Some good questions

• Does the email sender’s address look correct?

  • Is the company’s URL correct when you hover your mouse over it?

• Does the email or message ask you to take immediate action, or something bad will happen?

  • Your account will be suspended.

  • You owe back taxes and must pay immediately.

  • Etc.

Some good questions

• Does the email or message address you by name?

  • If it reads “Dear Customer,” it’s likely a phishing email.

  • Even if it addresses you by name, it could be a spear phishing (targeted) email.

• Are there any spelling or grammar mistakes in the message?

  • Emails and messages from companies are unlikely to have spelling and grammar mistakes.

• Is it from a person or company you know?

  • Do you have an account at this bank?

  • Are they notifying you about unauthorized activity? (This is a tactic threat actors often use.)

  • Are they asking you to verify your identity or login information?

Some advice

• If you suspect that a message or email is from a threat actor:

  • Click nothing, not even “unsubscribe.”

  • Report the email or message.

  • Delete it.

Some advice

• What should you do it the email or message appears to be from a person or company you know, but you aren’t sure? 

  • Call the person to verify.

  • Type the company’s URL into your browser. Then log in.

  • Contact the company.

How could one mistake from one person affect an org's cybersecurity?

• Someone might: 

  • Accidentally disclose sensitive information by:

    • Responding to a phishing email

    • Using a weak or easily guessable password

• Mishandle sensitive data by:

  • Storing it in unsecure locations 

  • Sharing it through unencrypted channels

• Neglect physical security measures by:

  • Leaving workstations unlocked

  • Losing devices with sensitive information

means information can be accessed only by people who are authorized to see it.

• Measures to ensure confidentiality include:

  • Encryption 

  • Access controls 

  • Authentication mechanisms

Confidentiality

means that the data is stored and transferred as intended and that all modifications are authorized.

• Measures to ensure integrity include:

  • Hashing

  • Digital signatures

  • Checksums to verify that that the data hasn’t been modified

Integrity

means making sure information and resources are available to authorized users when they need it. 

• Ensuring availability means preventing disruptions by maintaining and managing: 

  • Hardware 

  • Software 

  • Network infrastructure

Availability

• Techniques to ensure availability include: 

  • Redundancy

  • Failover systems

  • Regular maintenance

Availability

Uses data and time stamps as well as login information to TRACK CHANGES

ensures data integrity and accountability

Non-repudiation

• Determining what rights individual users should have when accessing a particular resource

• Enforcing those rights

Authorization

Think

• How are accounting (in cybersecurity) and doorbell cameras similar?

  • Both are used to monitor and record activity and provide actionable insights. 

process of documenting user activities on the system

Accounting

• How you logged in

• What time you logged in

• Which programs you worked on and when

• Which websites you visited while browsing the web

• When you logged out

Accounting

• Are there other ways to track user activity?

  • Location tracking

    • Global positioning system (GPS)

    • Geofencing

      • Tracks assets by drawing a line their location

      • If an asset, like a computer, moves outside the line, it could mean the item was stolen.

      • The IT department gets a notification when something moves.

Accounting

That's it! 4.1 is now done...click next