Analogy: From Bank Security to Cybersecurity
Let's use a bank analogy to explain fundamental cybersecurity concepts. Here is a simplified and structured summary of the key terms.
1. The Core Problem: Where the Money Is
Then: The money was in physical banks.
Now: The "big money" is digitized and stored online in IT systems. This shift means cybersecurity is the modern equivalent of bank security.
2. Cybersecurity Concepts Defined
The following table provides a breakdown of key security terms using the bank analogy for clarity.
| Term | Definition | Bank Analogy | IT Example |
| Threat | An action that could cause an adverse effect on a system's operation. | A bank robbery. | A data breach or a malware campaign. |
| Threat Actor | The person or group who carries out a threat. | The bank robber. | The person who writes or distributes malware. |
| Vulnerability | A weakness in a system that can be exploited. | A glass window, an unsecured procedure, or a teller who can be threatened. | A software bug or a design flaw in an application. |
| Exploit | A method or tool used to take advantage of a vulnerability. | Throwing a rock or a crowbar through a window. | A piece of malicious code (the malware itself) that leverages a software bug. |
| Risk | The quantification of a threat, considering its likelihood and potential cost if it occurs. | The probability of a robbery and the financial loss if it happens. | The likelihood of a data breach and the financial or reputational damage it would cause. |
| Control | Measures put in place to protect against threats. Also called countermeasures. | Alarms, cameras, security guards. | Antivirus software, firewalls, and user training. |
3. Types of Security Controls
The transcript breaks down security controls into three main categories:
Technical Controls: Technology-based measures to protect a system.
Examples: Software patches, antivirus, Endpoint Detection and Response (EDR) systems, backup systems.
Administrative Controls: Policies and procedures designed to govern security.
Examples: User training (e.g., teaching users not to click on phishing links), security policies.
Procedural Controls: Specific actions or processes to be followed for security.
Examples: Incident response plans, which dictate how to react when a problem occurs.
The other two specific tools that act as controls:
SIEM (Security Information and Event Management): Acts as an "alarm system" for an IT environment.
SOAR (Security Orchestration, Automation, and Response): A platform for automating and managing incident response.
Key Takeaway
-
Money is no longer in physical banks; it’s digital.
-
Securing IT systems requires understanding threats, actors, vulnerabilities, exploits, risks, and controls.
-
Just like banks protect vaults, IT systems must protect data.
No comments:
Post a Comment