Introduction And Basic Terminology

This section provides an overview of cybersecurity and its foundational principles, including the CIA Triad (Confidentiality, Integrity, Availability) and the classification of common cyber threats.

Cyber Security: Defining The Digital Domain's Defense

Cyber security entails protecting digital systems from unauthorized access, focusing on confidentiality, integrity, and availability (CIA Triad).

Confidentiality

Confidentiality is a key aspect of cybersecurity that ensures sensitive information is only accessible to authorized users.

Integrity

Integrity in cybersecurity ensures data accuracy and trustworthiness throughout its lifecycle.

Availability

This section explores the concept of availability in cybersecurity, ensuring that authorized users can access information and resources when needed.

Basic Cyber Threats To Cia

This section covers various cyber threats aimed at compromising the foundational principles of the CIA Triad: Confidentiality, Integrity, and Availability.

Threats Primarily Targeting Confidentiality

This section outlines different cyber threats that primarily target the confidentiality of information systems.

Threats Primarily Targeting Integrity

This section explores various cyber threats that primarily aim to compromise the integrity of information and systems, detailing specific types, methods of attacks, and their implications.

Threats Primarily Targeting Availability

This section addresses various cyber threats that primarily affect the availability of information systems and data.

Cyber-Attack Surfaces

The cyber-attack surface encompasses all possible vulnerabilities in an information system that attackers can exploit, highlighting the importance of understanding different types of attack surfaces.

Network Attack Surface

The network attack surface comprises all potential entry points for unauthorized access, emphasizing the critical vulnerabilities present in network configurations and devices.

Software/application Attack Surface

The software/application attack surface refers to all potential vulnerabilities within software applications that can be exploited by attackers.

Human Attack Surface (Social Engineering)

The Human Attack Surface refers to vulnerabilities arising from human interactions and behaviors that can be exploited for malicious purposes, primarily through social engineering techniques.

Physical Attack Surface

The physical attack surface represents the tangible risks associated with the physical access to data and systems, highlighting vulnerabilities that can be exploited by unauthorized individuals.

Supply Chain Attack Surface

This section discusses the vulnerabilities in the supply chain that can be exploited during cyberattacks.

Recent Cyber Security Incidents And Their High-Level Analysis

This section discusses significant recent cyber security incidents, analyzing their methodologies and impacts on the CIA Triad.

Example 1: Colonial Pipeline Ransomware Attack (May 2021)

Example 2: Equifax Data Breach (March-July 2017)

Example 3: Solarwinds Supply Chain Attack (Late 2020)

This section details the SolarWinds Supply Chain Attack, focusing on its sophisticated nature, attack progression, effects on the CIA Triad, and the lessons learned.