Lesson Introduction to Cybersecurity - Cybersecurity - ثالث ثانوي

1. Fundamentals of Cybersecurity In this unit, you will learn about the fundamental concepts of cybersecurity, its history and role in the modern world, the main risks and vulnerabilities that are present in technological systems and what are the defense and response strategies to mitigate and combat them. Finally, you will learn about privacy Issues in cybersecurity systems, how access control can be implemented to secure information systems, and the role of ethical hacking in protecting organizations and companies. Learning Objectives In this unit, you will learn to: > Describe the field of cybersecurity and its history. > List the key principles of cybersecurity, > Analyze the main job roles in cybersecurity. > Illustrate how Saudi Arabia has become an emerging leader in cybersecurity. > Examine the various categories of malware. > Explain how cyberattacks work. > Evaluate different strategies for risk identification, mitigation, and management. > Differentiate between data protection and data privacy. > Outline how access control techniques help protect information systems. > Exp the role of ethical hacking in the field of cybersecurity.

Lesson 1 Introduction to Cybersecurity www.ec.edu.sa What is Cybersecurity? Cybersecurity is a field that has become increasingly important in recent years as technology has become more integrated into our daily lives. With the rise of the internet and the proliferation of computers and mobile devices, cybersecurity has become essential for protecting our sensitive information and ensuring that our online activities are safe and secure. The field of cybersecurity encompasses a range of practices and techniques designed to protect against cyber threats and attacks. السيلة الوطني للأمن السيبراني The National Cybersecurity Authority (NCA) in KSA was established by a royal decree as the national authority and reference on cybersecurity. The NCA mandate gives the following definition for cybersecurity: Cybersecurity is the protection of networks, IT systems, operational technologies systems and their components of hardware and software, their services and the data they contain from any penetration, disruption, modification, access, use or unauthorized exploitation. The concept of cybersecurity also includes information security and digital security. One of the key challenges in cybersecurity is the constantly evolving nature of cyber threats. The cybersecurity field is constantly moving, so professionals need to continuously update their security measures. Cybersecurity involves various domains, such as data security, network security, cryptography, and cyber risk management. The interdisciplinary nature of cybersecurity makes it a challenging and exciting field to work in, with many opportunities for learning and career advancement. Protecting data and information is essential, and cybersecurity measures are necessary to safeguard against cyber attacks. Personal data, financial information, and intellectual property are all at risk, and the consequences of a successful cyber attack can be severe. One significant consequence of a cyber attacks financial loss A successful attack can result in the theft of money or valuable assets. For businesses, the financial consequences of a cyber attack Farbe even more severe, with potential losses in millions 2173-1465 Cybersecurity threats Any circumstance or event with the potential to adversely impact organizational operations, organizational assets, or individuals through an Information system via unauthorized access. destruction, disclosure, modification of Information, and/or denial of service. Cybersecurity attacks A cybersecurity attack is an action by an adversary to damage, disrupt, or gain unauthorized access to a computer system, network, or data.

of dollars. A cyber attack can also result in reputational damage, which can be challenging to recover from. Consumers and clients may lose trust in a business that has suffered a cyber attack, resulting in long-term financial consequences. Cyber attacks can also result in legal liabilities. Businesses may be held responsible for damages if sensitive data is compromised. In some cases, cyber attacks can even threaten national security. Governments and military organizations are at risk of cyber attacks that can disrupt critical infrastructure or steal sensitive data. A successful attack can result in the loss of state secrets or military strategies, which can have severe consequences. Cybersecurity is essential for individuals as well. With the rise of online banking and e-commerce, personal financial information is at risk of theft. Personal data such as PII (Personal Identifiable Information), addresses, and phone numbers can also be stolen and used for identity theft. Cybersecurity measures such as strong passwords and two-factor authentication can help protect individuals from these threats. 1.70 400 30 60 40 11 200 32 10 Year 2009 2013 2012 2013 2014 2015 2016 2017 2018 2019 2010 Figure 1 Cyber Attack Inudents with $1M+ unreported tosses in the last du mesurad in millions of dollars provided by the Center for Strategic & International Stulles (CSIS) The History of Cybersecurity Cybersecurity history can be traced back to the 1970s, when computing networks were developed. In 1986, computer viruses emerged, causing damage to data and systems. To fight cyber attacks, firewalls and encryption were developed. Firewalls control traffic, and encryption protects data and information. Despite new defenses, cybercriminals still find ways to bypass them. The 21st century has seen a significant increase in large-scale cyber attacks, with governments, corporations, and individuals at risk. Some of the most high-profile cyber attacks include the 2017 Equifax data breach, which exposed the personal data of over 140 million people, and the 2020 SolarWinds attack, which affected numerous US government agencies and private companies. Some of the biggest data breaches in history are illustrated in figure 1.2. As technology advances and becomes more integrated into our lives, the need for cybersecurity will only continue to grow. In recent years, there has been a push for greater cybersecurity awareness and education. Governments and organizations have developed cybersecurity frameworks and guidelines to help individuals and businesses protect themselves from cyber threats. Cybersecurity professionals are in high demand, with yortunities. As cyber-attacks become more sophisticated, the need for skilled professionals who can defend against them will only continue to grow. 173-1745

Number of cumpromiso data recond 30 Number of records compromised in each breach based on disclosure date 1.18 711M 500M 2016 2017 885M 533M 38ам 130M 250M 2018 2019 2020 2021 Vahoo Vahoo Friend- Finder Networks Onliner spambot Aadhaar Marnott Twitter Int. First Microsoft American Financial Facebook Figure 120of the biggest data breaches in history based on Fenlarget research The Key Principles of Cybersecurity The protection of computer systems, networks, and data from unauthorized access and malicious activities is of utmost importance. To establish a strong and effective security framework, it is essential to adhere to key principles of cybersecurity. Understanding and implementing these principles is vital for safeguarding sensitive information, ensuring data accuracy, and maintaining uninterrupted access to critical resources. These key principles are presented below: Confidentiality, Integrity, and Availability (The CIA Triad) The CIA triad is a widely used model for designing and implementing cybersecurity policies and practices. The acronym stands for Confidentiality, Integrity, and Availability, which are the three main goals of protecting information and systems from unauthorized access, modification, or disruption. Confidentiality wi millty Figure 13 The CA Tra Confidentiality refers to preserving authorized restrictions on information access. No one can access data that does not belpas to them. Confidentiality can be maintained through various methods, such as encryption, access controls, and data masking. However, it's crucial to be aware that confidentiality can face potential threats, such as a phishing attacks, where attackers impersonate legitimate entities to trick pinto revealing sensitive information. 173-1465 11

Integrity refers to the assurance that data is accurate and has not been tampered with. Data integrity is essential for maintaining trust in information systems. Without data integrity, users cannot be confident of the accuracy of the information they receive. Measures such as encryption, and digital signatures can help ensure data integrity. An example of a threat is the interception of communications between two parties. An attacker could infiltrate an unsecured Wi-Fi network and manipulate the data packets being transmitted, modifying the content without the knowledge of the sender or recipient. Digital Signature A digital signature is a type of electronic signature that uses mathematical algorithms to verify the authenticity and integrity of a message, document or transaction. Availability refers to the guarantee that information is accessible when needed. Availability is essential for ensuring that systems and services are available to users when needed. Redundancy, backups, and disaster recovery planning can help ensure availability. Denial-of-service attacks are a common way attackers attempt to compromise availability by flooding a network with large quantities of traffic that cause operations to stop. Denial-of-service attacks are a common way that attackers attempt to compromise availability. Job Roles in Cybersecurity The field of cybersecurity offers a wide range of job opportunities for individuals with varying backgrounds and skill sets. From technical roles such as security analysts and penetration testers to managerial roles such as Chief Information Security Officer (CISO), there are a variety of job roles available in cybersecurity to suit different interests and career goals. In addition to technical and managerial roles, there are also roles in cybersecurity policy and governance, such as security consultants and compliance officers. As the demand for cybersecurity professionals continues to grow, so does the diversity of job roles and career paths in this field. There are both local and global cybersecurity specialist shortages and it is one of the required future jobs. Below are the main job roles in cybersecurity as presented by the Saudi Cybersecurity Workforce Framework (SCYWF). The SCYWF Taxonomy Job Categories Specialty Area Cybersecurity Architecture, Cybersecurity Architecture Research and Development Cybersecurity Research and Development Job Roles ⚫ Cybersecurity Architect Secure Cloud Specialist • Systems Security Development Specialist Cybersecurity Developer • Secure Software Assessor ⚫ Cybersecurity Researcher ■ Cybersecurity Data Science Specialist → Cybersecurity Artificial Intelligence Specialist وزارة التعليم 2173-176 12

وزارة الكليم 21123-1445 Job Categories Specialty Area Job Roles Leadership Leadership and Workforce Development Workforce Development Governance, Governance, Risk, Risk and Compliance and Laws Compliance Laws and Data Protection Protection and Defense Defense Protection Vulnerability Assessment Incident Response • Chief Information Security Officer/Director ⚫ Cybersecurity Manager Cybersecurity Advisor Cybersecurity Human Capital Manager Cybersecurity Instructional Curriculum Developer ⚫ Cybersecurity Instructor Cybersecurity Risk Officer Cybersecurity Compliance Officer Cybersecurity Policy Officer + Security Controls Assessor ⚫ Cybersecurity Auditor • Cybersecurity Legal Specialist • Privacy/Data Protection Officer ⚫ Cybersecurity Defense Analyst Cybersecurity Infrastructure Specialist ⚫ Cybersecurity Specialist Cryptography Specialist • Identity and Access Management Specialist Systems Security Analyst • Vulnerability Assessment Specialist •Penetration Tester/Red Team Specialist Cybersecurity Incident Responder Digital Forensics Specialist Cyber Crime Investigator • Malware Reverse Engineering Specialist Threat Management • Threat Intelligence Analyst Threat Hunter 13

Job Categories Specialty Area Job Roles Industrial Control Systems and Operational Technologies (ICS/OT) Industrial Control Systems and Operational Technologies (ICS/OT) Cybersecurity in Saudi Arabia ⚫ICS/OT Cybersecurity Architect ⚫ICS/OT Cybersecurity Infrastructure Specialist • ICS/OT Cybersecurity Defense Analyst ⚫ICS/OT Cybersecurity Risk Officer ⚫ ICS/OT Cybersecurity Incident Responder Saudi Arabia has become a very important leader in global cybersecurity. It is ranked second in the Global Cybersecurity Index (GCI). GCI is a trusted reference that measures the commitment of countries to cybersecurity at a global level-to raise awareness of the importance and different dimensions of the issue. As cybersecurity has a broad field of application, cutting across many industries and various sectors, each country's level of development or engagement is assessed along five pillars-(i) Legal Measures, (ii) Technical Measures, (iii) Organizational Measures, (iv) Capacity Development, and (v) Cooperation - and then aggregated into an overall score. Saudi Arabia also is ranked second in the World Competitiveness Yearbook (WCY) for 2023 published by Switzerland-based International Institute for Management Development (IMD) الهيئة الوطنية للأمن السيبراني National Cybersecurity Authority The National Cybersecurity Authority (NCA) is the national authority for cybersecurity affairs in the Kingdom of Saudi Arabia. It aims to protect the Kingdom's vital Interests, including national security, sensitive infrastructure, priority sectors, and government services and activities, by strengthening domestic cybersecurity capabilities. The NCA has regulatory and operational functions related to cybersecurity and works closely with public and private entities to improve the country's cybersecurity infrastructure in alignment with Vision 2030. الاتحاد السعودي للأمن السيبراني والبرمجة والهروتز SAUDI FEDERATION FOR CYRERSECURITY PROGRAMING & MONES SAFCSP The SAFCSP is a national institution that aims to empower the local workforce and enhance their capabilities in the fields of Cybersecurity, Software Development, Drones and Advanced Technologies based on international best practices. Cybersecurity Career Initiatives in Saudi Arabia Saudi Arabia has been taking significant steps to address the need for cybersecurity jobs and expertise in the country. Th The following are the initiatives in Saudi Arabia: P 2173-1465 14

د الحليم Arquications, 2173-1465 Education and training The Saudi government has invested heavily in cybersecurity education and training programs to develop local talent. Several universities and institutes in Saudi Arabia offer degree programs and certifications in cybersecurity, and the government has also launched training initiatives to upskill current IT professionals in cybersecurity. Examples Include NCA Cybersecurity Academy programs which have many tracks and aim to develop and build national capabilities in the field of cybersecurity and localize cybersecurity training content. Also, SAFCSP provides cybersecurity training camps and competitions. NCA released the Saudi Cybersecurity Higher Education Framework (SCyber Edu) to ensure the quality of cybersecurity higher education in Saudi Arabia. The framework aims to set the minimum requirements for higher education programs in cybersecurity and to ensure the alignment of their learning outcomes with the national needs of the cybersecurity workforce. Cybersecurity strategy Saudi Arabia has developed a comprehensive national cybersecurity strategy that outlines the country's vision and goals for cybersecurity. The strategy includes plans to develop cybersecurity talent within the country, as well as measures to protect critical infrastructure and enhance International cooperation on cybersecurity. Industry partnerships The Saudi government has also been working closely with private sector companies to address the need for cybersecurity expertise. For example, the government has partnered with international companies to provide training and development programs for cybersecurity professionals. Cybersecurity Sector Development Saudi Arabia has many initiatives for accelerating the development and growth of the cybersecurity sector in the Kingdom and building its capacity. These initiatives include the national program CyberlC which is an umbrella of many initiatives such as the National Drills, Cybersecurity training initiatives targeting various categories the society, the cybersecurity challenges to encourage innovation and entrepreneurship in the field and the cybersecurity accelerator which stimulates the local industry system in cybersecurity and links emerging companies in cybersecurity technologies with investors. رؤية VISION 230 الصفا كما PABIA 15

TE Exercises Read the sentences and tick True or False. 1. Firewalls and encryption were developed to combat increasing cyber attacks. 2. Government agencies are one of the main targets of cyberattacks. 3. All cybercrimes have the same level of severity and consequences. 4. Confidentiality, integrity, and authentication make up the CIA criad. 5. The SAFCSP is a national institution that aims to train local talent in Al. 6 Integrity refers to the assurance that data is accurate and has not been tampered with. 7. Encryption, access controls, and data masking are methods used to maintain data confidentiality. 8. Confidentiality ensures that data is accurate and has not been tampered with. 9. Á CISO is an executive overseeing an organization's cybersecurity program. ■TO Chief Information Security Director is a job role in cybersecurity. وزارة العليم True False

Provide a brief description of the field of cybersecurity which is aligned with the National Cybersecurity Authority's definiten. Describe what the CIA triad in cybersecurity stands for. وزارة التعليم

Describe how confidentiality helps protect sensitive information. 5 Explain why availability is crucial for ensuring that systems and services are accessible to users. وزارة التعليم

6 Analyze the main cybersecurity career Initiatives in Saudi Arabia. 7 Explain how Saudi Arabia has become ene of the emerging leaders in developing cybersecurity systems and legislation. حرارة الكلية 19