Cyber Security isn’t difficult.

In this essay I will…explain how #cybersecurity isn’t difficult,

First. Understand identification and authentication.

Which one do you do first? Identification, then authentication. You don’t want to let anyone get authenticated without understanding their identity.

Second. Passwords, are problematic because you should do identification first. A novel way to examine passwords could be a username and then challenge and response, that’s not a password and it’s easy to remember.

Third. Your security programs are ineffective.

Before deciding which Defense-in-Depth protections an organization needs it is important to understand the methods used by malicious actors to successfully attack these systems.

Many of the techniques used by threat agents are the same as those used by security professionals to test networks and systems for vulnerabilities and to determine which Defense-in-Depth countermeasures to put into place. It is a constant “cat and mouse” game, and the challenge is to ensure that the information?and systems accessible to infiltration are constantly monitored and updated to protect against ever-emerging threats.

A cyber attack generally follows a process allowing the attacker to perform reconnaissance or discovery of the targeted business, then develops and executes the attack, and finally uses the attacker’s command and control presence to extract data and/or achieve the attacker’s goals on the target system

So how does it work? The big bad wolf huffs and puffs. Never-mind that story

Discovery-

? Characterize systems

? Find weaknesses and vulnerabilities

Ok..but what’s the problem here? Systems of systems analysis comes in to play.

Systems of systems analysis, the windows 98 system had no idea what 2023 computers would look like at all. Besides standardized protocols and 4K ports.

So how should you do your work?

And then this series of steps after that

Reduce the presence of Windows 98 Machines on our Corporate network not later than 4 Jan 2023. (SMART) statement.

Potential intrusion vectors can range from technical brute-force hacking using exploit tools to show- ing up at a site dressed as a worker. At this point, the goal is to exploit any and all vulnerable people, processes, or components to gain entry.

Adversaries may have a direct target in mind or merely wish to deposit code on any available machine in order to maintain a presence on the network or system and to allow for future unauthorized access. Generally, the goal at this point is to maintain continued surveillance using a light footing, many times covering their attack tracks as they go.

Once they have found their access point, intruders can accomplish their intent through network in-?trusion—whether it is data exfiltration, creating a denial of service, or taking over command and control?of the process, system, or the entire network. Many intruders leave residual back doors, accounts, or port openings for future or continued access. Once they have compromised a system, they may access it multi- ple times and may also use it to access other systems.

What are you preventing?

Attack

? Exploit vulnerable?Attack?people, processes, and components

Which prevents

Intrusion

? Data exfiltration, denial of service, command and control operations

Subscribe to my newsletter to learn how to integrate an effective information security program.