Introduction to Cybersecurity

Cristian Lupa
A free video tutorial from Cristian Lupa
Auditor, Consultant & Trainer
4.4 instructor rating • 17 courses • 57,184 students

Lecture description

What is cybercrime and what are the costs of cybercrime to the global economy. What is the purpose of cybersecurity - protecting the confidentiality, integrity and availability of information. The three directions of cybersecurity: prevention, detection and response. Return of investment for cybersecurity. About Software as a Service, Platform as a Service and Infrastructure as a Service. About ISO 27001 and ISO 27017. Is there a difference between information security and cybersecurity?

Learn more from the full course

ISO 27001 Cybersecurity manager. Guidelines.

Application of ISO/IEC 27001 for cybersecurity. Understand and apply the requirements for a cybersecurity program.

04:04:50 of on-demand video • Updated April 2020

  • Principles and concepts in cybersecurity
  • Threats and vulnerabilities
  • Risks and controls
  • Best practices for a succesful cybersecurity program
  • How ISO/IEC 27001 requirements apply to cybersecurity
  • Common attacks, how they work and how they can be prevented
English A few general aspects about cybersecurity. As the world is changing, due to the Internet and technology and risks come along as I was saying; there are many individuals interested to take advantage of the situation. Cybercrime is a really good business and is growing fast. In fact it seems to be the fastest growing business on the planet these days. There are estimations that speak of costs of around 100 billion dollars every year. associated to cybercrime. There are other estimations that speak of more, but the general consensus is that those figures will continue to grow in the near future. Cybercrime costs do not refer exclusively to lost or stolen money. Of course it's also about lost data, harm to the image and reputation of companies, lost market share, lost profits, disruptions to business operations, cost associated to restoring operations to normal, theft of intellectual property and so on. I speak here about potential costs for businesses, for organizations, but obviously individuals can be targets for cyber attacks with more or less the same consequences. As Internet connection becomes faster and cheaper in every country the number of users increases and at the same time is getting easier for cyber attackers. I mean in the past a hacker needed to be really good at writing code, to develop his tools. A hacker needed to have great software skills but nowadays a cyber attacker can download readymade programs from the Internet, sometimes even for free. So, as you see, the effort and the sofistication from the cyber attackers decreases fast. Crypto currencies, like the Bitcoin, hide the identity of parties involved in transactions; thus facilitating the activity of cyber attackers. Another major issue is that even if the attackers are identified, cross-border legal issues make it extremely difficult to prosecute someone from another country. So, cyber security is meant to protect the information that is stored and transmitted using digital devices. Specifically, there are three major properties of information that have to be protected. Confidentiality, integrity and availability. We're gonna detail a little later about those three, but in fact, cybersecurity is in the end about protecting people. People who share and store information and there are three major directions here. Prevention, detection and response. What is different in cybersecurity compared to any other activity, any other sector, things here change really fast. I mean, one year is a lot of time. Another important aspect that has to be mentioned is that cybersecurity costs money. And it may be difficult, without a security incident, to convince the senior management of a company to make a significant investment in cybersecurity. Because here, the return of investment is a potential one - by estimating potential costs associated with a security incident. Still, experience shows that acting reactively, following an incident, is far more expensive than being proactive. And companies who have to deal once with a major security breach are far less likely to be hit again. This course is about cybersecurity guidelines for implementing this standard, ISO 27001. An international standard developed by the International Standards Organization (ISO) and it sets the requirements for an information security management system. So, is there a difference between information security and cybersecurity? Sometimes, in many contexts, in many situations, they are used as synonyms. But the general understanding is that cybersecurity deals with the protection of data that is stored and transmitted electronically; while information security is meant to protect information regardless of its form and support - like paper information. So, as you see, information security is a little more broad as a concept than cybersecurity; but as information seems to be moving to electronic means almost completely, the two concepts seem to overlap.