From the course: Cybersecurity Foundations
Introduction to cybersecurity controls
- [Instructor] The term cybersecurity means to protect things in cyberspace from attack. And we do this by using security controls. When designing our controls we need to make sure they're fit for purpose. Firstly, we need to check whether the cost of the control is more or less than the loss associated with the impact of the attack. We often see a curve graph to explain this where we plot the cost of an increasingly powerful control against the benefit it provides. Where the benefit in additional risk reduction outweighs the cost of achieving it, we don't proceed with any further control. Secondly, we need to consider how effective the control is against the threat. The result of assessing the risk based on the likelihood an impact of a threat is known as the inherent risk. When controls are implemented, they'll usually be an acceptably small level of risk remaining which is known as the residual risk. We can apply what's known as a multi-tiered or defense in depth control strategy to mitigate cyber risks. There are four key types of controls that can be applied and it's generally recommended that two or more are used together. The first is deterrent controls. These reduce the threat. An example of this is incarceration which deters would be criminals from carrying out their attacks. Preventative controls are designed to stop the attack from succeeding by not allowing it to get at an asset to exploit a vulnerability. A firewall is one such preventative control, blocking protocols that might be used as attack vectors. Detective controls are used to detect that an attack has taken place. A burglar alarm is a typical detective control. And finally, corrective controls are used to reduce the impact of an incident. And a good example of this is recovery from data backups. The NIST Cybersecurity Framework presents corrective as the respond and recover functional controls. Let's look at an example. In order to protect data from an authorized modification, we firstly apply access controls to ensure that anyone trying to access the data has been authorized. In case this fails, we then monitor for any data changes. If data is changed maliciously, we can recover it by restoring from backup.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
The Orange Book: Early concepts in computer security4m 23s
-
Understanding the NIST Cybersecurity Framework3m 20s
-
Adopting the NIST Cybersecurity Framework2m 51s
-
Understanding the basics of cyber risk4m
-
Analyzing cyber threats and controls1m 59s
-
Recording, reporting, and the risk context3m 32s
-
An advanced risk framework5m 32s
-
Managing security with COBIT3m 47s
-
COBIT for operational security5m 43s
-
Introduction to cybersecurity controls2m 35s
-
Cybersecurity control framework4m 27s
-
Cybersecurity standards of good practice3m 3s
-
-
-
-
-