Cybersecurity �Fundamentals

Justin David Pineda

justinp@pinedacybersecurity.com

Welcome to the Workshop!

Executive Diploma Program in Cybersecurity - SPACE

Cybersecurity Defense

Page #

1. Cybersecurity Fundamentals
2. Offensive Security
3. Intro to Cybersecurity Defense
4. Security Education, Awareness and Training
5. Governance, Risk Management and Cybersecurity Planning
6. Security Architecture
7. Data Privacy and Protection
8. Security Operations

Page 3

Links for all related materials

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Materials Link

Things to do:

Part 1

• Getting to Know
• M1: General Security Concepts
• Ex1: Waymo v Uber
• M2: Threats and Risks

​

Part 2

• Ex2: Log4j
• M3: Technical Measures
• M4:Information Security Incidents & Weaknesses
• Ex3: SunCrypt Ransomware

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Getting to Know

(Speed Introduction)

• Name:
• Position/Role:
• Company:
• Why are you taking this course?

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

About the Facilitator: Justin Pineda

Industry

Certs

Academe

Pineda Cybersecurity

Alorica

Ingram Micro

Bnext Inc.

JG Summit Holdings Inc.

The Coca-Cola Company

Silversky/Perimeter Security

DPO ACE, CISSP, ISO/IEC 27032, ISO/IEC 27035, ISO 27034, ISO 42001, ISO 27001, CISM, CEH, GWAPT, GMOB, CEH, Security+, CCNA, IBM DB2, ISO 27002, Cato SASE, Parallels RAS, ITILv3, APMG CISM, ISC2 Trainer

​

Asian Institute of Management (AIM)

DLS-CSB

Asia Pacific College

LPU

NU

San Beda

Mapua

TIP

Page 7

Learning Process

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

* A PDF Glossary of Cybersecurity terms is also uploaded for reference.

Cybersecurity Talent Shortage

Microsoft is launching a national campaign with U.S. community colleges to help skill and recruit into the cybersecurity workforce 250,000 people by 2025, representing half of the country’s workforce shortage

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Microsoft, 2021)

Global Cybersecurity Skills Needed

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Techwire, 2021)

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(CSO Online, 2017)

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Indeed, 2017)

Common Security Misconception

That there are only 2 teams:

Attackers (Red) and Defenders (Blue)

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

But in the actual practice…

There are seven (7) teams.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Hackernoon, 2020)

Survey – Which cybersec color are you interested to explore?

• Blue Team (Defend)
• Red Team (Breakers)
• Purple Team (Integrate)
• Green Team (Automate)
• Yellow Team (Build)
• Orange (Educate)
• White (Manage)
• Why did you choose that cybersecurity color?

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Security Certifications

• CompTIA – Security+
• EC-Council – Certified Ethical Hacker, Certified Security Analyst, Certified Hacking & Forensics Investigator etc.
• SANS – GIAC Certified Reverse Engineering Malware, Incident Handler, Intrusion Analyst etc.
• ISACA – Certified Information Systems Auditor etc.
• ISC2 – Certified Information Systems Security Professional (CISSP), etc.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

https://certification.comptia.org/docs/default-source/downloadablefiles/it-certification-roadmap.pdf

General Security Concepts

1 of 4

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Information Security

• Information security involves the definition, implementation, maintenance, and evaluation of a coherent system of measures that ensure the availability, integrity and confidentiality of the (manual and computerized) information provision.

- From Dutchman Platform Professionals

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Information Security

• Protection of information from a wide range of threats in order to ensure business continuity, minimize business risk, and maximize return on investments and business opportunities

— Code of practice for information security management��

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Information Security vs. IT Security

• Information Security has many domains.
• Access control, telecommunications and network security, Information security governance and risk management, Software development security, Cryptography, Security architecture and design, Operations security, Business continuity and disaster recovery planning, Legal, regulations, investigations and compliance, Physical (environmental) security – from CISSP’s domains on ISC2
• IT Security only focuses on software and hardware technologies.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

How to Implement Information Security?

• The quality requirements an organization may have for the information;
• The risks for these quality requirements;
• The measures that are necessary to minimize these risks;
• Ensuring the continuity of the organization in the event of a disaster.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

What is information security? �(Isaac & Isaac, 2003)

• Confidentiality – Protection from unauthorized disclosure.
• Integrity – Protection of resources from modification.
• Availability – Protection from Denial of Service (DoS)

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Confidentiality

• Degree to which access to information is restricted to a defined group authorized to have this access.
• Includes measures to protect privacy

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

DFA probes data breach into PHL passport tracking system

(Businessworld, Nov 2021)

Integrity

• Degree to which the information is up to date and without errors.
• Correctness
• Completeness

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Diaz, 2019)

Integrity

• Degree to which the information is up to date and without errors.
• Correctness
• Completeness

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Rivas, 2023)

Availability

• Degree to which information is available for the user and for the information system that is in operation the moment the organization requires it.
• Timeliness
• The information systems are available when needed;
• Continuity
• The staff can carry on working in the event of a failure;
• Robustness
• There is sufficient capacity to allow all staff in the system to work.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Kendorf & Miller, 2022)

Availability

• Degree to which information is available for the user and for the information system that is in operation the moment the organization requires it.
• Timeliness
• The information systems are available when needed;
• Continuity
• The staff can carry on working in the event of a failure;
• Robustness
• There is sufficient capacity to allow all staff in the system to work.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Mantaring, 2023)

Defense in Depth (DiD)

• There should be multiple layers of security before gaining access to the data.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Data Driven Investor

Security Architecture

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Security Service and Mechanisms

• Security Service – how objectives are manifested.
• Security Mechanisms – solutions we can implement in the enterprise.
• Inconvenient Truth:
• 1.You cannot protect everything from everyone.
• 2.There are not enough resources and money in the world to totally mitigate all risks.
• 3.Focus on protecting the most important information first, that which must be protected, and that with the highest risk.

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Service & Mechanism Example

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Operational Model of Security

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Conklin et al, 2011)

Operational Model (cont’d)

• But what are the realities of a network environment?
• How about Zero-day attacks?
• How about DDoS on port 80?

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Operational Model (cont’d)

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Security Principles (cont’d)

• Least Privilege – an object should only have the rights and privileges necessary to perform its task with no additional permissions.

Case of User Privilege:

Linux – sudo su (super user)

Microsoft – default admin

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Types of Least Privilege

• Separation of Duties – For a given task, more than 1 person should be involved
• Implicit Deny – If no rule states give access, then access shouldn’t be granted
• Job Rotation – Not relying on 1 individual too heavily on a security expertise

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Diversity of Defense

• Do not rely on a single brand of security device.
• Why should companies NOT rely on a single brand of security device?

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Diversity of Defense

• Why should companies NOT rely on a single brand of security device?

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Because if a VULNERABILITY is FOUND in a particular brand, NO MATTER how many devices you have, ALL OF THEM ARE VULNERABLE.

​

Diversity of Defense

• Why should companies NOT rely on a single brand of security device?

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Because if a VULNERABILITY is FOUND in a particular brand, NO MATTER how many devices you have, ALL OF THEM ARE VULNERABLE.

​

Security through Obscurity

• Feeling of security by hiding the asset and thinking that nobody else will think the same way.
• Is practicing Security through Obscurity a good practice?

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Security through Obscurity (STO)

• From Daniel Messler: “An example of security by obscurity is when someone has an expensive house outfitted with the latest lock system, but the way you open the lock is simply by jiggling the handle.”

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cost Benefit Analysis (CBA)�

• The cost of safeguard or protection should not be greater than the value of the asset.

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cost Benefit Analysis (CBA)�

• The cost of safeguard or protection should not be greater than the value of the asset.
• Further Reading: Attacks vs. Cost of Cybersecurity in 2021

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Steinberg, 2019)

NIST Cybersecurity Framework

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

NIST Cybersecurity Framework Application

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Exercise 1�General Security Concepts�(Waymo vs. Uber) �45 minutes to answer�15 minutes to discuss

Refer to your Exercise Document.

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Threats and risks

2 of 4

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Security Relationships

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Threat Agent

Threat

Vulnerability

Risk

Asset

Exposure

Safeguard

Gives rise to

Exploits

Leads to

Can damage

And causes

Can be counter-measured by a

Directly affects

Definition of Terms

• Vulnerability – weakness
• Threat – potential danger
• Risks – likelihood of a threat agent exploiting a vulnerability
• Exposure – instance of being exposed to losses
• Control – put into place to mitigate potential risk

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Example: Broken door knob

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Thief

Threat agent/actor

Robbery

Threat

Broken Door Knob

Vulnerability

Cyber Threat Environment

Cyber Threat

• Activity intended to compromise the security of an information system by altering the availability, integrity, or confidentiality of a system or the information it contains.

Cyber Threat Environment

• Online space where cyber threat actors conduct malicious cyber threat activity.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cyber Threat Environment

• What apps and websites do you use?

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cyber Threat Actors

• States, groups, or individuals who, with malicious intent, aim to take advantage of vulnerabilities, low cyber security awareness, and technological developments to gain unauthorized access to information systems in order to access or otherwise affect victims’ data, devices, systems, and networks

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cyber Threat Actor and Motivation

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Anonymous

Hacktivists

Employee Negligence

Insider Threats

Cyber Threat Surface

• Refers to all the available endpoints that a threat actor may attempt to exploit in Internet-connected devices within the cyber threat environment.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Risk Analysis

• Used to outline the risks that an organization faces
• Purpose to clarify which threats are relevant to the operational processes and to identify the associated risks.
• Used to ensure that the security measures are deployed in a cost-effective and timely manner, and consequently provide an effective answer to the threats.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Conrad, Misenar & Feldman, 2010)

Quantitative vs. Qualitative Risk Analysis

• Quantitative Risk Analysis
• Calculate a risk value based on the level of the financial loss and the probability that a threat may become an incident.
• Qualitative Risk Analysis
• Based on scenarios and situations.
• Subjective and gut feel

Risk Formula

Risk = Threat x Vulnerability

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Calculating Risk

• Using a scale of 1-5, here’s San Francisco’s risk, using the risk = threat X vulnerability calculation:
• San Francisco threat: 4
• San Francisco vulnerability: 2
• San Francisco risk: 4 X 2 = 8
• Here is Boston’s risk:
• Boston threat: 2
• Boston vulnerability: 4
• Boston risk: 2 X 4 = 8

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Risk Formula

• Risk = Threat x Vulnerability x Impact

*Impact – severity of the damage

*Impact – consequences

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

With Impact

• Empty Building Risk: 2 (threat) X 4 (vulnerability) X 2 (impact) = 16
• Full Building Risk: 2 (threat) X 4 (vulnerability) X 5 (impact) = 40

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Risk Management Process (NIST 800-30)

1. System Characterization

2. Threat Identification

3. Vulnerability Identification

4. Control Analysis

5. Likelihood Determination

6. Impact Analysis

7. Risk Determination

8. Control Recommendations

9. Results Documentation

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Calculating Annualized Loss Expectancy

• Annualized Loss Expectancy (ALE) – used to determine the annual cost of a loss due to a risk.
• Calculated by multiplying the Single Loss Expectancy (SLE) times the Annual Rate of Occurrence (ARO).
• Asset Value (AV) – value of asset you protect
• The Exposure Factor (EF) - percentage of value an asset lost due to an incident
• The Single Loss Expectancy (SLE) - cost of a single loss.
• SLE is the Asset Value (AV) times the Exposure Factor (EF)
• Annual Rate of Occurrence (ARO) - number of losses you suffer per year.

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Conrad, Misenar & Feldman, 2010)

Total Cost of Ownership

• The Total Cost of Ownership (TCO) - total cost of a mitigating safeguard.
• combines upfront costs (often a one-time capital expense) plus annual cost of maintenance, including staff hours, vendor maintenance fees, software subscriptions, etc. (usually called Operational Expenses)

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Return on Investment (ROI)

• The Return on Investment (ROI) - amount of money saved by implementing a safeguard.
• If TCO < ALE, good investment
• If TCO > ALE, poor investment

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Example Scenario:

• Assume your company has 1000 laptops that contain Personally Identifiable Information (PII). You are the Security Officer, and you are concerned about the risk of exposure of PII due to lost or stolen laptops. You would like to purchase and deploy a laptop encryption solution. The solution is expensive, so you need to convince management that the solution is worthwhile.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Asset Value

• Each laptop costs $2500, but the real value is the PII. Theft of unencrypted PII has occurred previously, and has cost the company many times the value of the laptop in regulatory fines, bad publicity, legal fees, staff hours spent investigating, etc. The true average Asset Value of a laptop with PII for this example is $25,000 ($2500 for the hardware, and $22,500 for the exposed PII)

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Exposure Factor

• In the case of a stolen laptop with unencrypted PII, the Exposure Factor is 100%: the laptop and all the data are gone

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

SLE

• SLE is $25,000 (Asset Value) times 100% (Exposure Factor), or $25,000.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

ARO

• Looking through past events, you discover that you have suffered 11 lost or stolen laptops per year on average. Your ARO is 11.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

ALE

• In our case, it is $25,000 (SLE) times 11 (ARO), or $275,000.��

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

TCO

• Using our laptop encryption example, the upfront cost of laptop encryption software is $100/laptop, or $100,000 for 1000 laptops. The vendor charges a 10% annual support fee, or $10,000/year. You estimate that it will take 4 staff hours per laptop to install the software, or 4000 staff hours. The staff that will perform this work makes $50/hour plus benefits. Including benefits, the staff cost per hour is $70, times 4000 hours, that is $280,000. Your company uses a 3-year technology refresh cycle, so you calculate the Total Cost of Ownership over 3 years

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

TCO

• Software cost : $100,000
• Three year’s vendor support: $10,000 X 3 = $30,000
• Hourly staff cost : $280,000
• Total Cost of Ownership over 3 years: $410,000
• Total Cost of Ownership per year : $410,00 0/3 = $136,667 /year
• Your Annual Total Cost of Ownership for the laptop encryption project is $136,667 per year

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

ROI

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

You will save $247,500/year (the old ALE, $275,000, minus the new ALE, $27,500)

by making an investment of $136,667. Your ROI is $110,833 per year ($247,500 minus

$136,667). The laptop encryption project has a positive ROI, and is a wise investment.

Annualized Loss Expectancy of Unencrypted Laptops

Annualized Loss Expectancy of Encrypted Laptops

(Conrad, Misenar & Feldman, 2010)

Measures that reduce risk

• Security tries to prevent the threat
• Ex: Firewall prevents unwanted traffic.
• permit web traffic (port 80)

​

​

​

​

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Measures that reduce risk

• A threat that is NOT prevented becomes an incident.
• Ex. User downloads a virus while browsing in the web.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Types of Risk Strategies

• Risk Acceptance
• When the management acknowledges the risk and decides to accept it.
• Risk Mitigation
• Security measures are taken such that the threats either no longer manifest themselves or if they do, the resulting damage is minimized.
• Risk Avoidance
• Measures are taken such that the threat is neutralized to such an extent that the threat no longer leads to an incident.
• Risk Transference
• Shifting risks from one area (or organization) to another.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Example Scenario

• Your company sells Apple iPods online and has suffered many denial-of-service (DoS) attacks. Your company makes an average $20,000 profit, and a typical DoS attack lowers sales by 40%. You suffer seven DoS attacks on average per year. A DoS-mitigation service is available for a subscription fee of $10,000/month. You have tested this service, and believe it will mitigate the attacks.��

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(Conrad, Misenar & Feldman, 2010)

Question 1

What is the Annual Rate of Occurrence in the above scenario?

A. $20,000

B. 40%

C. 7

D. $10,000

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Question 2

What is the annualized loss expectancy (ALE) of lost iPod sales due to the DoS attacks?

A. $20,000

B. $8000

C. $84,000

D. $56,000

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Question 3

Is the DoS mitigation service a good investment?

A. Yes, it will pay for itself

B. Yes, $10,00 is less than the $56,000 Annualized Loss Expectancy

C. No, the annual Total Cost of Ownership is higher than the Annualized Loss Expectancy

D. No, the annual Total Cost of Ownership is lower than the Annualized Loss Expectancy

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Exercise 2�Risk Analysis�(Equifax)�45 minutes to answer�15 minutes to discuss

Refer to your Exercise Document.

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Technical Measures �(ICT Security)

3 of 4

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Business Assets

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Information about the business asset

• The type of business asset
• Owner
• Location
• Format
• Classification
• Value to the business

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Mandatory Access Control (MAC)

• Restricting access to the subject based on sensitivity/ Need to know

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Mandatory Access Control (MAC)

• Restricting access to the subject based on sensitivity/ Need to know

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

If my label is ‘Secret’, I cannot access ‘Top Secret.’ I can, however, access ‘Secret’, ‘Confidential’, and ‘Public’ resources.

Discretionary Access Control (DAC) �

• The owner can decide the access privileges of the object
• Owner has full access of the file.
• Aside from owner, who has full access of the file?

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Discretionary Access Control (DAC) �

• The owner can decide the access privileges of the object
• Owner has full access of the file.
• Aside from owner, who has full access of the file?

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

The Administrator/Root

Discretionary Access Control (DAC) �

• The owner can decide the access privileges of the object
• Owner has full access of the file.
• Aside from owner, who has full access of the file?

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cryptography

• Derived from the Greek word "Kryptos", which means hidden or secret
• Application of secure communication in any form between a sender and a recipient.
• Used to obscure the meaning of a written message, but it can also be applied to images.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Encryption

• Mechanism by which plaintext messages are turned into unreadable ciphertext.
• Enhances the confidentiality of data being shared with your recipient, whether they're a friend, a work colleague, or another business.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Some applications of encryption

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Plaintext and Ciphertext

• Plaintext
• Represents any message including documents, music, pictures, movies, data, and computer programs, waiting to be cryptographically transformed.
• Ciphertext
• Plaintext has been turned into a secret message.
• Encrypted/secured data.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Encryption Types

Encryption key analogy - key is like the one you’d use to open your car, or the door to your house.

• Symmetric Keys
• Asymmetric Keys

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Symmetric Keys

• Based around the idea that the same cryptographic key is used for both the encryption of the plaintext message and the decryption of the ciphertext message.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Asymmetric Keys

• Composed of two elements, a private key and a public key, which form a key pair.
• Can be shared with anyone, so individuals and organizations don’t need to worry about its secure distribution.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Hashing

• Uses an algorithm, to convert the original text to a unique fixed-length value.
• Each time the same text is hashed using the same algorithm, the same hash value is produced.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Digital Signature

• A common application of hashing
• Used to validate that the document hasn't been tampered with.
• Hash the document then encrypt the hash using the private key of the sender.
• DocuSign and Adobe Sign

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Public Key Infrastructure (PKI)

• Uses all three forms of encryption to provide and manage digital certificates.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

(The Basics of Information Security A Practical Handbook, 2010)

Terms to remember:

Registration Authority (RA)

Certification Authority (CA)

Validation Authority (VA)

Certificate Revocation List (CRL)

Key Escrow

​

​

Information Security Incidents and Weaknesses

4 of 4

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Managing Information Security Incidents

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Reporting Information Security Incidents and Weaknesses

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Incident Report

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Incident Cycle

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

INCIDENT CYCLE

Type

Measure

Preventive

Detective

Repressive

Corrective

Evaluative

Reductive

Incident Response Process

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Incident Response Process

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Employees should be trained to report incidents.

Incident Response Process

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Employees should be trained to report incidents.

Responders must acknowledge the incident.

Incident Response Process

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Employees should be trained to report incidents.

Responders must acknowledge the incident.

Specialists must be able to determine the extent of the incident.

Incident Response Process

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Employees should be trained to report incidents.

Responders must acknowledge the incident.

Specialists must be able to determine the extent of the incident.

Investigation is complete and documented. Return systems to operational status.

Incident Response Process

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Employees should be trained to report incidents.

Responders must acknowledge the incident.

Specialists must be able to determine the extent of the incident.

Investigation is complete and documented. Return systems to operational status.

Discuss points of improvement to correct mistakes.

Remember!

• There are various types of incidents and they occur to various degrees. The ISO/IEC 20000 standard describes how incidents can be managed in the incident management process

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Remember!

• There are various types of incidents and they occur to various degrees. The ISO/IEC 20000 standard describes how incidents can be managed in the incident management process

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

But not every incident is a security incident.

Exercise 3�Incident Handling (SunCrypt Ransomware)�45 minutes to answer�15 minutes to discuss

Refer to your Exercise Document.

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

References:

• Information technology Security techniques — Code of practice for information security management by British Standard, 2007
• IT Governance, A Manager’s Guide to Data Security and ISO 27001/ISO 27002 (4^th Ed) by A. Calder & S. Watkins, 2008
• The Basic of Information Security A Practical Handbook by H. Baars, K. Hintzbergen, J. Hintzbergen & A. Smulders, 2008

​

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Other documents

• Risk Management: NIST 800-30
• Business Continuity Planning: NIST 800-34
• CISSP Study Guide by Eric Conrad et al, 2010

​

Cybersecurity Fundamentals v7.0 | J. Pineda 07-2025

Cybersecurity �Fundamentals

Justin David Pineda

justinp@pinedacybersecurity.com