Introduction to Cyber Security
In this course, what we're going to be covering, we're going to start off with just some of the basics, for instance, what do we mean when we say cyber security? What does that include? What's going encompass? Well, really you can look at all the processes, all the things that we do to protect our data and our information. But not just that data and information, but all the systems and elements that go into preserving that information. Our computer systems are networks, are processes themselves that we put in place.
Ultimately what we're going to do is we're going to come very security minded in this course and look how many things that we do can really affect the overall security of the organization. We'll also talk about the CIA triad, confidentiality, integrity and availability. We'll talk about what each of those mean and how we can protect them. Now when we get to the topic down below, why do we care? I think most people can answer that.
We look at billions of dollars in identity theft, credit card fraud, millions and sometimes hundreds and millions of dollars in fines for organizations that fail to properly protect their patients or their customer's information, privacy being violated. Now is really a point in time like none other that we've seen in the realm of information itself, having its value and being targeted. Got a lot of information that we want to cover. Hopefully this is going to help you play your part in the world of cyber security.
When we do talk about where do all these threats come from? Who is it that's launching these attacks? Well, it can really come from a wide range, from the very basics of younger kids just launching viruses, seeing what they can do maybe with no real knowledge or intent. Sometimes we covered script kiddies all the way up to state-sponsored crimes, organized crimes. The mafia has really gotten very heavily involved with the world of identity theft.
It's a lot safer and a lot more lucrative than perhaps some of the elements that they would have been involved with in the past. We have seen elements where terrorists are starting to use cyber warfare against this. Whether it's information that they've acquired and release at appropriate times. There was quite a bit of intelligence suggesting that a foreign nation had affected our voting processes. When we think of terrorists, we may think of taking out electric grids or interfering with navigational systems of planes.
There are lots of ways that we're going to begin to see cyber attacks used against us, I think have a much larger scale. Insiders, so many times we focused our efforts on keeping the bad guys out. Well, we sometimes forget to protect against internal fraud. We want to make sure that we're putting the right things, the right mechanisms in place to protect ourselves as much as possible. Another term that's becoming very popular today we talk about hacktivists. These are the folks you've probably heard of anonymous.
There was a group called Lulzsec. But basically what they're looking to do is to force their political opinions and those that oppose them. Essentially, there will maybe denial of service. They may hack in and cause a breach of data. But again, they're using computer skills in order to push their political agenda. You know what? Attacks come from all different directions today. What we have to do is we have to be very forward thinking and we have to start taking security seriously on all levels of the organization.
Now again, when we do talk about security, what we want to focus on bringing to our environment is called the CIA, sometimes called the security triad or the CIA triad. But ultimately, confidentiality, integrity and availability. Confidentiality is usually what we're most concerned with. We think about privacy, secrecy, protecting the information of our company. A lot of times we're revolving around privacy.
But we also have to think about integrity, making sure that files don't get modified or altered in any sort of way. Then availability, it can cost your company thousands or even hundreds of thousands of dollars to be offline for a mere matter of minutes. That availability piece has to be there as well. Those are the three elements that really come together for those of us that are in the security field, looking to bring that element into an environment.