Back to Cybersecurity

Module 1: Security Fundamentals

Master the core principles of cybersecurity, risk management, and security frameworks.

What is Cybersecurity?

Cybersecurity is like protecting your house - you need locks on doors (authentication), alarms (monitoring), and insurance (backup plans). It's the practice of protecting systems, networks, and data from digital attacks, theft, and damage.

🛡️ Why Cybersecurity Matters:

  • Data Breaches: Average cost is $4.45 million per breach
  • Ransomware: Attacks happen every 11 seconds
  • Business Impact: 60% of small businesses close within 6 months of a cyberattack
  • Personal Privacy: Identity theft affects millions annually
  • Critical Infrastructure: Attacks can disrupt power, water, healthcare

The CIA Triad

The CIA Triad is the foundation of cybersecurity - three core principles that guide all security decisions. Think of it as the three legs of a stool - remove one and everything falls.

🔒 Confidentiality

Ensuring information is accessible only to authorized people. Like keeping secrets safe.

Examples:

  • • Encryption of sensitive data
  • • Access controls and permissions
  • • Multi-factor authentication (MFA)
  • • Data classification (Public, Internal, Confidential)

Threats:

  • • Data breaches and leaks
  • • Unauthorized access
  • • Social engineering attacks

✅ Integrity

Ensuring data remains accurate and unaltered. Like making sure documents aren't tampered with.

Examples:

  • • Digital signatures and checksums
  • • Version control systems
  • • Audit logs and trails
  • • Input validation

Threats:

  • • Data tampering and modification
  • • Man-in-the-middle attacks
  • • SQL injection

⚡ Availability

Ensuring systems and data are accessible when needed. Like keeping the lights on.

Examples:

  • • Redundancy and backups
  • • Load balancing
  • • Disaster recovery plans
  • • DDoS protection

Threats:

  • • DDoS attacks
  • • Ransomware
  • • Hardware failures

Threat Modeling & Risk Assessment

Threat modeling is like planning home security - identify what you're protecting, who might attack, and how they might do it.

🎯 STRIDE Threat Model:

  • Spoofing: Pretending to be someone else
  • Tampering: Modifying data or code
  • Repudiation: Denying actions taken
  • Information Disclosure: Exposing sensitive data
  • Denial of Service: Making systems unavailable
  • Elevation of Privilege: Gaining unauthorized access

Risk Assessment Formula:

Risk = Likelihood × Impact

// Example:

Threat: SQL Injection on login page

Likelihood: High (common attack, vulnerable code)

Impact: Critical (database access, data breach)

Risk Level: HIGH - Immediate action required

Security Frameworks

Security frameworks are like building codes - standardized guidelines for implementing security.

NIST Cybersecurity Framework

Five core functions for managing cybersecurity risk:

1. Identify

  • • Asset management
  • • Risk assessment
  • • Governance

2. Protect

  • • Access control
  • • Data security
  • • Training

3. Detect

  • • Monitoring
  • • Anomaly detection
  • • Security events

4. Respond

  • • Incident response
  • • Communication
  • • Mitigation

5. Recover

  • • Recovery planning
  • • Improvements
  • • Communication

ISO 27001

International standard for information security management systems (ISMS).

  • • 114 security controls across 14 domains
  • • Certification demonstrates security commitment
  • • Required for many government and enterprise contracts

Security Compliance

Compliance regulations ensure organizations protect sensitive data. Non-compliance can result in massive fines and legal consequences.

GDPR (EU)

General Data Protection Regulation

  • • Protects EU citizen data
  • • Right to be forgotten
  • • Fines up to €20M or 4% revenue

HIPAA (US Healthcare)

Health Insurance Portability Act

  • • Protects health information
  • • Encryption requirements
  • • Breach notification rules

PCI-DSS (Payment Cards)

Payment Card Industry Data Security

  • • Protects cardholder data
  • • 12 security requirements
  • • Regular security testing

SOC 2

Service Organization Control

  • • For service providers
  • • Trust principles audit
  • • Customer data protection

Incident Response

When a security incident occurs, having a plan is crucial. Like a fire drill - practice before the emergency.

1. Preparation

Create incident response plan, train team, set up tools and contacts.

2. Identification

Detect and confirm the security incident, assess scope and severity.

3. Containment

Isolate affected systems to prevent spread, preserve evidence.

4. Eradication

Remove threat from environment, patch vulnerabilities.

5. Recovery

Restore systems to normal operation, monitor for reinfection.

6. Lessons Learned

Document incident, update procedures, improve defenses.

Social Engineering

The human element is often the weakest link. Social engineering manipulates people into revealing confidential information.

⚠️ Common Attacks:

  • Phishing: Fake emails to steal credentials
  • Spear Phishing: Targeted phishing attacks
  • Pretexting: Creating false scenarios
  • Baiting: Offering something to get info
  • Tailgating: Following into secure areas

✅ Prevention:

  • • Security awareness training
  • • Verify requests through official channels
  • • Be skeptical of urgency
  • • Check email addresses carefully
  • • Report suspicious activity

Security Best Practices

For Individuals:

  • ✓ Use strong, unique passwords
  • ✓ Enable MFA everywhere
  • ✓ Keep software updated
  • ✓ Use password manager
  • ✓ Be cautious with public WiFi
  • ✓ Regular backups
  • ✓ Verify before clicking links

For Organizations:

  • ✓ Implement least privilege access
  • ✓ Regular security audits
  • ✓ Employee training programs
  • ✓ Incident response plan
  • ✓ Data encryption at rest and transit
  • ✓ Network segmentation
  • ✓ Continuous monitoring

🛠️ Hands-On Project: Security Assessment

Conduct a security assessment for a fictional small business.

Project Requirements:

  • ✓ Identify assets and classify data
  • ✓ Perform threat modeling using STRIDE
  • ✓ Assess risks (likelihood × impact)
  • ✓ Map to NIST framework
  • ✓ Create incident response plan
  • ✓ Develop security awareness training
  • ✓ Document compliance requirements

📚 Module Summary

You've mastered security fundamentals:

  • ✓ CIA Triad principles
  • ✓ Threat modeling and risk assessment
  • ✓ Security frameworks (NIST, ISO 27001)
  • ✓ Compliance regulations
  • ✓ Incident response procedures
  • ✓ Social engineering awareness

Next: Learn network security and protection techniques!