Clark Flores
Written on

Cybersecurity - The Bigger Picture (1/n)

(I guess)

historytrivia

The ability to see the forest through trees.

  • What really is the purpose of cybersecurity?
  • Why does it exist?
  • What needs to be protected?
  • From whom?

This is just an attempt to explain the entire cybersecurity. Don’t throw rocks at me. This is how I see this entire realm.

Okay here it goes.

You ever got annoyed with these buzzwords or phrases nowadays?

  • Kill Chains,
  • Next-Gens,
  • Zero-trust,
  • Artificial Intelligence/Machine Learning,
  • Military Grade,
  • Highly Sophisticated,
  • “But we’re a family, you can’t quit!”, or
  • “You’re promotion is coming, there’s just pending approval right now. Isn’t that great?”.

These concepts were not entirely new to other fields. Most of these came from military (like ancient military). Remember Caesar? No not the salad, the Roman General and Dictator. Around his era, Caesar Cipher was developed to keep the messages, well, encrypted. To keep the confidentiality in tact.

Caesar Cipher Meme

Scholars from different civilization created their own way of preserving data. From Cuneiform, Strong memorization of dialogues through oral communication (Ancient Greeks really love talking), their NTP server is the freaking moon and stars itself (also known as Astronomy). This way accurate timekeeping helped ensure the consistency and reliability of chronological data recorded in historical documents, legal contracts, and administrative records. They also use seals and signatures as proof that they came from the legitimate sender. Practical yes, but not really sure fire way of measuring the integrity of the records, no?

Greek Paint Meme

Since the invention of writing, peeps back then also learned to archive, duplicate, and replicate records. I mean one of the example of this is the Complaint tablet to Ea-nāṣir (buyer received sub-standard product and wrote a review to the seller). Another thing to point out is the “burning” of the Great Library of Alexandria. It said that this event set the humanity back 1,000 years. Kind of hard to tell, honestly but I think it’s somewhat exaggerated. It is worth to keep in mind the problem with these tables were the decay. If I was in this era, I’d give other libraries access to duplicate and replicate it which I think they did but just with the most important ones. If only they have full backup and high-availability, right?

Burning Meme
Do you see it now?

Since ab immemorabili, three (3) things always stand out to protect information.

The CIA triad.

  • Confidentiality — to keep the records secret or private,
Confidentiality Meme
  • Integrity — to maintain the trustworthy-ness of the data, and
Confidentiality Meme
  • Availability — to access the information if need be.
Availability Meme

Much like in color, there’s also three (3) basic pigments (Red, Green, and Blue). When you combine these things you’ll also get different things!

Knowing these concepts, I believe a person can understand anything around Cybersecurity. If an organization follows this model, any professionals in this field can easily understand their company’s posture.

  • Red teamer can exploit common issues involving Confidentiality, Integrity, and Availability.
    • Issues with Confidentiality — Weak encryption, misconfigurations, crackable passwords, vulnerabilities, etc.
    • Issues with Integrity — Phishing (Smshing, Vishing, Whaling), MITM, Forgery, etc.
    • Issues with Availability — D/DoS, anything that can take down a server
  • Blue teamer, on the other hand, can use this concept to check for possible vectors of attacks.
    • If an analyst knows where the most important data are being stored then they should prep to protect it (e.g. Databases, Application Servers, ActiveDirectory, and PAM).
    • If an application is being used by many people, analyst should address how it can be access from anywhere and anytime (looking at you banks).
  • Compliance, Regulatory, and Governance can use this method to check possible risks and address it by creating policies, procedures, standards, etc.

    • Identifying assets and crown jewel

    • Getting certified from various international standards such as ISO/IEC, PCI, SOC, etc.

    • Creating these docs essentially makes people not to be negligent in protecting data (at least IMO).

too long;didn’t read (tl;dr aka summary)

Everything in cybersecurity boils down to Confidentiality, Integrity, and Availability. The CIA triad guides all aspects and principles known within this field. So in essence, know the CIA — know the cybersecurity. In my opinion, at least. Cheers!

Disclaimer: Please don’t hate me, you’re going to be seeing these three words in every post. Over and over again. And, don’t quote me on this post, I don’t have any resources lol.

Check for part 2.