Cyber Security Course Introduction

Jul 20, 2024

Lecture Notes: Cyber Security Course Introduction

Course Introduction

  • Change of Classroom: KD 101 to larger venue due to high registrations
    • Initial enrollment touched 100
    • Drop immediately after syllabus sent out (7 drops noted)
    • Anticipating further drops due to exam inclusion

Purpose of the Course

  • Designed for practical cyber security for practitioners
  • Anticipation of students without prior cyber security courses
  • Warning: Course involves significant effort

Relevance of Cyber Security

  • Cyber security as a critical and modern issue
    • Daily news on ransomware attacks and data breaches
    • Examples: ICMR, Domino, Big Basket
  • Continuous attacks on institutional systems (IIT)
  • Password security: Recent notice for changing Pingla and CC login passwords

Course Coverage

  • Cyber security courses available:
    • CS 628: Vulnerabilities in web applications, systems, networks, hacking basics
    • CS 658: Malware analysis, intrusion detection
    • CS 631: Protecting critical infrastructure
    • CS 641: Cryptography and related aspects
    • CS 670: Privacy and cryptography
    • Additional courses: Hardware security, IoT devices security, side-channel analysis, post-quantum cryptography
  • Explanation: Technology is only one part (people, process, technology)

Chief Information Security Officer (CISO) Role

  • Detailed responsibilities of a CISO
  • Governance aspects: Policies, approvals, stakeholder consultation
  • Developing organizational threat models
  • Risk assessment of assets
  • Ensuring cyber resilience
  • Designing cyber security controls (segmentation, firewalls, 2FA, monitoring)
  • Incident response and recovery processes
  • Conducting cyber drills (e.g., tabletop exercises)

Core Components of Cyber Security

  • NIST Cyber Security Framework (CSF)
    • Six essential functions: Identify, Protect, Detect, Respond, Recover, Govern
    • Asset inventory, risk assessment, and vulnerability identification
    • Protection mechanisms: Firewalls, endpoint security, cryptography
    • Detection: Continuous monitoring, SIEM tools
    • Response: Incident response protocols
    • Recovery: Data backups, resilience strategies
    • Governance: Policy development and adherence

Common Threat Actors

  • Types of attackers:
    • Script kiddies: Curious individuals, often less harmful
    • Hacktivists: Driven by ideological reasons
    • Cyber criminals: For monetary gain (ransomware, double extortion)
    • Organized crime gangs: Often linked to specific regions (e.g., North Korea, Russia)
    • Nation-state attackers: Highly resourced, geopolitically motivated

Motivation of Attacks and Selectivity of Targets

  • Why do attacks happen?
    • Motives: Geo-political, economic rivalry, etc.
  • Selectivity: Not all organizations are equally targeted
    • Different threats to different organizational roles (e.g., power systems vs. educational institutions)
    • Risk assessment critical to determine asset vulnerabilities
    • Individual threats vary based on profiles (e.g., HNIs vs. common people)
  • Threat perception and geopolitical factors
    • Homeland security protocols (e.g., Traffic Light Protocol)
    • Examples of geopolitical attacks: Iranian nuclear plant, Ukrainian power system, Indian infrastructure

What This Course Will Not Cover

  • Hacking techniques
  • Malware analysis
  • Critical infrastructure security
  • Cryptographic protocol analysis
  • Side channel vulnerabilities
  • Post-quantum cryptography
  • Privacy-enhanced cryptography

Interactive Section

  • **Menti Survey Questions: **
    • Cyber security concepts: Hacking, data protection, privacy
    • Cyber crime perceptions: Money, harassment, sextortion
    • Importance of protecting organizational data: Exfiltration vs. ransomware
    • Cyber defense tactics: Antivirus, firewalls, two-factor authentication
    • Frequency of changing passwords and use of antivirus
    • Previous experience with malware infections and device security

Conclusion

  • Footnoted alarming statistics: 50% of students without antivirus, frequent password reuse
  • Plan to shift perspectives on cyber hygiene and resilience in further lectures
  • Course will continue with interactive elements and detailed explanations on specific frameworks and models