The Chartered Cyber Security Officer

Copyright © 2020 Zulk Shamsuddin, PhD / GAFM ACADEMY

All rights reserved.

ISBN: 9781312666535

INTRODUCTION

Cyber security refers to every aspect of protecting an organization and its employees and assets against cyber threats. As cyberattacks become more common and sophisticated and corporate networks grow more complex, a variety of cyber security solutions are required to mitigate corporate cyber risk.

The Chartered Cyber Security Officer ™ (CCSO) is a gold-standard certification for individuals with skills and experience in cybersecurity management that includes security architecture, cloud security, communications security, access security, application security, and security compliance.

It forms the basis of the assessment that applicants must pass to gain the Chartered Cyber Security Officer status and inclusion in the Register of The GAFM Academy of Finance and Management ® Directory of Certified Professionals.

Stand out above the rest with the accredited Chartered Cyber Security Officer certification and get noticed by top recruiters.

Benefits of becoming a Chartered Cyber Security Officer

Chartered Cyber Security Officer are individuals who implement the information security systems and ensure compliance with the organization cybersecurity policies, guidelines, procedures and regulatory requirements.

Becoming a Chartered Cyber Security Officer has its benefits.

Get your name published in the GAFM Directory of Certified Professionals, this information is accessible to anyone who needs to verify the authenticity of your credential.

Global recognition with a world-class skills-certified credential.

Enhanced your CV to stand out in the job market.

Get noticed by top recruiters.

International ISO-standard recognition with the exclusive Certification Card.

Assurance for clients of high standards and ethical practice.

Use of the post-nominal CCSO or Chartered Cyber Security Officer ™

What are the benefits of implementing information security?

The benefits of implementing and maintaining information security practices include:

Business protection against cyberattacks and data breaches.

Protection for data and networks.

Prevention of unauthorized user access.

Improved recovery time after a breach.

Protection for end users and endpoint devices.

Regulatory compliance.

Business continuity.

Improved confidence in the company's reputation and trust for developers, partners, customers, stakeholders and employees.

Cyber Security Officer Roles

Cyber Security Officer is the individual who implements the security program across the organization and oversees the IT security department's operations.

Cyber Security Officer is the executive responsible for the physical information security of an enterprise.

Cyber Security Officer protect company assets from threats with a focus on quality control within the IT infrastructure.

Cyber Security Officers are responsible for planning, analyzing, designing, testing, maintaining and supporting an enterprise's critical infrastructure.

Cyber Security Officer have several responsibilities that include planning security measures and controls, protecting digital files, and conducting both internal and external security audits.

Skills Certification

This certification program focusses on the following skills and competencies to qualify for the Chartered Cyber Security Officer certification.

Security Architecture

Cloud Security

Access Security

Application Security

Communications Security

Security Compliance

Application for Certification

https://gafm.com.my/application-for-certification/

Information Security Architecture (ISA) concepts and principles are inherent elements in a security policy and solution deployment. They define the basic parameters needed for a secure environment.  They also define the goals and objectives that both policy designers and system implementers must achieve to create a secure solution. It is important for real-world security professionals, as well as CISP exam students, to understand these items thoroughly. The primary goals and objectives of security are contained within the three primary pillars of the information security architecture. They are Confidentiality, Integrity, and Availability (CIA). Security controls must address one or more of these three pillars. The secondary pillars are Privacy, Identification, Auditing, and Accountability.

Security controls are typically evaluated on whether or not they address all three of these core information security tenets. Vulnerabilities and risks are also evaluated based on the threat they pose against one or more of the CIA principles. Thus, it is a good idea to be familiar with these principles and use them as guidelines and measuring sticks against which to judge all things related to security. These three principles are considered the most important within the realm of security. However, how important each is to a specific organization depends upon the organization’s security goals and requirements and on the extent to which its security might be threatened.

Confidentiality

The first principle from the ISA is confidentiality. If a security mechanism offers

confidentiality, it offers a high level of assurance that data, objects, or resources are not exposed to unauthorized subjects. If a threat exists against confidentiality, there is the possibility that unauthorized disclosure could take place. In general, for confidentiality to be maintained on a network, data must be protected from unauthorized access, use, or disclosure while in storage, in process, and in transit. Unique and specific security controls are required for each of these states of data, resources, and objects to maintain confidentiality. There are numerous attacks that focus on the violation of confidentiality. These include capturing network traffic and stealing password files as well as social engineering, port scanning, shoulder surfing, eavesdropping, sniffing, and so on.

Violations of confidentiality are not limited to directed intentional attacks. Many instances of unauthorized disclosure of sensitive or confidential information are due to human error, oversight, or ineptitude. Events that lead to confidentiality breaches include failing to properly encrypt a transmission, failing to fully authenticate a remote system before transferring data, leaving open otherwise secured access points, accessing malicious code that opens a back door, or even walking away from an access terminal while data is displayed on the monitor. Confidentiality violations can occur because of the actions of an end user or a system administrator. They can also occur due to an oversight in a security policy or a misconfigured security control. There are numerous countermeasures to ensure confidentiality against possible threats. These include the use of encryption, network traffic padding, strict access control, rigorous authentication procedures, data classification, and extensive personnel training.

Confidentiality and integrity are dependent upon each other. Without object integrity, confidentiality cannot be maintained. Other concepts, conditions, and aspects of confidentiality include sensitivity, discretion, criticality, concealment, secrecy, privacy, seclusion, and isolation.

Integrity

The second principle from the CIA is integrity. For integrity to be maintained, objects must retain their veracity and be intentionally modified by only authorized subjects. If a security mechanism offers integrity, it offers a high level of assurance that the data, objects, and resources are unaltered from their original protected state. This includes alterations occurring while the object is in storage, in transit, or in process. Thus, maintaining integrity means the object itself is not altered and the operating system and programming entities that manage and manipulate the object are not compromised. Integrity can be examined from three perspectives:

Unauthorized subjects should be prevented from making modifications.

Authorized subjects should be prevented from making unauthorized modifications.

Objects should be internally and externally consistent so that their data is a correct and true reflection of the real world and any relationship with any child, peer, or parent object is valid, consistent, and verifiable.

For integrity to be maintained on a system, controls must be in place to restrict access to data, objects, and resources. Additionally, activity logging should be employed to ensure that only authorized users are able to access their respective resources. Maintaining and validating object integrity across storage, transport, and processing requires numerous variations of controls and oversight.

There are numerous attacks that focus on the violation of integrity. These include viruses, logic bombs, unauthorized access, errors in coding and applications, malicious modification, intentional replacement, and system back doors. As with confidentiality, integrity violations are not limited to intentional attacks. Many instances of unauthorized alteration of sensitive information are due to human error, oversight, or ineptitude. Events that lead to integrity breaches include accidentally deleting files; entering invalid data; altering configurations; including errors in commands, codes, and scripts; introducing a virus; and executing malicious code. Integrity violations can occur because of the actions of any user, including administrators. They can also occur due to an oversight in a security policy or a misconfigured security control.

There are numerous countermeasures to ensure integrity against possible threats. These include strict access control, rigorous authentication procedures, intrusion detection systems, object/data encryption, hash total verifications, interface restrictions, input/function checks, and extensive personnel training. Integrity is dependent upon confidentiality. Without confidentiality, integrity cannot be maintained. Other concepts, conditions, and aspects of integrity include accuracy, truthfulness, authenticity, validity, nonrepudiation, accountability, responsibility, completeness, and comprehensiveness.

Availability

The third principle from the CIA is availability, which means that authorized subjects are granted timely and uninterrupted access to objects. If a security mechanism offers availability, it offers a high level of assurance that the data, objects, and resources are accessible to authorized subjects. Availability includes efficient uninterrupted access to objects and prevention of denial of service (DoS) attacks. Availability also implies that the supporting infrastructure including network services, communications, and access control mechanisms is functional and allows authorized users to gain authorized access. For availability to be maintained on a system, controls must be in place to ensure authorized access and an acceptable level of performance, to quickly handle interruptions, to provide for redundancy, to maintain reliable backups, and to prevent data loss or destruction.

There are numerous threats to availability. These include device failure, software errors, and environmental issues (heat, static, etc.). There are also some forms of attacks that focus on the violation of availability, including denial of service attacks, object destruction, and communications interruptions. As with confidentiality and integrity, violations of availability are not limited to intentional attacks. Many instances of unauthorized alteration of sensitive information are due to human error, oversight, or ineptitude. Some events that lead to integrity breaches include accidentally deleting files, overutilizing a hardware or software component, under-allocating resources, and mislabeling or incorrectly classifying objects. Availability violations can occur because of the actions of any user, including administrators. They can also occur due to an oversight in a security policy or a misconfigured security control. There are numerous countermeasures to ensure availability against possible threats. These include designing intermediary delivery systems properly, using access controls effectively, monitoring performance and network traffic, using firewalls and routers to prevent DoS attacks, implementing redundancy for critical systems, and maintaining and