Cybersecurity Essentials- A Team Approach Presentation ver 2
advertisement
Cybersecurity Essentials: A Team Approach Alan Lorena Marjorie Cybersecurity Essentials: A Team Approach +Introduction +Recognising Common Vulnerabilities and Attacks +Integrating Security into the Development Lifecycle +Conclusion 2/2/20XX CYBERSECURITY ESSENTIALS 2 Introduction Did you know? – In 2022 The UK had highest number of cyber crime victims per million internet users at 4783 (up 40% from 2020) 1988 - First major cyber attack The “Morris Worm” was one of first major recorded cyber attacks Intended purpose was to gauge the size of the precursor “internet” of the time – ARPANET Infected 1000s of computers causing denial of service (DoS) USA had next highest number of victims per million internet, with 1494 (13% decrease over 2020). https://aag-it.com/the-latest-cyber-crime-statistics/ 26/10/2023 CYBERSECURITY ESSENTIALS 3 What is Cybersecurity? The practice of protecting computer systems, networks, and data from theft, damage, or unauthorized access. Traditionally focussed on Network Security But is software the real weak spot? 26/10/2023 CYBERSECURITY ESSENTIALS 4 Why is it important? Increasing reliance on the digital world in all spheres of our lives Personal and sensitive information now stored digitally Increased risk of this data being accessed by “bad actors” 2/2/20XX CYBERSECURITY ESSENTIALS 5 What are the major Cybersecurity threats? Data Breaches Ransomware Malware 2/2/20XX Distributed Denial of Service (DDoS) Phishing (most common) Account Takeover CYBERSECURITY ESSENTIALS 6 Cybersecurity & Software Development Role of developers in ensuring the security of software and applications. developers are not just responsible for functionality but also for security poor coding practices can lead to vulnerabilities and security breaches 2/2/20XX CYBERSECURITY ESSENTIALS 7 Real Life Examples Individual e.g. Wordpress/Stripe vulnerability Organisations e.g. Healthcare Political Agents e.g. current conflicts around the world 2/2/20XX CYBERSECURITY ESSENTIALS 8 Conclusion • The landscape of cyber threats is becoming increasingly complex and sophisticated. • No single person or team can handle all aspects of cybersecurity effectively. • A collaborative approach is not just desirable - it's essential. • All stakeholders should be involved - developers, IT professionals, security experts, and end-users. 2/2/20XX CYBERSECURITY ESSENTIALS 9 Common Vulnerabilities and Attacks Broken Access Control – Restricting access and permission: Only authorised users can access, read and edit application data and features. Failure of these restricting systems, might give access to unverified users. Two main components: Authentication: Verify the identity of the user. Authorization: Give permissions to the user. https://www.cnet.com/tech/services-and-software/cybersecurity-awareness-month-time-for-a-cybersafety-check/ 26/10/2023 CYBERSECURITY ESSENTIALS 10 Common Vulnerabilities and Attacks Broken Access Control – Restricting controls properly: Don't use default credentials. Deny by default. Review issues that might allow users to escalate their privileges. Enforce authentication and authorisation for all sensitive data. 26/10/2023 CYBERSECURITY ESSENTIALS 11 Common Vulnerabilities and Attacks SQL Injection – One of the most critical security threats. Attackers might inject malicious code into an application Used to retrieve data from SQL databases. It can typically be prevented by sanitising and validating data inputs on entry fields. 26/10/2023 CYBERSECURITY ESSENTIALS 12 Common Vulnerabilities and Attacks Cryptographic failures – Occurs when a cryptographic system, designed to secure information through encryption, fails to perform its intended functions properly. Can often be identified during code reviews. Important: Always encrypt passwords and other sensitive data – using robust algorithms. Avoid including unnecessary sensitive data. 26/10/2023 CYBERSECURITY ESSENTIALS 13 Common Vulnerabilities and Attacks Cross-Site Scripting (XSS) – Attackers include malicious scripts into trusted websites. The script is executed when the users loads the application. JavaScript and other client-side languages are the most vulnerable. Common technique used in phishing attacks. 26/10/2023 CYBERSECURITY ESSENTIALS 14 Common Vulnerabilities and Attacks Security Misconfiguration – Causes: Security controls and app settings are not correctly defined, configured or implemented. Use of incomplete or outdated security configurations. Possible solution: Implement an automated template to deploy tests and developments – Reducing human error. 26/10/2023 CYBERSECURITY ESSENTIALS 15 Implications of a security attack • Reputational Cost. • Financial and Legal Implications. • Service Disruption. • Human Cost. https://www.metacompliance.com/blog/data-breaches/5-damaging-consequences-of-a-databreach#:~:text=A%20data%20breach%20can%20easily,accounts%20or%20making%20unauthorised%20purchases. 2/2/20XX CYBERSECURITY ESSENTIALS 16 Best practices for Mitigating Risks Code Reviews – Vital step after the architectural stage of software development. Tend to take place in the form of merge/pull requests. Unbiased, independent reviews might be the most helpful. Identify common vulnerabilities and logic-level vulnerabilities. Automated scanning tools can be very effective – Not infallible. https://www.cnet.com/tech/services-and-software/cybersecurity-awareness-month-time-for-a-cybersafety-check/ 26/10/2023 CYBERSECURITY ESSENTIALS 17 Best practices for Mitigating Risks Code Reviews – Areas to review: Client-side Code. APIs and Public-facing APIs. Dependencies: libraries, frameworks, databases... Remaining codebase. 26/10/2023 CYBERSECURITY ESSENTIALS 18 Best practices for Mitigating Risks Securing API Design and Third-Party Usage – APIs can increase the vulnerability of applications if they are not secured effectively: Good practices of working with APIs: Authentication and validation. Data validation. Input validation. Output encoding. HTTPS protocol. Phase out older versions. Error handling. Assess 3rd party API's security posture. https://medium.com/@aggarwalapurva89/api-security-practices-730fbd4b4a5 26/10/2023 CYBERSECURITY ESSENTIALS 19 Best practices for Mitigating Risks Regular software updates and patch management – Regular software updates are issued to fix potential vulnerability holes and strengthen defences against external threats. By installing the necessary updates, it is ensured that your system is secured against potential emerging threats. Updates often fix bugs that might cause the software to malfunction, reducing potential issues that might compromise cybersecurity. Using up-to-date software, ensures security in the wider ecosystem – minimise potential large-scale attacks. https://medium.com/@vampireinfinite/the-importance-of-regular-software-updates-keeping-your-systems-secure-82ae678217f4 26/10/2023 CYBERSECURITY ESSENTIALS 20 Security in Agile and DevOps: Strategies for Implementation Implementing Security Measures in Agile and DevOps Continuous Security Testing and Automation Collaborative Security Reviews in Agile Sprints 26/10/2023 CYBERSECURITY ESSENTIALS 21 Identifying and Managing Risks Through Threat Modeling Understanding Threat Modeling Concepts Identifying Potential Security Threats Creating Mitigation Strategies Based on Threat Models 26/10/2023 CYBERSECURITY ESSENTIALS 22 Developer Training, Awareness, and Secure Deployment Practices Importance of Security Training for Developers Secure Coding Guidelines and Best Practices Ensuring Developer Accountability for Security Practices 26/10/2023 CYBERSECURITY ESSENTIALS 23 Interactive Session: Tools, Resources, and Q&A Introduction to Security Tools and Libraries Overview of Security Certifications and Training Open Floor for Questions and Answers from the Audience 26/10/2023 CYBERSECURITY ESSENTIALS 24 Cybersecurity Essentials: A Team Approach • Recap • Keep an ear to the ground • Q&A
