1. Cybersecurity - A World of Experts and Criminals

Many of the world’s original hackers were computer hobbyists, programmers and students during the 60’s. Originally, the term hacker described individuals with advanced programming skills. Hackers used these programming skills to test the limits and capabilities of early systems. These early hackers were also involved in the development of early computer games. Many of these games included wizards and wizardry.

As the hacking culture evolved, it incorporated the lexicon of these games into the culture itself. Even the outside world began to project the image of powerful wizards upon this misunderstood hacking culture. Books such as Where Wizards Stay up Late: The Origins of The Internet published in 1996 added to the mystique of the hacking culture. The image and lexicon stuck. Many hacking groups today embrace this imagery. One of the most infamous hacker groups goes by the name Legion of Doom. It is important to understand the cyber culture in order to understand the criminals of the cyber world and their motivations.

Sun Tzu was a Chinese philosopher and warrior in the sixth century BC. Sun Tzu wrote the book titled, The Art of War, which is a classic work about the strategies available to defeat the enemy. His book has given guidance to tacticians throughout the ages. One of Sun Tzu’s guiding principles was to know your opponent. While he was specifically referring to war, much of his advice translates to other aspects of life, including the challenges of cybersecurity. This chapter begins by explaining the structure of the cybersecurity world and the reason it continues to grow.

This chapter discusses the role of cyber criminals and their motivations. Finally, the chapter explains how to become a cybersecurity specialist. These cybersecurity specialists help defeat the cyber criminals that threaten the cyber world.

1.1. Overview of the Cybersecurity Domains

There are many data groups that make up the different domains of the “cyber world”. When groups are able to collect and utilize massive amounts of data, they begin to amass power and influence. This data can be in the form of numbers, pictures, video, audio, or any type of data that can be digitized. These groups could become so powerful that they operate as though they are separate powers, creating separate cybersecurity domains.

Companies such as Google, Facebook, and LinkedIn, could be considered to be data domains in our cyber world. Extending the analogy further, the people who work at these digital companies could be considered cybersecurity experts.

The word ‘domain’ has many meanings. Wherever there is control, authority, or protection, you might consider that 'area' to be a domain. Think of how a wild animal will protect its own declared domain. In this course, consider a domain to be an area to be protected. It may be limited by a logical or physical boundary. This will depend on the size of the system involved. In many respects, cybersecurity experts have to protect their domains according the laws of their own country.

1.2. Examples of Cybersecurity Domains

The experts at Google created one of the first and most powerful domains within the broader cyber world of the Internet. Billions of people use Google to search the web every day. Google has arguably created the world’s largest data collection infrastructure. Google developed Android, the operating system installed on over 80% of all mobile devices connected to the Internet. Each device requires users to create Google accounts that can save bookmarks and account information, store search results, and even locate the device. Click here to see some of the many services Google currently offers.

Facebook is another powerful domain within the broader Internet. The experts at Facebook recognized that people create personal accounts every day to communicate with family and friends. In doing so, you are volunteering a great deal of personal data. These Facebook experts built a massive data domain to enable people to connect in ways that were unimaginable in the past. Facebook affects millions of lives on a daily basis and empowers companies and organizations to communicate with people in a more personal and focused manner.

LinkedIn is yet another data domain on the Internet. The experts at LinkedIn recognized that their members would share information in the pursuit of building a professional network. LinkedIn users upload this information to create online profiles and connect with other members. LinkedIn connects employees with employers and companies to other companies worldwide. There are broad similarities between LinkedIn and Facebook.

A look inside these domains reveals how they are constructed. At a fundamental level, these domains are strong because of the ability to collect user data contributed by the users themselves. This data often includes users’ backgrounds, discussions, likes, locations, travels, interests, friends and family members, professions, hobbies, and work and personal schedules. Experts create great value for organizations interested in using this data to better understand and communicate with their customers and employees.

2. The Cybersecurity Cube

Cybersecurity professionals are best described as experts charged with the protection of cyberspace. John McCumber is one of the early cybersecurity experts, developing a commonly used framework called the McCumber Cube or the Cybersecurity Cube. This is used as tool when managing the protection of networks, domains and the Internet. The Cybersecurity Cube looks somewhat like a Rubik's Cube.

The first dimension of the Cybersecurity Cube includes the three principles of information security. Cybersecurity professionals refer to the three principles as the CIA Triad. The second dimension identifies the three states of information or data. The third dimension of the cube identifies the expertise required to provide protection. These are often called the three categories of cybersecurity safeguards.

The chapter also discusses the ISO cybersecurity model. The model represents an international framework to standardize the management of information systems.

2.1. The States of Data

Cyberspace is a domain containing a considerable amount of critically important data; therefore, cybersecurity experts focus on protecting data. The second dimension of the Cybersecurity Cube focuses on the problems of protecting all of the states of data in cyberspace. Data has three possible states:

• Data in transit

• Data at rest or in storage

• Data in process

The protection of cyberspace requires cybersecurity professionals to account for the safeguarding of data in all three states.

2.2. The Principles of Security

The first dimension of the cybersecurity cube identifies the goals to protect cyberspace. The goals identified in the first dimension are the foundational principles. These three principles are confidentiality, integrity and availability. The principles provide focus and enable the cybersecurity expert to prioritize actions when protecting any networked system.

Confidentiality prevents the disclosure of information to unauthorized people, resources, or processes. Integrity refers to the accuracy, consistency, and trustworthiness of data. Finally, availability ensures that information is accessible by authorized users when needed. Use the acronym CIA to remember these three principles.