- What does the term cybersecurity actually mean?
- US-CERT: Cybersecurity involves protecting that information by preventing, detecting, and responding to attacks
- Some assume cyber security to be a form of information security
- According to SANS, Information Security refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption.
- According to Gartner: "Cybersecurity encompasses a broad range of practices, tools and concepts related closely to those of information and operational technology security. Cybersecurity is distinctive in its inclusion of the offensive use of information technology to attack adversaries."
- Some view the term as simply a form (subset) of information security.
•Information security: refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction,
•Network security: can be viewed as a subset of information security. Includes procedures such that we have confidence that information and services that are available on a network can not be accessed by unwanted users and can not be misused.
•Internet Security: represents measures/procedures to protect data during their transmission over a collection of interconnected networks
–Authentication - assurance that the communicating entity is the one claimed
–Access Control - prevention of the unauthorized use of a resource
–Data Confidentiality –protection of data from unauthorized disclosure
–Data Integrity - assurance that data received is as sent by an authorized entity
–Non-Repudiation - protection against denial by one of the parties in a communication
•Plaintext (P or m) - the original message
•Ciphertext (C) - the coded message
•cipher - algorithm for transforming plaintext to ciphertext
•Key (K) - info used in cipher known only to sender/receiver
•encipher (encrypt) - converting plaintext to ciphertext
•decipher (decrypt) - recovering ciphertext from plaintext
•cryptography - study of encryption principles/methods
•cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key
•cryptology - the field of both cryptography and cryptanalysis