Advanced Cybersecurity Course
Discussion - Secure Architecture
Security models and architectures are designed to fortify networks to
discourage or deter attackers from targeting them, but no network is
completely without vulnerabilities.
Name and explain 3 common flaws that can be found with
secure architectures. What are some ways to mitigate these potential
weaknesses?
1. Lack of Policy and Security Awareness Training
a. Some organizations fail to provide a high level policy that
address security at the critical levels of the business. I believe
the biggest failure rather, is the lack of Security Awareness
training and ensuring the work force has not only reviewed all
the Security components, but fully understand them as well.
b. A way to mitigate is to 1: ensure that all policies are up-to-date
and in a readable and understandable format. 2: Enable Security
Awareness training at the Director or VP level using the top-down
approach - get them to make this task important and
accountable; and make it as important to their employees.
2. Insider Threats
a. Often overlooked insider threats are a very common theme in an
organization. While we have security controls in place to enforce
least privilege and are able to monitor the network, who is
monitoring the employees behavior?
i. This takes a new wrinkle with so many employees now
working remote, but the mitigation is still the same - still
using a top-down approach, the organizational leaders
from Manager up to VP must ensure they are monitoring
the heartbeat and pulse of their people.
3. Principle of Least Privilege
1
, a. I have seen this more than I care to recall, but many
organizations do not adhere to this principle. Too often
organizations get lazy and bulk load users into systems or
applications giving them too much access. Creation and
maintenance of roles in a system can be a lot of work, but it can
also be automated.
b. The mitigation for ensuring users receive only enough privileges
to do their duty should include, robust role based controls and
corporate LDAP authentication, logging of the system to track
ingress/egress of users and their activity, as well as a true annual
audit of the system, the controls in place, information
classification, and who has access against who should have
access.
1 - CIA
Confidentiality - the concept of the measures used to ensure the
protection of the secrecy of data, objects, or resources
o Prevent or minimize unauthorized access to data
o Encryption - access controls - steganography
Sensitivity - refers to the quality of information to prevent harm or
damage
Discretion - the act of a decision to control disclosure to minimize harm
or damage
Criticality - level to which information is mission critical - the higher the
level of criticality the more likely the need to maintain confidentiality
Concealment - act of hiding or preventing disclosure
Secrecy - the act of keeping something a secret
Privacy - keeping confidential information that is PI or might cause
harm, embarrassment, or disgrace to someone
Seclusion - involves storing something in an out-of-the-way location
Isolation - act of keeping something separated
Integrity - concept of protecting the reliability and correctness of data
2
Discussion - Secure Architecture
Security models and architectures are designed to fortify networks to
discourage or deter attackers from targeting them, but no network is
completely without vulnerabilities.
Name and explain 3 common flaws that can be found with
secure architectures. What are some ways to mitigate these potential
weaknesses?
1. Lack of Policy and Security Awareness Training
a. Some organizations fail to provide a high level policy that
address security at the critical levels of the business. I believe
the biggest failure rather, is the lack of Security Awareness
training and ensuring the work force has not only reviewed all
the Security components, but fully understand them as well.
b. A way to mitigate is to 1: ensure that all policies are up-to-date
and in a readable and understandable format. 2: Enable Security
Awareness training at the Director or VP level using the top-down
approach - get them to make this task important and
accountable; and make it as important to their employees.
2. Insider Threats
a. Often overlooked insider threats are a very common theme in an
organization. While we have security controls in place to enforce
least privilege and are able to monitor the network, who is
monitoring the employees behavior?
i. This takes a new wrinkle with so many employees now
working remote, but the mitigation is still the same - still
using a top-down approach, the organizational leaders
from Manager up to VP must ensure they are monitoring
the heartbeat and pulse of their people.
3. Principle of Least Privilege
1
, a. I have seen this more than I care to recall, but many
organizations do not adhere to this principle. Too often
organizations get lazy and bulk load users into systems or
applications giving them too much access. Creation and
maintenance of roles in a system can be a lot of work, but it can
also be automated.
b. The mitigation for ensuring users receive only enough privileges
to do their duty should include, robust role based controls and
corporate LDAP authentication, logging of the system to track
ingress/egress of users and their activity, as well as a true annual
audit of the system, the controls in place, information
classification, and who has access against who should have
access.
1 - CIA
Confidentiality - the concept of the measures used to ensure the
protection of the secrecy of data, objects, or resources
o Prevent or minimize unauthorized access to data
o Encryption - access controls - steganography
Sensitivity - refers to the quality of information to prevent harm or
damage
Discretion - the act of a decision to control disclosure to minimize harm
or damage
Criticality - level to which information is mission critical - the higher the
level of criticality the more likely the need to maintain confidentiality
Concealment - act of hiding or preventing disclosure
Secrecy - the act of keeping something a secret
Privacy - keeping confidential information that is PI or might cause
harm, embarrassment, or disgrace to someone
Seclusion - involves storing something in an out-of-the-way location
Isolation - act of keeping something separated
Integrity - concept of protecting the reliability and correctness of data
2
