Simple Cybersecurity Intro

Introduction to Cybersecurity

 

Businesses of today have migrated to all in on digital - relying on smart phones, laptops, networks, programs, and data to operate. Gone are the analog days where businesses use papers, faxes, and even telephones to operate.  Using just a laptop or smart phone, customers from the other side of the planet can be ordering products and services from you 24/7 without a human slowing down the  experience and transaction. But that same ease of use for the customer far away is the same mechanism that hackers can use to 1) shutdown your business by disrupting your IT 2) steal your company's intellectual property information 3) steal your customer information 4) lock your business out of its data and ask for a ransom to unlock it 5) plant bots that run secretly and quiet to launch more attacks to steal and disrupt.   Cybersecurity is the practice of protecting all of the above systems : smart phones, laptops, networks, programs, and data - from digital attacks. Here is a diagram of a business IT system.

 

 

In order for a business to protect its IT from cyberattacks, here are some basic protections to take.

 

1) Identify all attempts to use and login into your IT system : people, machines, and now with AI - AI Agents. Following the IdAAA framework, your cybersecurity system must 1) Identify the user - who are you?! 2) Authenticate the user - prove who you are with what you know, what you have, what your are 3) Authorize the user - once identified and authenticated, look up the permissions. You don't want an engineer accessing HR or Financial systems 4)  Accounting - log and track all interactions

 

2) Endpoint : this is the ENTRY POINT into your critical IT systems : the programs, the network, the data. Early days of antivirus were passive and one dimensional. Today's attack sophistication means that your endpoint protection needs to keep up with new and complex attack vectors. EDR (Endpoint Detect and Response) and XDR (Extended Detect and Response) are the bare minimum of today.  

 

3) Network security : Old generation IDS (Intrusion Detection System) and IPS (Intrusion Prevention Systems)  were static and not ready for today's AI and Quantum Compute attacks on network. Start at the very least with Next Gen Firewall (NGFW)

 

4) Server : These are hardware that runs everything in IT. Server hardening, including secure boot, patch management, continuous monitoring, strict access controls (don't share root password!), redundancy

5) Application : This is the direct interface to your customers and hackers. Secure your apps with passwordless & MFA. Leverage OpenID Connect & OAuth 2.0 instead of building your own login system, modern apps use established protocols to outsource authentication to trusted identity providers. Define and implment fine-Grained Authorization: Moving beyond simple "User" or "Admin" roles to Attribute-Based Access Control (ABAC), where access is granted based on time, location, and the specific sensitivity of the data.

6) Storage: This is where your data ultimately lies, and hence a target for ransomware. Make sure your business performs backup, snapshoting, fine grain partition, encryption of data at rest, access anomaly detection.

7) Database : Programs rely on database to provide searchable, indexed, reliable curated data. Authorization by programs, users, and now AI agents is critical to keep business safe (confidential, with integrity). Like storage, need to backup, snapshoting, fine grain partition, encryption of data at rest, access anomaly detection.

Home Storage : Direct Attached Storage, Network Attached Storage, Over Firewire, USB-SATA, Ethernet

Storage has sort of been a interest of mine. Not only did i use it for primary storage, but also for backup, and in some cases, to boot an OS.  As I dug through my boxes of drives, I became amazed at the changes of storage through the years.  I have owned several different types of hosts (Windows, Mac, Linux), connector (Firewire, USB, SATA, IDE), and media (3.5" HDD, 2.5" HDD, 2.5" SSD). Here is a quick walk through of some of my setup:

1) Firewire to iMac HDD : on the "Intel Aluminum" iMacs, the Fireware port was supposedly a cool thing to have. So I bought a Firewire enclosure to fit a 3.5" HDD. Worked great, but later on found that USB drives were ok too.

2) 3.5" SATA HDD : this might have been one of my first SATA drives that pivoted away from messy IDE.

3) USB DAS : I used this Direct Attached Storage as a desktop unit to backup my Windows laptop. Its slick shape made it look appealing on my desk.

4) NAS : this was my first Network Attached Storage, configured to RAID 0 because I really needed space (so there is no redundancy of data - bad!). This particular model also can host an Apache Web Server with a MySQL database.

5) 2.5" SATA SSD : this small for factor was idea for laptops and NUCs. I found this cheaper than to buy a "proper" flash USB drive. Had to buy a SATA to USB connector to use the SSD as plug in storage.

6) Boot macOS from 2.5" SATA SSD : I wanted to have a sandbox macOS environment, and so I installed macOS on to the external 2.5" SATA SSD and boot my Macbook from it.