Scribd
Upload
109 views

Cyber Sec Assignment 1

The document defines cybersecurity and describes its importance. It lists the primary objectives of cybersecurity as confidentiality, integrity and availability. It also describes additional objectives. Finally, it outlines the key principles of cybersecurity architecture including govern, protect, detect and respond.

Uploaded by

swalehemmary8991
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
109 views

Cyber Sec Assignment 1

The document defines cybersecurity and describes its importance. It lists the primary objectives of cybersecurity as confidentiality, integrity and availability. It also describes additional objectives. Finally, it outlines the key principles of cybersecurity architecture including govern, protect, detect and respond.

Uploaded by

swalehemmary8991
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

DAR ES SALAAM INSTITUTE OF TECHNOLOGY

CYBER SECURITY ASSIGNMENT 1


a) Define Cybersecurity

Cybersecurity is the practice of protecting systems, networks, and data from digital attacks, theft,
and damage. It involves implementing security measures to safeguard information, devices, and
infrastructure from cyber threats such as hacking, malware, ransomware, and other forms of
cybercrime. Cybersecurity aims to ensure the confidentiality, integrity, and availability (CIA triad)
of data and systems.

b) Describe the importance of Cyber security

Protects personal data - Cybersecurity measures safeguard sensitive personal data, such as financial
information and PII, from unauthorized access, theft, or misuse, ensuring privacy and reducing
identity theft and fraud risk.
Helps preserve reputation - Effective cybersecurity protects against data breaches and cyberattacks,
maintaining an organization's reputation for reliability and trustworthiness among customers,
partners, and stakeholders.
Enhances productivity - Cybersecurity tools such as firewalls and antivirus software minimize
disruptions from malware and attacks, ensuring smooth operations and enhancing overall
productivity.
Assists the remote workspace - Secure remote connections through VPNs and strong authentication
protect remote employees and company resources, supporting the rise of remote work.
Regulation compliance - Adhering to cybersecurity best practices helps organizations meet
regulatory requirements for data protection, avoiding fines and penalties for non-compliance.
Improves cyber posture - Strong cyber posture involves proactive measures to prevent, detect, and
respond to cyber threats, reducing the likelihood of successful attacks.
Better data management - Cybersecurity practices such as data classification, access controls, and
encryption ensure effective data management, protecting data integrity and reducing breach risks.
Helps maintain trust and credibility - Protecting customer and client data demonstrates a
commitment to security, building trust and credibility with stakeholders and customers.
Streamlines access control - Implementing strict access control policies enhances security while
providing authorized users efficient access to resources, improving user experience and reducing
insider threat risks.
c) List objectives of Cybersecurity
The primary objectives of cybersecurity, often referred to as the CIA triad, include:
Confidentiality - Ensuring that sensitive information is accessed only by authorized
individuals.
Integrity - Ensuring that data remains accurate and unaltered, except by authorized actions.
Availability - Ensuring that data and services are accessible to authorized users when
needed.
Additionally, other objectives may include:
Authentication - Verifying the identity of users and systems to grant appropriate access.
Non-repudiation - Ensuring that a user or system cannot deny a specific action or
transaction.

d) Describe Cybersecurity principles and architecture


1. Govern:
Governance in cybersecurity involves establishing policies, procedures, and standards to
guide security practices across an organization. It encompasses the following:
Risk management: Identifying, assessing, and prioritizing risks to information
systems and data, and implementing controls to mitigate those risks.
Policy development: Creating clear and comprehensive security policies that define
acceptable use, access controls, data handling, and other security practices.
Compliance and regulation: Ensuring adherence to relevant legal, regulatory, and
industry standards.
Training and awareness: Educating employees about security risks and best
practices, fostering a culture of security awareness within the organization.
2. Protect:
Protection focuses on securing information systems and data to prevent unauthorized access
or harm. This includes:
Access controls: Implementing strict access controls to ensure that only authorized
users have access to specific data and systems.
Data encryption: Encrypting data at rest and in transit to protect it from unauthorized
access.
Endpoint security: Protecting devices that connect to the network through antivirus,
antimalware, and endpoint detection and response (EDR) solutions.
Network security: Using firewalls, intrusion prevention systems (IPS), and virtual
private networks (VPNs) to safeguard the network perimeter and internal traffic.
3. Detect:
Detection focuses on identifying and alerting to potential security threats and incidents. This
includes:
Monitoring and logging: Continuously monitoring network traffic and logging
activity for signs of malicious behavior.
Intrusion detection systems (IDS): Using IDS to identify suspicious activity within
the network and alert administrators.
Security information and event management (SIEM): Utilizing SIEM tools to collect
and analyze data from various sources, correlating events to detect patterns of cyber
threats.
Threat intelligence: Gathering and analyzing information about emerging threats and
vulnerabilities to stay ahead of potential attacks.
4. Respond:
Response focuses on the steps an organization takes when a cybersecurity incident occurs,
aiming to minimize damage and restore normal operations. This includes:
Incident response plan: Developing and implementing a structured approach to
respond to security incidents, including containment, eradication, and recovery.
Communication: Establishing clear communication channels and protocols for
informing internal and external stakeholders during an incident.
Forensics and investigation: Analyzing affected systems and data to understand the
cause and impact of an incident and gather evidence for potential legal actions.
Continuous improvement: Learning from incidents and updating security practices
and policies to prevent future occurrences.

You might also like