Cybersecurity First Principles Janica Edmonds Cybersecurity Introduction 2
![Cybersecurity First Principles Janica Edmonds Cybersecurity First Principles Janica Edmonds](https://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-1.jpg)
Cybersecurity First Principles Janica Edmonds
![Cybersecurity Introduction 2 Cybersecurity Introduction 2](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-2.jpg)
Cybersecurity Introduction 2
![Security Needs Confidentiality Integrity Availability 3 Security Needs Confidentiality Integrity Availability 3](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-3.jpg)
Security Needs Confidentiality Integrity Availability 3
![Security Threats A potential occurrence, malicious or otherwise, that might damage or compromise assets. Security Threats A potential occurrence, malicious or otherwise, that might damage or compromise assets.](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-4.jpg)
Security Threats A potential occurrence, malicious or otherwise, that might damage or compromise assets. • Interception – asset is diverted. • Interruption – asset is delayed • Modification – asset is altered. • Fabrication – asset is manufactured. 4
![Security Assets Components of the system or network. • Hardware • Software • People Security Assets Components of the system or network. • Hardware • Software • People](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-5.jpg)
Security Assets Components of the system or network. • Hardware • Software • People • Data 5
![Cybersecurity First Principles Domain separation Process Isolation Resource encapsulation Layering Modularization Least Privilege Information Cybersecurity First Principles Domain separation Process Isolation Resource encapsulation Layering Modularization Least Privilege Information](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-6.jpg)
Cybersecurity First Principles Domain separation Process Isolation Resource encapsulation Layering Modularization Least Privilege Information hiding Abstraction Simplicity Minimization 6
![Domain Separation Separating areas where resources are located prevents accidents and loss of data, Domain Separation Separating areas where resources are located prevents accidents and loss of data,](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-7.jpg)
Domain Separation Separating areas where resources are located prevents accidents and loss of data, keeping information worlds from colliding. 7
![Process Isolation A process occurs when a task is executed. Keeping processes separate prevents Process Isolation A process occurs when a task is executed. Keeping processes separate prevents](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-8.jpg)
Process Isolation A process occurs when a task is executed. Keeping processes separate prevents the failure of one process from negatively impacting another. 8
![Resource Encapsulation Resources – hardware, system objects, or processes – must be separated and Resource Encapsulation Resources – hardware, system objects, or processes – must be separated and](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-9.jpg)
Resource Encapsulation Resources – hardware, system objects, or processes – must be separated and used as intended. 9
![Layering Multiple layers of defense protect information. If one layer is defeated, the next Layering Multiple layers of defense protect information. If one layer is defeated, the next](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-10.jpg)
Layering Multiple layers of defense protect information. If one layer is defeated, the next one should catch it. 10
![Modularization Able to be inserted or removed from a project; each module has its Modularization Able to be inserted or removed from a project; each module has its](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-11.jpg)
Modularization Able to be inserted or removed from a project; each module has its own function, interchangeable with other modules. 11
![Least Privilege Limits what access people have to your resources and what they can Least Privilege Limits what access people have to your resources and what they can](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-12.jpg)
Least Privilege Limits what access people have to your resources and what they can do with them. 12
![Information Hiding Any attempt to prevent people from being able to see information. 13 Information Hiding Any attempt to prevent people from being able to see information. 13](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-13.jpg)
Information Hiding Any attempt to prevent people from being able to see information. 13
![Abstraction is a fancy word for summarizing or explaining in a way that can Abstraction is a fancy word for summarizing or explaining in a way that can](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-14.jpg)
Abstraction is a fancy word for summarizing or explaining in a way that can be easily understood. 14
![Simplicity If something is less complicated, it is less likely to have problems and Simplicity If something is less complicated, it is less likely to have problems and](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-15.jpg)
Simplicity If something is less complicated, it is less likely to have problems and it is easier to troubleshoot and fix. 15
![Minimization’s goal is to simplify and decrease the number of ways the software can Minimization’s goal is to simplify and decrease the number of ways the software can](http://slidetodoc.com/presentation_image_h/c93f62f4bebefb5dc2121e54e2fc7f33/image-16.jpg)
Minimization’s goal is to simplify and decrease the number of ways the software can be exploited. 16
- Slides: 16