The document discusses essential principles of cybersecurity, emphasizing the need for advanced security measures due to rising cyber crimes. Key principles include risk management, secure configurations, fail-safe defaults, network security, and managing user privileges, which collectively enhance organizational data protection. The document highlights the importance of these principles in achieving robust defense against cyber threats and maintaining data integrity.

1. Cyber Security
Principles
By:
Prof. (Dr.) Poonam Panwar
University School of Computing

2. 04/11/2024 Prof.(Dr.) Poonam Panwar 2
Cyber Security Principles
• The rise in cyber crimes has made it mandatory for us to upgrade
the security of our system to the next level. This has built up
pressure on security engineers to never miss out on any
vulnerability and keep the security tight round the clock.
• The principles of cybersecurity guide the organization to achieve
the highest level of protection by following certain best practices.
• The principles of cybersecurity are the steps taken by a business or
an individual to surpass any attack in cyberspace. They help us to
govern and protect the data by detecting and responding to
network vulnerabilities.

3. 04/11/2024 Prof.(Dr.) Poonam Panwar 3
Crucial Principles of Cybersecurity
• Framing a Risk Management Regime
• Economy of Mechanism
• Secure all configurations
• Fail-safe defaults
• Network security
• Managing user privileges
• Open design
• Monitoring
• Complete mediation
• Home and mobile networking
• Work factor
• Incident management
• Prevention of malware
• Acceptance of security breaches

4. 04/11/2024 Prof.(Dr.) Poonam Panwar 4
1. Framing a Risk Management Regime
• A risk management regime is a system of rules
and policies followed during the occurrence of
a risk. Board of members with expertise in this
area lay down policies for the regime.
• Exploring the various sources of risks and
prioritizing them based on ranks help in
defining the rules. All employees, contractors,
and suppliers involved in the business must be
made aware of the final structure of risk
management. It helps in minimizing risk
exposure and identifies growth opportunities.

5. 04/11/2024 Prof.(Dr.) Poonam Panwar 5
2. Economy of Mechanism
• This Principle aims to make the security mechanisms
as basic as possible by simplifying the design and
implementation of the same. The idea behind this
principle is that the smaller the design, the fewer are
the occurrences of the error. This in turn reduces the
load in the testing phase.
• The interfaces between the modules are prone to more
vulnerabilities. This is because it handles many
assumptions about the data flowing in as input and the
data flowing out as output. A simpler security
framework eliminates confusion and provides better
clarity to the development team.

6. 04/11/2024 Prof.(Dr.) Poonam Panwar 6
3. Secure all Configurations
• Security configuration is the set of measures
that are employed during the construction and
installation of computers in the network. It
helps in reducing unwanted security
vulnerabilities in the system. It also includes
the removal of unwanted functionalities to
eliminate the possibility of a security breach.
• Managing access permission, disabling auto-
run features, and monitoring user
authorizations help in achieving secure
configuration of a system.

7. 04/11/2024 Prof.(Dr.) Poonam Panwar 7
4. Fail-safe Defaults
• The idea behind fail-safe defaults is that, when a
system fails, it should still be able to maintain a
secure state. This is typically done by denying access
to any object outside the scope during downtime.
• This protocol drives the system to undo any changes
on failure and restore to a secure state. This way
attackers are not able to gain access to the privileged
objects that are normally vulnerable during a failure.
Hence the integrity and confidentiality of the system
are still in good shape even though the availability of
the system has been compromised.

8. 04/11/2024 Prof.(Dr.) Poonam Panwar 8
5. Network Security
• Network security serves as a foundation to establish
policies and architectures for maintaining a secure
network. It reduces the risk of becoming a victim in
cyberspace.
• It nails down a framework through which the data
flowing into the system and out from the system should
pass through. This helps us cut down any threats
entering via the network before reaching the system
and vice versa.
• Firewalls help to filter any virus that is trying to enter
into the system perimeter. Similarly, filters prevent
malware from sending out infected data to other nodes
in the network.

9. 04/11/2024 Prof.(Dr.) Poonam Panwar 9
6. Managing User Privileges
• Managing user privileges is very essential to any
business. Provide minimal access privileges to the
users to complete their tasks. This prevents misuse of
privileges and locks all the loose ends that act as an
entry point for unauthorized third parties.
• Avoid sharing the company’s passcode which contains
sensitive data to everyone. Verifying users’ identities
before granting access is important.
• When a user requests for higher-level access privilege,
grant permission to the user only if he has a task at that
level. The rights can be withdrawn when the task is
complete.

10. 04/11/2024 Prof.(Dr.) Poonam Panwar 10
7. Open Design
• It states that the security of a mechanism should not completely rely
on the secrecy of its design or implementation. If a mechanism
completely relies on secrecy to protect data, it becomes completely
vulnerable and wide open to attack when the secrecy breaks.
• Open security protects the system components with methods whose
designs are publicly available. This strengthens the secrecy of the key
by implementing cryptographic methods for encryption.
Maintain different levels of security to ensure secrecy of key and allow
only authorized users to see the key.

11. 04/11/2024 Prof.(Dr.) Poonam Panwar 11
8. Monitoring
• Monitoring gives complete visibility over the
security activities happening across the
organization. It comes as a savior to rescue
our system when intrusion detection and
prevention facilities fail to handle a security
breach.
• An organization achieves this by framing a
monitoring strategy with backing up policies.
It involves monitoring individual systems,
user activities, decluttering, and finally
reviewing and recording the lessons learned.

12. 04/11/2024 Prof.(Dr.) Poonam Panwar 12
9. Complete Mediation
• This principle makes sure that every user who
gets object access must be an authorized user. It
sets up a fool-proof protection scheme that checks
the compliance behind requests to every object.
• The system must improve performance by
remembering the results of previous authorization
checks and update the permissions systematically.
It also involves operations like initialization,
recovery, shutdown, and maintenance.
• Timed sessions for online transactions are a great
example of complete mediation.

13. 04/11/2024 Prof.(Dr.) Poonam Panwar 13
10. Home and Mobile Networking
• Employees and customers use remote
networking while they are at home or
while using mobile.
• Since users disconnect from the
company’s local network, exposure to
network threats is a concern. This makes it
necessary to establish risk-based policies
for the company to support home and
mobile networking.
• These policies prevent the loss of
information which is critical to the
organization.

14. 04/11/2024 Prof.(Dr.) Poonam Panwar 14
11. Work Factor
• The expense of bypassing a security mechanism weighed up with
the resources of the attacker is what we call the work factor. The
work factor is the cost of circumventing. In other words, it is the
complexity of breaking the cipher in cryptographic encryption.
• For example, an attacker must try 244 = 331776 possibilities to
crack a 4 letter cipher. But when the attacker makes use of a tool
that feeds 1 million keys per second, breaking the system isn’t that
difficult.

15. 04/11/2024 Prof.(Dr.) Poonam Panwar 15
Thank You