The Cybersecurity field is expansive and its scope will continue to expand as organizations decide to connect more things. However, this also means we must expand our knowledge and expertise to keep up with changing trends in the industry as well as, staying ahead of threat actors. There is a vast wealth of information that can help us with this. However, remembering the various publications, working groups, laws and regulations can be cumbersome and difficult to navigate, especially for the uninitiated. This playbook attempts to alleviate the burden of navigating the complex environment of industry documentation by acting as a hub and categorizing them appropriately into the following categories: Component Security, Connection Security, Data Security, Human Security, Organizational Security, Societal Security, Software Security and System Security. Finally, resources are providedfor places where we can safely hone our practical defensive and offensive skills.
The component security knowledge area focuses on the design, procurement, testing, analysis, and maintenance of components integrated into larger systems. The security of a system depends, in part, on the security of its components. The security of a component depends on how it is designed, fabricated, procured, tested, connected to other components, used, and maintained. This knowledge area is primarily concerned with the security aspects of the design, fabrication, procurement, testing, and analysis of components. Together with the connection security and system security knowledge areas (KAS), the component security KA addresses the security issues related to connecting components and using them within larger systems.
The software security knowledge area focuses on the development and use of software that reliably preserves the security properties of the information and systems it protects.The security of a system, and of the data it stores and manages, depends in large part on the security of its software. The security of software depends on how well the requirements match the needs that the software must address, and how well the software is designed, implemented, tested, deployed, and maintained. The documentation is critical if everyone is to understand these considerations, and ethical considerations arise throughout the creation, deployment, use, and retirement of software.The software security knowledge area addresses these security issues. The knowledge units within this knowledge area are comprised of fundamental principles and practices.
The system security knowledge area focuses on the security aspects of systems composed of components and connections, and the use of software. Understanding the security of a system requires viewing it as not only a set of components and connections but also a complete unit in and of itself. This requires a holistic view of the system. Together with the component security and connection security knowledge areas (KAs), the system security KA addresses the security issues related to connecting components and using them within larger systems
The connection security knowledge area focuses on the security of the connections between components, including both physical and logical connections. It is critical that every cybersecurity professional have basic knowledge of digital communications and networking. Connections are how components interact. Much of this material could be introduced through examples and then abstracting to the essentials and introducing the appropriate vocabulary. Together with the component security and system security knowledge areas (KAs), the connection security KA addresses the security issues related to connecting components and using them within larger systems.
The human security knowledge area focuses on protecting individuals’ data and privacy in the context of organizations (i.e., as employees) and their personal lives, in addition to the study of human behavior as it relates to cybersecurity.
The data security knowledge area focuses on the security of data, demonstrating how data is protected and maintained as identified throughout the phases of the security triad: confidentiality, integrity, and availability. Data security also considers the roles, responsibilities, and accountability of organizational personnel. In addition to the physical and logical aspects of protecting data, who is held accountable for these protections being implemented and maintained. For the stewards of data, how is data best managed to prevent the loss of any phase of the security triad?
The organizational security knowledge area focuses on protecting organizations from cybersecurity threats and managing risk to support the successful accomplishing of the organization’s mission. Organizations have a responsibility to meet the needs of many constituencies, and those needs must inform each of these knowledge units.
The societal security knowledge area focuses on aspects of cybersecurity that broadly impact society as a whole, for better or for worse. Cybercrime, law, ethics, policy, and privacy, and their relation to each other, are the key concepts of this knowledge area. The threat of cybercrime across global society is incredibly serious and growing. Laws, ethics, and policies are vital to the security of corporate and government secrets and assets, as well as to the protection of individual privacy and identity.
The following are free training resources.