MODULE 2  Eliminates Unnecessary Work -

eliminates the need for your IT team

Operational security (OPSEC)-is a security
or cybersecurity firm to have to
and risk management process that prevents
manually monitor or scan your
sensitive information from getting into the
network for cybersecurity risks.
wrong hands.
 Catches Unknown Risks
OPSEC first came about through a U.S.  Monitors ALL Network Activity - The
military team called Purple Dragon in the generic image of automated security
Vietnam War. tools is of a pop-up warning you
against some sort of questionable
FOUR PHASES OF THE NIST
software you've downloaded from
 Preparation the internet.
 Detection and Analyst  Protects Against AI - Some of these
 Containment Eradication and AIs and bots can be amazingly
Recovery sophisticated.
 Post-Incident Activity  Monitors EVERY Network Interaction
Threat Detection and Real Time - In some circumstances, where
Monitoring-Cybercrime is one of the security is of the utmost importance,
biggest issues facing today's intensely you need to examine every network
digital, data-driven society. interaction.

Real-time threat detection-refers to the Incident triage- is the step where you
ability of a cybersecurity system to identify evaluate an incident and decide how to
and respond to potential security threats tackle it.
as they happen.  Collect Reports
How Real Time Threat Detection Works  Determine Seriousness
 Gauge Legal Consequences
User and Attack Behavior Analytics - focus  Choose an Investigator
on identifying and responding to threats  Make a Timeline
based on the behavior of users and
attackers within an organization's network. Disaster Recovery (DR)-plans, which were
mainly focused on natural disasters.
Create Intruder Traps - Some things are just
too good to pass up. Security teams
understand this tendency,
Hunting Threats - Real time threat
detection doesn't simply sit around and
wait for cybersecurity threats.
Benefits Of Real Time Threat Detection
MODULE 3 -are strategic, high-level blueprints
that guide an Organization’s
Information Security-is a set of rules,
information security program.
policies and procedures designed to ensure
2. Issue-specific policy
all end users and networks within an
-Issue-specific policies build upon
organization meet minimum IT security and
the generic security policy and
data protection security requirements.
provide more concrete guidance on
The importance of information security certain issues relevant to an
policies: organization’s workforce.
3. System-specific policy
1. Guides the implementation of
-A system-specific policy is the most
technical controls.
granular type of IT security policy,
-A security policy doesn’t provide
focusing on a particular type of
specific low-level technical guidance.
system, such as a firewall or web
2. Sets clear expectations
server, or even an individual
-Without a security policy, each
computer.
employee or user will be left to his or
her own judgment. Development and Implementation of
3. Helps meet regulatory and Security Policies -Refers to the process of
compliance requirements creating, establishing, and enforcing rules
-Documented security policies are a and guidelines within an organization to
requirement of legislation like HIPAA protect its information systems and data.
and Sarbanes-Oxley, as well as
Writing with Proper Tone-Policy should be
regulations and
written in a way that makes sense to its
standards like PCI-DSS, ISO 27001,
intended audience.
and SOC2.
4. Improves organizational efficiency  Be concise
and  Don't temper the message
helps meet business objectives  Use simple
-A good security policy can enhance  Define any term that could potentially
an confuse a reader
organization’s efficiency.  Be creative

SECURITY POLICIES-can vary in scope, Regulatory compliance -is an organization's

applicability, and complexity, according to adherence to laws, regulations, guidelines
the needs of different organizations. and specifications relevant to its business
processes.
TYPES OF SECURITY POLICIES
PCI DSS-Payment Card Industry Data
1. Program policy
Security Standard
HIPAA-Health Insurance Portability and 5. Increased Efficiency:
Accountability Act By establishing clear procedures,
processes, and systems to ensure
SOX-Sarbanes-Oxley Act
regulatory compliance
FISMA-Federal Information Security
Financial Compliance: Organizations must
Management Act
maintain fair, transparent financial records
GDPR-General Data Protection Regulation and refrain from unethical or illegal
CCPA-California Consumer Privacy Act financial practices that harm stakeholders
or consumers.
FDIC-Federal Deposit Insurance Corporation
Cybersecurity Compliance: Cybersecurity
FedRAMP-Federal Risk and Authorization regulations focus on the security and
Management Program privacy of data in IT systems.
What Benefits Can Organizations Gain by Regulatory Compliance: This unique form
Ensuring Regulatory Compliance? of compliance emphasizes the legal
1. Improved Operational Efficiency- obligations an organization faces as part of
Adhering to regulatory its operation.
compliance can help
organizations ensure all
operations are conducted
efficiently and in accordance with
these regulations.
2. Reduced Risk and Liability:
Regulatory compliance helps
organizations stay up to date with
the changing laws and regulations
and abide by them.
3. Improved Public Image:
Organizations that comply with
regulations gain a positive public
image.
4. Greater Resilience:
Organizations that are compliant
are more resilient to changing
regulations, as they already have
systems in place to meet
regulatory demands.
MODULE 4  CEO Fraud: A type of spear phishing
where attackers impersonate a
Cyberattack-is any intentional effort to
company’s CEO
steal, expose, alter, disable, or destroy data,
 Angler Phishing: This type of attack
applications.
happens on social media platforms.
TAD – THREAT ,ATTACK, DEFENSE
1. Keylogger Attack
3. Social Engineering Attack
- cybercriminal sneaks a program
- SOCIAL MEDIA is fun. But learn to
onto your computer that copies
be cyber smart. If you share your
all of your Keystrokes.
DATA unwisely, you make yourself
2. PHISHING attack- the cybercriminal
a target for an ATTACK.
puts out bait in the form of an email.
4. Brute Force Attack
 Email Phishing: The most common
- One attack pattern is called
type of phishing attack.
BRUTE FORCE ATTACK. In a BRUTE
 Spear Phishing: A more targeted
FORCE ATTACK, a cybercriminal
form of phishing where the attacker
tries every possible combination
customizes emails to a specific
of passwords.
individual,
5. Dictionary Attack
 Whaling: A type of spear phishing
- Another type of ATTACK is called
aimed at high-ranking individuals
a DICTIONARY ATTACK. The
like CEOs, CFOs, or other executives.
hacker guesses your password by
 Smishing: Short for "SMS phishing,"
using a computer program to run
this type of attack uses text
through all the words in a
messages
dictionary
 Vishing: Voice phishing attacks
6. Eavesdrop Attack
involve phone calls, where attackers
- Eavesdrop Attack is when hackers
pose as legitimate organizations,
listen on the unsecured network
 Clone Phishing: The attacker
connection and steal sensitive
duplicates a legitimate email
information.
previously sent to the victim,
7. Denial of Service Attack
 Pharming: This is a more technical
- The Denial of Service Attack is
form of phishing where attackers
when hackers send a lot of fake
redirect users
requests to a Computer System
 Man-in-the-Middle (MITM) Attack:
that it is unable to process the
Although broader than traditional
real request.
phishing.
 8. Malware
- Malware is malicious software
Personally motivated attackers, such as
that can render infected systems
disgruntled current or former employees,
inoperable.
primarily seek retribution for some
Trojan horses- disguise themselves as perceived slight.
useful programs or hide within legitimate
Politically motivated attackers are often
software to trick users into installing them.
associated with cyberwarfare,
Ransomware- is sophisticated malware cyberterrorism, or "hacktivism."
that uses strong encryption to hold data or
systems hostage.
Scareware -uses fake messages to frighten
victims into downloading malware or
passing sensitive information to a
fraudster.
Spyware is a type of malware that secretly
gathers sensitive information, like
usernames, passwords, and credit card
numbers.
Rootkits are malware packages that allow
hackers to gain administrator-level access
to a computer’s operating system or other
assets.
Worms are self-replicating malicious code
that can automatically spread between
apps and devices.
Why do cyberattacks happen?
The motivations behind cyberattacks can
vary, but there are three main categories:
2. Criminal
3. Political
4. Personal
Criminally motivated attackers seek financial
gain through monetary theft, data theft, or
business disruption.