Cybersecurity Fundamentals
A recent report from Cyber Threatscape points to several primary drivers that influence the cybersecurity threat landscape, such as:
- Cybercriminals leverage new technologies and miscommunication that often emerges from compromised geopolitics.
- Criminal networks are constantly evolving, such as moving toward close-knit syndicates and using legitimate documents to identify victims before they attack.
- Hybrid motives (combining malware characteristics, like self-replication) are worsening the aftermath of cyberattacks, especially for time-critical businesses.
- Improved cybersecurity hygiene is pushing hackers to find new ways to attack businesses, such as targeting their supply chains.
But for many organizations, vulnerability still stems from a lack of understanding cybersecurity fundamentals like how to detect threats. Cybersecurity professionals stress the importance of continuous endpoint monitoring. When done right, the resulting contextual awareness allows security teams to stitch together the framework of an incident and correlate seemingly unrelated events.
Cybersecurity professionals say that while new types of attacks emerge each year, the old ones are also flourishing – such as ransomware attacks.
Also, as large companies continue to get serious about data security, small businesses are becoming increasingly attractive targets—and the results are often devastating for small business owners. Truth is, cyber-attacks destroy small businesses.
Recent surveys conducted by the Small Business Authority, Symantec, Kaspersky Lab and the National Cybersecurity Alliance suggest that many small business owners are still operating under a false sense of cybersecurity. The vast majority of U.S. small businesses lack a formal internet security policy for employees and only about half have even rudimentary cybersecurity measures in place.
Additionally, the proliferation of cyberattacks and data breaches in the last couple of years has showed us that hackers are increasingly after information. Cybersecurity specialists believe an effective cybercrime protection strategy must consist of two elements: preventing physical access to sensitive data and rendering that data useless if it falls into the wrong hands.
One way to neutralize stolen data is through encryption.
Before addressing the physical security requirements, cybersecurity professionals recommend creating a risk profile in establishing effective processes. You should develop an understanding of the context as well as interested parties along with their needs and expectations.
Cybersecurity Fundamentals Course by Tonex
Cybersecurity Fundamental course is a dynamic 2-day training course provided by Tonex, the most trusted provider of cybersecurity training courses, certification, consulting services and research to cybersecurity professionals worldwide.
The 2-day Cybersecurity Fundamental course covers the cybersecurity disciplines dealing with real-world use cases and applications transferring technical, management and policy skills to secure information and infrastructure and combat new attacks.
Our Cybersecurity Fundamental course provides an introduction to a variety of key disciplines fundamental to protecting cyber data, information, critical infrastructure and other assets in the modern digital world.
DoDI 8500.01 Cybersecurity definition: “Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication, and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality, and nonrepudiation.
Participants will learn what cybersecurity is, how it has been evolved , and how cybersecurity frameworks can be applied across a wide range of industries and contexts. This course will also provide an introduction to the Risk Management Framework (RMF) and other technical and non-technical skills that are key knowledge and skills in the cybersecurity domain.
During this course, participants will gain the professional and academic knowledge and skills foundations to become familiar with cybersecurity and start protecting cyber assets.
Course Key Topics:
- Introduction to Cybersecurity
- Fundamentals of Information, Data, Communications, Infrastructure and System Security
- Applications of Cybersecurity
- Overview of Risk Management and Risk Management Framework (RMF)
- Cybersecurity Law, Policy, Regulations and Analysis
- Cyber Management Theory and Practice
Course Schedule- Topics & Activities
Course Requirements
- Homework: Students will receive a set of practice problems. These problems will be due on the second day of the training.
- Quizzes: There will be a daily quiz. These quizzes will cover any material mentioned in class.
- Team Project: Participants will work on a case study project. Each group of five students will have three project topics to choose from. Each group will be required to complete ONE 1-page paper, and give a 10-minute presentation.
The course draws key topics from the U.S. Commerce Department’s National Institute of Standards and Technology (NIST) Framework for policy and management planning and DoD Risk Management Framework (RMF).
Cybersecurity is implemented to increase a system’s capability to protect, detect, react, and restore, even when under attack from an adversary.
Prerequisites
None. There are no prerequisites for this course
Learning Objectives
Upon completion of this course, the participants will:
- Learn about cybersecurity principles and key disciplines that support cybersecurity capabilities
- Gain a deep perspective on cyber assets including information and data, computer science, programming, hardware, embedded systems and software, IT architecture, communication networks, risk management, program and project management, regulation, laws, standards and national and global institutions and their influence on cybersecurity policies and standards
- Become familiar with key concepts around vulnerabilities, cyber-based threats, threat vectors and Risk Management Framework (RMF)
- Learn about system security architecture and data flows, extracting Cybersecurity requirements, common methods of cyber attacks and exploits, protection and recovery methods and principles
- Gain fluency in risk management, tools to assess and mitigate risk and integrating the Cybersecurity Risk Management Framework (RMF) into the System Acquisition Lifecycle
- Gain a deep appreciation on cybersecurity quantitative disciplines including cybersecurity program and project management, risk quantification, management, Earned Value Management (EVM), and cost-benefit analyses
- Explore how to plan and execute, and conducting cybersecurity process
Course Topics
Introduction to Cybersecurity
- Basics of Cybersecurity
- Cybersecurity Domains and Assets
- Security of Networks, Systems, Applications, Information and Data
- Principles of CIA (Confidentiality, Integrity, Availability)
- Common Vulnerabilities and Exposures
- Threats and Security Controls
- Cryptography Fundamentals
- Symmetric and Asymmetric key Encryption
- Elliptical Curve Cryptography
- Quantum Cryptography
- Digital Signature
- Public Key Infrastructure (PKI)
- Cryptocurrency Hijacking
- Malware
- Phishing
- Distributed Denial of Service (DDoS) attacks
- Social Engineering Attacks
- Cybersecurity Controls
- Discovery, Footprinting, and Scanning
- Security Architecture
- Security Policies
- Cybersecurity Roles: Governance, risk management, & compliance
- Principles of Risk Management and Risk Management Framework (RMF)
- Business Continuity and Disaster Recovery
- Incident Response and Computer Forensic
Overview of Cybersecurity Domains and Assets
- Generic
- Data and Information Security
- Computers and Servers
- Technology
- Operational
- Management
- Communications and Networking
- Tactical Links and Assets
- Managing User Security
- Controlling Physical Environments and User Actions
- Protecting Host Systems
- Network Security and Network Threats
- Wireless Network Security
- Encryption and Cryptography
- Threats to Data
- Penetration Testing
- Cloud Computing
Overview of Cybersecurity Threats
- A drive-by Download
- Password Cracking Application
- Distributed Denial-of-Service (DDoS)
- Domain Shadowing
- Drive-by-Download
- Intrusion
- Malicious Codes
- Malvertising
- Malware
- Virus, Worm, Trojan Horse and Bots
- Man-in-the-Middle (MitM) attack
- Phishing
- Rogue software
- Spyware
Common Attack Types and Attack Vectors
- Threat vectors
- Attack attributes
- Non-adversarial threat events
- Malware & attack types
- Cybersecurity Roles
- Cybersecurity Structure and Governance
- Tampering systems and data stored within
- Exploitation of resources
- Unauthorized access to the targeted system and accessing sensitive information
- Disrupting normal functioning and operation of the business and its processes
- Using ransomware attacks to encrypt data and extort money from victims
Overview of Cybersecurity Processes
- Identity
- Protect
- Detect
- Respond
- Recover
- Process controls
- Vulnerability Management
- Vulnerability Scans and Assessment
- Penetration Testers
- Blue and Red Team Structure and Tasks
Overview of Cybersecurity Controls
- AC (Access Control)
- AT (Awareness and Training)
- AU (Audit and Accountability)
- CA (Security Assessment and Authorization)
- CM (Configuration Management)
- CP (Contingency Planning)
- IA (Identification and Authentication)
- IR (Incident Response)
- MA (Maintenance)
- MP (Media Protection)
- PE (Physical and Environmental Protection)
- PL (Planning)
- PM (Program Management)
- PS (Personnel Security)
- RA (Risk Assessment)
- SA (System and Services Acquisition)
- SC (System and Communications Protection)
- SI (System and Information Integrity
Overview of Advanced Persistent Threats (APT)
- Overview of major APT Attacks
- Sources of APT Threat
- Intelligence Agencies
- criminal Groups
- Terrorist Groups
- Activist Groups
- Armed Forces
Enterprise Risk of Successful APT Attack
- Loss of Availability
- Loss of Intellectual Property (IP)
- Loss of personal Information
- Contractual Breaches
- Financial Loss
- Reputation Damage
The “Cyber Kill Chain”
- Sequence of activities and events
- conducted by an attacker to carry out an APT attack
- Reconnaissance
- Weaponization
- Delivery
- Exploitation
- Installation
- Command and Control (C2)
- Action of Objectives
Cybersecurity Fundamentals