INTRODUCTION

TO
CYBERSECURITY

INSTRUCTOR: ANGELA CHIDIOGO ANIEKWE DATE: 27/10/2024 WEEK: 1

 AGENDA
1 2 3 4
Cybersecurity Importance of Cyber vs Info- Scope of
Overview Cybersecurity Sec Cybersecurity

5 6 7
Risk Careers in
The CIA Triad
Management Cybersecurity

8 9
Cybersecurity Skills
Teams Required
WHAT IS
CYBERSECURITY?
Cybersecurity refers to the practice of protecting systems,
networks, and data from digital attacks, unauthorized
access, damage, or theft. It involves the use of technologies,
processes, and best practices to defend sensitive information
and critical infrastructure from malicious actors like hackers,
cybercriminals, and even unintended human error.
THE IMPORTANCE OF
CYBERSECURITY
Cybersecurity is vital in today's digital world
because it protects critical systems, sensitive
information, and individuals from cyber threats.
 IMPORTANCE OF
CYBERSECURITY
Data Preventing Ensuring Maintaining
Protection Financial Continuity Trust
Loss
CYBERSECURITY VS
INFORMATION SECURITY
 CYBERSECURITY
Cybersecurity specifically focuses on protecting digital systems, networks, and data from cyber threats like
hacking, malware, and unauthorized access. It concerns the security of devices, servers, cloud services, and online
communication.
 INFORMATION SECURITY
Cybersecurity specifically focuses on protecting digital systems, networks, and data from cyber threats like
Information Security (InfoSec), on the other hand, is a broader field that encompasses protecting all forms of
information—whether digital, physical, or in any other format.

InfoSec is concerned with maintaining the confidentiality, integrity, and availability (CIA triad) of information, regardless
of how it is stored or transmitted.
 SCOPE OF
CYBERSECURITY
The scope of cybersecurity in today’s digital world extends across
various domains, including protecting critical infrastructure, securing
digital systems, and safeguarding personal data.
 SCOPE OF CYBERSECURITY
Securing Data Privacy
Digital Systems Cloud Security and Encryption
and Networks

Cybersecurity Securing Internet

Awareness and of Things (IoT)
Training Devices
THE CIA TRIAD
(CONFIDENTIALITY,
INTEGRITY, AVAILABILITY)
The CIA Triad is the foundational model for ensuring
cybersecurity. It represents the three core principles
that guide how organizations and individuals should
protect data and systems.
 CIA TRIAD
Confidentiality Integrity Availability
Availability ensures that
Confidentiality refers to Integrity refers to maintaining
information and systems are
protecting information from the accuracy, consistency, and
accessible to authorized users
unauthorized access. The goal trustworthiness of data
when needed. It focuses on
is to ensure that only throughout its lifecycle.
maintaining uptime, reliability,
authorized individuals or
and quick access to
systems can view sensitive
information or services, even in
data, preventing exposure to
the face of threats like
those who are not permitted to
cyberattacks, natural disasters,
see it.
or hardware failures.
 RISK MANAGEMENT
Risk management in cybersecurity encompasses identifying and addressing
vulnerabilities, evaluating potential threats, and assessing the overall risk to an
organization's systems and data.
 RISK
MANAGEMENT
Vulnerabilities Threats Risks
A vulnerability is a weakness or A threat refers to any event or A risk is the potential for loss or
flaw in a system, network, action that could exploit a damage when a threat exploits
application, or process that vulnerability to cause harm. a vulnerability. Risk is the
could be exploited by a cyber Threats can be intentional intersection of vulnerabilities
attacker. Vulnerabilities can (hackers) or unintentional (natural and threats, combined with the
exist due to software bugs, disasters or user errors). They can likelihood of the event
misconfigurations, weak come from external sources occurring. It represents the
security policies, or outdated (hackers, malware) or internal overall potential harm to
systems. sources (disgruntled employees, systems, data, or organizations.
system malfunctions).
 CAREERS IN
CYBERSECURITY
The field of cybersecurity is vast and continuously evolving, offering a wide range of
career opportunities for individuals with various skill sets.
 01.
Analyze security alerts and
investigate possible
incidents.

SECURITY ANALYST 02.

Respond to incidents,
contain threats, and
document findings.

(SOC ANALYST)
03.
A Security Analyst, often working in a Security Operations Center Monitor network traffic for
(SOC), monitors and defends an organization’s network from cyber unusual or suspicious
activities.
threats.

04.
Analyze logs and data to
detect potential threats and
prevent attacks.
 01.
Perform penetration tests on
networks, applications, and
systems to identify
vulnerabilities.

PENETRATION TESTER 02.

Simulate cyberattacks to
exploit weaknesses in
systems for security

(ETHICAL HACKER)
evaluation.

03.
A Penetration Tester, or ethical hacker, simulates cyberattacks on
Document findings and
systems to find and fix vulnerabilities before malicious actors can
provide recommendations
exploit them. They test the security posture of an organization’s to improve security posture.
applications, networks, and systems.

04.
Work with developers and
network engineers to fix
identified vulnerabilities.
 01.
Gather information from
various sources about
potential and existing cyber
threats.

THREAT INTELLIGENCE
02.
Assess and analyze threat

ANALYST
actors, techniques, and
indicators of compromise
(IOCs).

A Threat Intelligence Analyst collects, analyzes, and interprets data

on emerging threats, vulnerabilities, and attack vectors to provide

03.
actionable insights. Their work helps organizations proactively Monitor the dark web,
defend against cyberattacks by staying ahead of threat actors and forums, and other platforms
to track emerging threats.
understanding their tactics.

04.
Create and disseminate
threat intelligence reports
to inform decision-makers
and other security teams.
 01.
Develop and implement
security architectures and
controls for networks, systems,
and applications.

SECURITY ENGINEER
Set up and maintain

A Security Engineer designs, implements, and maintains security

02. firewalls, intrusion
detection/prevention
systems, and other security
architectures to protect an organization’s networks, systems, and appliances.
data from cyber threats. They also manage security tools such as
firewalls, intrusion detection systems, and incident response

03.
Ensure the ongoing security
mechanisms to ensure robust defenses.
of systems by monitoring
for vulnerabilities and
potential threats.

04.
Assist in responding to
security incidents and
attacks by troubleshooting
and mitigating the threat.
 01.
Perform risk assessments to
identify and prioritize risks
related to information security
and business operations.

GRC ANALYST Ensure that the organization

(GOVERNANCE, RISK, 02. adheres to relevant laws,

regulations, and industry
standards (e.g., GDPR,

AND COMPLIANCE)
HIPAA).

03.
Develop and enforce
A GRC Analyst ensures that an organization complies with relevant
information security policies
regulations and standards, while also managing risks related to and procedures.
information security. They develop policies, conduct audits, and
create risk management strategies to align security initiatives with
business objectives.

04.
Lead or assist in internal
and external security audits
to verify compliance and
risk management efforts.
 01.
Design and implement security
controls in cloud environments
like AWS, Azure, or Google
Cloud.

Manage and enforce secure

CLOUD SECURITY 02. IAM policies, ensuring least

privilege access.

ENGINEER
03.
A Cloud Security Engineer is responsible for securing cloud-based
Monitor cloud systems for
infrastructure and services, implementing access control, potential security incidents
encryption, and monitoring in cloud environments like AWS or Azure. and unusual activities.

04.
Ensure cloud infrastructure
complies with relevant
security standards and
regulations.
 01.
Embed security practices and
tools in continuous
integration/continuous
delivery pipelines.

DEVSECOPS ENGINEER
Automate security checks

A DevSecOps Engineer integrates security practices into the DevOps

02. (e.g., static analysis,
vulnerability scanning) as
part of development.
lifecycle, ensuring that security is considered from development
through operations. They automate security testing and implement
continuous monitoring to maintain secure applications and Work closely with

03.
development and
infrastructure in production environments.
operations teams to ensure
secure application
deployment.

Ensure that security

04. configurations are

consistently enforced
across environments (e.g.,
cloud, containers).
 CYBERSECURITY TEAMS
Cybersecurity teams are groups of skilled professionals who work together to protect
an organization's digital assets, networks, and systems from cyber threats.
 CYBERSECURITY
TEAMS
Blue Team Red Team Purple Team White Team
(Defensive) (Offensive)
The Blue Team defends an The Red Team focuses on The Purple Team combines the The White Team oversees the
organization’s IT infrastructure simulating real-world efforts of the Red Team and activities of both the Red and
from cyber threats and attacks. cyberattacks to test the Blue Team, creating a Blue Teams and ensures that all
Their main objective is to defenses of an organization. collaborative environment exercises, such as penetration
monitor, detect, and respond to Their role is to actively attempt where offensive and defensive testing and defense
potential security incidents. to exploit vulnerabilities, strategies are shared. simulations, are conducted
bypass security controls, and within defined rules and
gain unauthorized access to boundaries.
systems.
REQUIRED SKILLS IN
CYBERSECURITY
In addition to core cybersecurity knowledge,
developing additional skills on the side can give you
a competitive edge and help you become a well-
rounded cybersecurity professional.
 REQUIRED SKILLS
Networking Operating Cloud and
Fundamentals Systems (Linux, Virtualization
Windows)
Understanding networking is With many organizations
Most cybersecurity jobs require
foundational to cybersecurity moving to the cloud,
familiarity with operating
because much of cybersecurity understanding how to secure
systems, especially Linux and
is about protecting networks, cloud environments like AWS,
Windows, as they are the
data flows, and communication Azure, or Google Cloud is
environments attackers target
channels. essential for a modern
and defenders protect.
cybersecurity career.
 THANK
YOU VERY
MUCH!
QUESTIONS???

ANGELA CHIDIOGO ANIEKWE