Cyber Security Strategy and Architecture

Models and Frameworks

Perimeter security
- Became inefficient due to client side attacks
Defense in Depth
○ Endpoints
○ Applications
○ Network
○ Physical
○ Policies, Procedures
○ Security Awareness
Zero Trust (lease privileges)
What are zero trust principles, pillars and capabilities
- Organization policies
- Security Policies
- Device Inventory
- User identities
- - User risk assessment
Data
- Classification
- Labeling
- Encryption
Application
- Usage
- Permissions
Access control and management
- End point/threat protection
Defensible Security Architecture and Engineering:
- Zero trust for Hybrid Enterprise
- Build
- - Detection
  - Prevention
  - Response
- Enterprise security Architecture
- Security models
What is cyber security framework
- security
- - Security frameworks used by specific industries
  - ISO 27001/2
  - NIST 800/53
  - NIST Cyber security framework
  - NIST maturity model framework to measure progress
  - COBIT
  - Cyber Security Maturity Model
  - CIS Controls
  - Which are CIS Critical controls
    CIS Templates
    CIS Checklist
- Privacy
- - GDPR
- Risk
- - RMF
  - NIST 800-37
Evaluation Criteria
- Independent evaluations
- Certification
- Accreditation
Trusted Computing Base (TCB)
- Reference monitor concept
Fine tuning and security assessment
- Risk assessment
- - What are our assets, which threats and vulnerabilities associated with process
- Vulnerability Management
- - Known vulnerabilities
- Penetration testing/purple teaming
- - Unknown vulnerabilities
Security design principles
- Cyber security models
- Cyber security controls and countermeasures
Security engineering core areas:
- Virtualization
- Microservices
- Containerization
- Serverless
- Industrial Control Systems (ICS)
- Embedded systems
- Database security
- Cloud Security
- SCADA
- OT
- IOT
- Cryptography
- - Symmetric
  - Asymmetric
  - Hash
  - Quantum
  - PKI
  - Digital signatures
  - Non-repudiation
  - Salts
  - Rainbow tables
  - Pass the hash
  - Cryptanalysis
  - Fault injection
  - Implementation attacks
References:

PreviousCyber Security Controls NextCyber Security Architecture

Last updated 1 year ago

Was this helpful?