Companies that provide a product or service online need to work on the principle of protection, detection, and response in regards to security. In short establish a culture of learning and awareness of cybersecurity.
- You need to recognise threats to online safety
- Taking steps to reduce the risk of online threats
- Understand the concepts including malware, viruses and trojans
- Ensure network security, use cryptography for data and be aware of identity theft through social engineering
An understanding of the three dimensions of the cybersecurity cube is an easy way to ensure all issue are considered in this matter.
The first side of the cube deals with confidentiality, integrity and availability.
CIA means information is only being read by only the right people (confidentiality), data is only being changed by authorised people or processes (integrity) and your information or data can be at all time available to read and use whenever we want (availability). The confidentiality can be ensure by using strong passwords, using two factor authentication, applying cryptography to data and a virtual private network networks when the information is transmitted over the internet. The use of a signed *digital certificates by a third party CA and public/private key exchange can ensure integrity of data over the internet. Here we wish to ensure accuracy, consistency, and trustworthiness of data. Another method of ensuring integrity of data files is by using hashes to ensure files have not been tampered with This involves using an algorithm is set to md2 for example. The availability of data means the it can be accessed by authorised users when require. Backups and antivirus software is used to make sure data is not deleted or corrupted this makes it available. Access control can be used also meaning **authenticated users have access to data only. There is accountability with this access.
Data in transit, data at rest or in storage and data in process. The second dimension of the Cybersecurity Cube focuses on the problem of protecting the data in cyberspace in each of its possible states, data in transit, data at rest or in storage and data in process. Over the internet data in transit can be protect by cryptography and a VPN. Cryptographic. Detecting threats and vulnerabilities to your network can ensure the protection of data at rest. a port scanner and network mapping tool to detect threats and vulnerabilities on a system. This type of tool can determines what hosts are available on a network, what services are running, what operating systems are running, and what packet filters or firewalls are running. If TCP or UDP ports are open you can detect and shut them down. If you need to know the versions of software being used performs a version detection which you can use to research vulnerabilities. Capture SSH keys (RSA, ECDSA) for the host system. Then runs a set of scripts built to test specific vulnerabilities. Wireless data transmission means using the most secure protocols. These are WPA2 PSK meaning Pre-Shared Key (PSK) authentication. Server Firewalls and Router ACLs can be used to protect data at rest and in transit. Data in process means using secure connections to the data such as SSL/TLS protocols. Developing databases which are secure from SQL injections and cross site scripting.
Training, policies and technology. The third dimension is about security measure in the form of training and aware; policies and procedure and technology.
*A digital signature is a mathematical technique used to validate the authenticity and integrity
**Authentication, Authorization, and Accounting by Adding Groups, Users, and Passwords then verifying groups, users, and passwords. Setting symbolic permissions or setting absolute permissions at the command level on an NTP/AAA server. (network time protocol)