Cybersecurity Fundamentals Pt 1.

 

I recommend you go to the Cheatsheet for a more dynamic and fun version of learning these terms. Click to find the Complete Cheatsheet

 

🔮 Cyberspace: It is the environment resulting from the interaction of people, software, and services on the internet, which is supported by information and communication technologies.

 

🛡 Stakeholders: It is divided into 2.

• 🔹 Consumers: They make use of services available in cyberspace. People and organizations are part of this.
• 🔹 Providers: They make services available to be used by consumers, such as connectivity services and access to applications.

 

💿 Assets: The main assets are divided into 4

• 🔹 Organizational Assets: They involve important components for the business processes of organizations such as servers, applications, among others.
• 🔹 Personal Assets: They involve important components for people in their interaction with cyberspace (mobile devices, email, etc.)
• 🔹 Physical Assets: They involve components that have a physical presence in reality such as servers, mobile devices, etc.
• 🔹 Virtual Assets: They involve components that are only digital and depend on a Physical Asset that executes them.

 

🍘 Information Security: It refers to the protection of information and information systems against unauthorized access, use, disclosure, interruption, modification, or destruction to provide confidentiality, integrity, and availability.

 

🔑 The 3 Pillars of Security: CID Triad (CIA): They define fundamental aspects of information protection whose affectation implies a security problem.

• 🔹 Confidentiality: It seeks to prevent the unauthorized disclosure and access to the confidential information of the organization.
• 🔹 Availability: It seeks that access to information is not degraded and remains accessible when required.
• 🔹 Integrity: It seeks that the information remains unaltered in the face of accidents or malicious attempts at modification.

 

🍘 Cybersecurity: It is the ability to protect or defend the use of cyberspace from cyberattacks and ensure that security objectives are achieved and maintained. Cybersecurity is part of information security.

 

🐙 Threat Agents: Actor or entity capable of potentially triggering or executing a cyberattack or security incident.

• 🔹 Cybercriminals
• 🔹 Hacktivists
• 🔹 Cyberterrorists
• 🔹 Script kiddies
• 🔹 Insiders/Internal attackers
• 🔹 States or nations
• 🔹 Corporations or other companies

 

🐙 Threats.: Event with the potential to negatively affect assets with respect to the 3 pillars of security.

• 🔹 Threats to organizational groups.
• 🔹 Threats to personal assets.

 

👿 Vulnerability: Weakness or failure in a system that compromises its security.

 

💀 Risk: Methodologically calculated measure resulting from the probability and impact of the materialization of an adverse cybersecurity event.

 

🤖 Control: Action taken by organizations to address a risk and reduce it to an acceptable point.

 

• Access to my Website

Thanks for reading part 1

aiskoa.