Cyber Security 101 - Basic principles


With changes in technology and everyone connected digitally often create a havoc thought of privacy and security, often termed as Cyber Security.

Do's and Don'ts  -  Wants and Needs, often dictates our choices of selection. But before we go deeper in discussion , let's talk Security at basic level to better understand it.

Here are basic principles which can help understand security  for better designed solutions for physical or  cyber security needs.

1) Security Vs Convenience  : It's usual that higher the level of security is create lower the convenience level it creates for user in order to safely go through all layers of security. Ease to access means limited security for user as well as intruder. Choosing the balance wisely with needs and requirements is essential.

2) Security is continuous process : Issues can be fixed and resolved to mitigate the risk but there's always be new avenues of exposure and it's impossible to eliminate all risks. Establishing a best security policy, analyzing risks and fixing any realized issues.

3) Risk formula : The level of risk can be understood using simple equation : 
                            [ Risk = Impact  X Probability ] 
If a cause has higher impact or higher probability or both, then it has higher risk factor.

4) Cost vs Cause : Not all risks needs to be mitigated because cost vs cause factor dictates this choice. If cost of execution for a security need is significantly higher than preventing content, it may not be advisable to spent on that cause.

5) Security is a 2-way road : Often misconception is that security is about building walls and closing plugs that no unauthorized access can happen but security is more than that. It's also about making it strong inside that unwanted information do not get released by error or unknowingly  a window or door left open  or hole got created while in process. Security is about preventing from intrusion and limiting error exposure.

6) Irrelevant  ROI : When comes to expenses for security, calculating Return Of Investment(ROI) is often irrelevant as the benefits always doesn't translate directly in to monetary  but into peace of mind.

7) CIA Triad : An industry accepted model for securing systems(data). Where CIA stands for - Confidentiality, Integrity, Availability

8) Security methods Categorization :  Prevention ( stop unexpected activity before it happens ) , Detection (Monitor, observe and detect any unusual activity ) and Deterrents ( Counter response any unusual activity )

9) Fail Safe : Despite all efforts there's always an avenue of chances which can cause security to fall, so it's essential to know the range and extension security design to better understand how much it can withstand. It's better if you know what it takes or what could cause security breach so you can can fix and update before someone else does.

10) Layers and Privileges : More the layer, stronger the system and less prone for breach but often by simply limited the privileges to limited audience as well sun dividing what can be accessed and how it's access can also reduces risk of errors which can compromise integrity. 

This simple and basic principles can help you plan and design complex and robust solution for cyber security needs.

Learn more about evaluating you digital platform, servers, websites and online contents for threat analysis, security and risk analysis to prevent and deter possible intrusions. Contact Estiopi Cybersafe a partnered solution provider for Solnet Canada


Popular posts from this blog

Home Security : Monitoring - Recording - Deterrent

Introduction to Structured Cabling

CE Code Handbook for Fiber Optic Cable