, W., (2003), Cryptography and Network Security: Principles and Practices, 3 rd edition, Pearson Education
• Stallings, W., (2006), Network security essentials (International edition), 3 rd Ed, Prentice-Hall

5
 Educator’s Responsibility
• To encourage ethical and professional behaviour in cybersecurity.

• To encourage challenging thinking and critical analysis in the cybersecurity domain.

• To help you to become aware of actual and potential challenges and problems.

• To sensitise students to moral dilemmas they will face as part of their academic and
professional lives.

• To consider the interdisciplinary nature of cybersecurity expertise ranging from

computer science and cryptography through to economics, sociology, psychology
and law.

6
 Module Topics
• Concepts in cybersecurity

• Principles in secure design

• Managing risks, threats and attacks

• Computer security

• Network security

• Internet security

• Security in Emerging Technologies

• Legal, social, ethical and professional issues in the context of cybersecurity

7
 Skills employers are looking for
Short video: skills requirements https://www.youtube.com/watch?v=WIwCUL5Vex0

• Systems security, web application security, mobile security

• Networking and networking protocols
• Mastering different operating systems
• Security background
• Writing and reporting skills
• Programming / scripting skills
• Good technical fundamentals
8
 The Cybersecurity Skills Gap….

1.5 million 62% too few

shortfall infosec people
by 2020
6% under 30

57% can’t find

the right people

9
 Key Security Concepts

Confidentiality Integrity Availability

• Preserving • Guarding against • Ensuring timely

authorized improper and reliable access
restrictions on information to and use of
information access modification or information
and disclosure, destruction,
including means including ensuring
for protecting information
personal privacy nonrepudiation To complete the picture:
and proprietary and authenticity
information
1. Authenticity
2. Accountability
10
 Levels of Impact
Moderat
Low e High
The loss could be
The loss could be The loss could be
expected to have
expected to have expected to have
a severe or
a limited adverse a serious adverse
catastrophic
effect on effect on
adverse effect on
organizational organizational
organizational
operations, operations,
operations,
organizational organizational
organizational
assets, or assets, or
assets, or
individuals individuals
individuals

11
 Vulnerabilities, Threats
and Attacks
• Categories of vulnerabilities
• Corrupted (loss of integrity)
• Leaky (loss of confidentiality)
• Unavailable or very slow (loss of availability)
• Threats
• Capable of exploiting vulnerabilities
• Represent potential security harm to an asset
• Attacks (threats carried out)
• Passive – attempt to learn or make use of information from the system
that does not affect system resources
• Active – attempt to alter system resources or affect their operation
• Insider – initiated by an entity inside the security parameter
12
• Outsider – initiated from outside the perimeter
 Passive and Active Attacks
Passive Attack Active Attack
• Attempts to alter system
• Attempts to learn or make use of resources or affect their
information from the system but operation
does not affect system resources • Involve some modification of
the data stream or the creation
• Eavesdropping on, or monitoring of, of a false stream
transmissions • Four categories:
• Goal of attacker is to obtain – Replay
information that is being transmitted – Masquerade
• Two types: – Modification of messages
– Denial of service
– Release of message contents
– Traffic analysis
13
Countermeasures
Means used to
deal with
security attacks
• Prevent
• Detect
• Recover

Residual
vulnerabilities
may remain

Goal is to
May itself minimize
introduce new residual level of
vulnerabilities risk to the
assets 14
 CyberSecurity
What are the objectives of cybersecurity?

• Reduce risk
• Minimize attack
• Identify breaches
• Build trust

15
 CyberSecurity
What are the objectives of cybersecurity?
• Reduce risk
• Minimize attack
• Identify breaches
• Build trust

• Cyber security incorporates a range of domains, including

– Application of information security standards
– Implementation of secure infrastructure
– Education of users
– Creation of appropriate organisations

• In order to prepare for and attempt to prevent attacks we need to be aware

of the security implications and issues in terms of systems security and
information security 16
 Trends have shaped cybersecurity
• The increasing economic value of information

• Computer networks are is part of the critical national framework

• Third parties control information not under our control

• Criminalisation of the internet

• Ever increasing complexity of networks

• Slower patching, faster exploits

• Sophistication of threats

• End user as attacker Video: https://www.youtube.com/watch?v=AuYNXgO_f3Y

• Regulatory pressure
17
Adapted from Scheiner (2006)
 Rationale for Protection
• Cybersecurity is required in order to protect systems, data and information
• We need to understand what the data and information is worth in order to
determine the appropriate level of protection
• Value can be defined or perceived
– Impact on Talk Talk

• https://www.theguardian.com/business/2015/oct/23/talktalk-cyber-attack-
company-unsure-how-many-users-affected

– Impact of WannaCry on NHS

• https://www.chroniclelive.co.uk/news/north-east-news/nhs-cyber-attack-c
ould-been-13818484
• https://www.theguardian.com/technology/2017/may/13/nhs-workers-and-
patients-on-how-cyber-attack-has-affected-them 18
 Introduction to Cyber Security Policies
and Procedures
Principle of least privilege
1. Grant access only to those who need it
2. Grant as little access as possible
3. Grant it only for as long as needed

Principle of separation of risk

1. Removal of important elements from close proximity – avoids
cascade
2. Separate application, host, network and business risk
3. Separate one application’s risk from another’s
4. Separate multiple systems risks

19
 Introduction to Cyber Security Policies
and Procedures

Defence in Depth
Firewall, IDs, Access Control, File System

Secrecy

Kerckhoff’s principle – the security of a mechanism should not be

dependent on the secrecy of the mechanism

20
 Security Management
• Information classification process
• Security policy
• Risk management
• Security procedures and guidelines
• Business continuity and disaster recovery
• Professionalism, ethics and best practices

21
 Summary
• Cyber security is a domain of growing interest and
influence across all the computing disciplines

• There is a huge skills gap in cyber security locally, nationally

and globally

• This module will be wide ranging and academically

challenging

• Hope you enjoy the module

22
 Lab session
• Individual tasks

– What do you want to get out of this module?

– What objectives do you have in completing this module?

– What topics would you like to cover in the module?

– Do you think having cybersecurity on your CV will enhance your

employability?

• Expand on yes / no

• Group tasks

– Create a poster based on publicizing the importance of cybersecurity –

23
either looking at challenges, risks or opportunities