Security Intro, for who will work in information security sector, specially new sales and new co-ordinators.
Also the customers and managers who want to take a shot for information security importance in few seconds and see the changing in attacking and defending minds.
3. Data Files
• Don’t be confused and consider
any type of data as a file.
• Originally any file type (.exe, .png,
.c, … , etc.) was a text file and got
some processing operation.
• ex, this presentation(txt pptx).
4. Files Requirements
• Files needs some HW to store,
process and operate.
• Files needs also some SW to
manage, organize, edit, and
present.
5. Now! Files = $$$
• Credit cards, Banking files,
Password files, Source codes,
Military designs and plans, all
and more must be secured.
• Security must be established on
firm bases.
6. Operation Triangle
• Security vs. functionality vs. Ease
of use.
• Any system must has a value in
the 3 variables.
• Optimize your needs, Think for
security.
7. Attacker vs. Defender
- Attacker acting with OR concept. - Defender must act with AND concept.
- Now, Attacks is targeted and advanced. - Defenders must think as Attackers
8. “AND” & “OR” Meanings
- The Attacker thinking as “OR” function, a “1/True” in the equation is
enough, as information he gathered about the target as the variety
of attacking vector he can exploit.
- Variety of attacking vectors seems like Swiss knife in hand of the
attacker which he can use any of it’s tools to successful the attack
- The Defender must think as “AND” function, which all variables must
be “1/True”, only one “0/False” is enough to successes the attack.
- So, the Defender must raise all shields in front of the Attackers, and
keep monitor the Attackers manipulation.
10. • Kill Chain, is a known steps/chain that Advanced Threats may pass.
• Understanding this chain for each attack, will help to protect against
the attack, and also in remediation.
• Some attacks pass all the chain, some pass only some steps, but the
protection approach must have the ability to cut/kill the chain in any
step.
• Protection approach also must have a clear strategy for detect
passed/ more advanced attacks ( failed to defend against), and give a
detailed information about, which will help to take a fast- correct
decision and defeat the advanced attacks with minimum impacts.
11.
12. • Any critical Subjects, like Information Security, Military and Defense,
Aviation, etc., is very wide and difficult to specialize in all it’s divisions.
• Easier, Divide this critical subject into main layers and each layer to
main topics, then cover each topic with variety of technologies.
• Then, Well integrate between each part to make a full security
solution in defense, detection, defeating, testing and monitoring.