Time
5 hours 49 minutes
Difficulty
Intermediate
CEU/CPE
6

Video Transcription

00:00
Hello, everybody. And welcome to the I t. Security Except number four on this session will be this Carson.
00:08
The difference and similarities between cybersecurity versus Iet's see security.
00:14
My name. He saw the handwriting and I'll be your instructor for today's session.
00:19
Learning objectives will ask that you said you used to understand difference in similarities between the Cyber Security and Ianto Institute.
00:30
Well, I do. Security is not a traditional cyber security concept. It's actually a group of next time ball cyber security.
00:38
But L symbols, other science and Megan your engineering disciplines, for example, electrical engineers, chemical and juniors.
00:48
And so
00:49
address is much more than just data servers and infrastructure. And you know all the legal that we know for cyber security, for example, it's not limited to the equation. Remember what we discussed the two pillars off information security,
01:03
which was confidentiality and terry and availability?
01:07
Well, I see security is not limited to that. It'll symbol safety, which is a big deal, and in a way that's more complications to the equation. For example, what will happen if hacker, you know, change the way your ah watch words, for example, where
01:27
what happened
01:29
If it hits some much that it explodes in your wrist.
01:33
Uh, well, it will harm you for sure. So, again, I security. It's not concerned just about security percent, but it helps concern about safety. And when we add that to the equation, it complicated. It complicates. It's a lot.
01:49
Um, so there man techniques to address this security challenge and, you know, in the end they enter full field to big up between safety and security.
02:00
But we can say that there are four basic controls that we can start a play in our security problem
02:07
first is device authentication, Um,
02:09
which we have over here,
02:13
uh, just, you know, confirming the true and unique identity of communicating devices in a network from temple. When you have your phone and your smart watch,
02:24
you have to, you know, actually verified identity off your watch and the identity of your phone. This has to be a trust relation between those devices. So that's that's the first control,
02:38
and certain control is secure. Connections protect perfecting data in motion, meaning that in transit mean better that this day that there is moving between one point on the final destination
02:52
and maintain the two pillars off information security, which is again confidentiality internally and availability.
02:59
Secure code execution
03:02
a mean that, um the code.
03:06
You run this up where the way it was intended
03:09
in the first place. For example, if the manufacturer it was intended Thio run first,
03:16
Um, hello. Um,
03:20
scream, for example. You have to run that first and then the other strain and then the other spend the appointment that you have to run this upward and the pieces of code
03:29
in the way that they were developed to through t to be executed.
03:36
And the final control is thio secure starch, you know, protected. Perfecting your data at rest.
03:44
Little problem. Clarify something. There are three main stages of data.
03:50
1st 1 is data and use, which is you know what? The name suggests data that you're actually using it.
03:57
Uh, the 2nd 1 is data in transit or dating motion, meaning that the data is moving to maybe, you know, from your computer or your duty device to the server, for example. Maybe your watch is synchronizing with, you know, the provider's server,
04:14
Tiu don't allowed the latest French film work
04:17
under the latest application. I don't know.
04:19
And the first and last, uh, stage of data is data at rest. Meaning that data is just, you know, in your disk,
04:30
Um, you're not using it, and it is not moving anywhere. So those are the three stages of data that you have to worry about. You protected. And the four main controls we address all of them
04:44
in this case, secure connections, address data in transit or date emotion.
04:50
Ah, the secure storage. Others. They, uh, at Brest.
04:57
And, uh, take your gold execution actress data in juice.
05:04
What's different between? They're in motion, and they didn't transit. Whoa. Uh, they're in motion is the data that has bean,
05:14
you know,
05:15
moving
05:16
from one side to the other and they're in transit is what is the same.
05:23
Those are the same terms for the same kind of data stage.
05:27
The question will be different if it has data in use. For example, what's the different data? And Houston, they're in motion that in transit,
05:35
those terms, my confusion, But you know, better emotion dating transit are the same thing.
05:41
What are cyberspace ical systems. Well, those are the system that the eye it uses for example. Serpents Ah, scream. You know all that? That that that makes up that the coyote devise, For example, when you're when you're
05:58
using your cameras under when you're using your smart vis,
06:02
those are the sort of physical system, which again, they they're the ones that are the safety part to the equation. It's not the same to discuss security,
06:15
but you know, different things to discuss safety.
06:17
And what's the worst case scenario for a compromise Hayatou device? Well, since we're discussing safety, the worst case scenario is that you know, something happened that and ends up her arm hurting you in some way for Temple. You know, you're you're smart, watch over hits and you start
06:38
to feel the even. You're envious and you have you have burns on your wrist, for example. Well, anything that attempts against your safety.
06:46
That's the worst case scenario, unfortunately, so that that's the importance off. You know, a good I T security program security and safety brah program. Of course.
06:59
Well, in today's brief lecture with this car's, the difference in similarities off cyber security versus I am securely
07:06
the through stages of data and the four main Contras for I t. Security and safety.
07:14
Uh, well, you can check. This book is actually a really good booth, but practical Internet of Things. Security by Brian Brussel I hardly recommend that it has a lot of material that might, you might find interested.
07:29
Looking forward in the next video, we'll discuss why collaboration between industries and different enterprises is vital to build a good idea to security problem.
07:40
Well, I hope you enjoy these video, and we'll talk to you soon.

Up Next

IoT Security

The IoT Security training course is designed to help IT professionals strengthen their knowledge about the Internet of Things (IoT) and the security platforms related to it. You’ll also be able to identify the security, privacy and safety concerns related to the implementation of an IoT infrastructure.

Instructed By

Instructor Profile Image
Alejandro Guinea
CERT Regional Director
Instructor