Security Concepts
Definition and Terms
Cybersecurity refers to any technologies, practices and policies for preventing cyberattacks or mitigating their impact. The aim is to protect computer systems, applications, devices, data, financial assets and people against cyberthreats. 1
-
IBM Topics in cybersecurity - https://www.ibm.com/topics/cybersecurity ↩︎
NIST is the National Institute of Standards and Technology at the U.S. Department of Commerce. NIST Cybersecurity Framework (CSF) offers a taxonomy of highlevel cybersecurity outcomes that can be used by any organization — regardless of its size, sector, or maturity — to better understand, assess, prioritize, and communicate its cybersecurity efforts. 1.
Note: CSF is a recommendation and the framework is voluntary.
-
NIST Cybersecurity Framework (CSF) - https://www.nist.gov/cyberframework ↩︎
Threat refers to the danger to an asset. Assets being anything and everything of value to you. For eg. private data, servers, application, app. Examples of threat - data breach, malware infection, targeted cyber attacks, DDoS attacks.
🔮 Natural disasters also counts. Image if a tornado flew away your house and the USB drive containing your BTC.
Vulnerability refers to the weakness in an asset. For eg. a weak password on your laptop presents a vulnerability which can potentially be exploited by a threat.
🔮 You lost your house and BTC because your house was in an area where tornado occurs a lot. This was a vulnerability.
✒️ How do you track and identify vulnerabilities in cybersecurity?