Scribd
Upload
157 views4 pages

Advanced Cyber Security

This document discusses advanced cyber security concepts including information technology, operational technology, identity and access management, and network devices. Identity and access management aims to enable the right individuals to access the right resources at the right times for the right reasons through technical systems, policies, and processes that create, define and govern identity information and its relationship to required resources. It is important because if a bad actor can fool the system, the trust basis of the security regime is damaged. Common access control systems include role-based access control, attribute-based access control, and policy-based access control.

Uploaded by

Vibhu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
157 views4 pages

Advanced Cyber Security

This document discusses advanced cyber security concepts including information technology, operational technology, identity and access management, and network devices. Identity and access management aims to enable the right individuals to access the right resources at the right times for the right reasons through technical systems, policies, and processes that create, define and govern identity information and its relationship to required resources. It is important because if a bad actor can fool the system, the trust basis of the security regime is damaged. Common access control systems include role-based access control, attribute-based access control, and policy-based access control.

Uploaded by

Vibhu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Advanced Cyber Security

Information Security Devices


Information Technology
It is the study or use of systems (especially computers and telecommunications) for
1. Storing
2. Retrieving, and
3. Sending information.
SRS
Operational Technology
It is hardware and software that Detects or Causes a change, through the Direct monitoring
and/or Control of Industrial Equipment, Assets, Processes and Events.

National Cybersecurity Center of Excellence (NCCoE)

Identity and Access Management


https://www.uscybersecurity.net/csmag/identity-and-access-management-the-quiet-
disruption-in-security-engineering/
https://public.cyber.mil/idam/idam-in-a-nutshell/
https://www.timeshighereducation.com/unijobs/listing/312437/idam-administrator/
https://www.nccoe.nist.gov/energy/identity-and-access-management-idam

It is the security discipline that enables the right individuals (human and system users that
have been reliably identified) to access the
1. right resources at the
2. right times for the
3. right reasons
Identity and Access Management (IdAM) is the combination of –
1. Technical systems
2. Policies
3. Processes that –
1. Create
2. Define
3. Govern the – Utilization, Safeguarding of identity information,
as well as manage the relationship between an entity, and the resources to which access is
needed. It can be divided into three fundamental capabilities –
1. Manage Digital Identities
2. Authenticate Users
3. Authorize Access to Resources
TPP – CDG – MAA
Access Control Systems
1. RBAC – Role-Based Access Control
2. ABAC – Attribute-Based Access Control
3. PBAC – Policy-Based Access Control

IF A BAD ACTOR CAN FOOL THE SYSTEM INTO THINKING THAT SHE IS A LEGITIMATE USER
THROUGH THE USE OF STOLEN OR OTHERWISE COMPROMISED CREDENTIALS, THE TRUST
BASIS THAT ENABLES THE IDAM SECURITY REGIME IS FATALLY DAMAGED.

IdAM implementations employ multifactor authentication that combines non-password


knowledge factor tools in conjunction with other authentication factors such as tokens (the
“have” authentication factor), biometrics (“are”), and geofencing tools (location-based
authentication factors).

EMPLOYEES COMMIT 60% OF ALL DATA BREACHES


75% of these breaches are malicious
25% are due to poor access management
SOURCE: IBM’S 2016 CYBER SECURITY INTELLIGENCE INDEX
Network Devices – Wired and Wireless
• Hub
• Switch
• Router
• Bridge
• Gateway
• Modem
• Repeater
• Access Point
Endpoints / Edge Devices
Storage Devices
Servers
Infrastructure Devices
Computer Assets
Servers and Storage Networks
Content Management
Intrusion Detection System / Intrusion Prevention System

Security Device Management


Device Configuration
Information Security Audit Preparation
Team Work and Communication
Managing Health and Safety
Data Information Management
Learning and Self Development

You might also like