Professional Documents
Culture Documents
The Cybersecurity Landscape
The Cybersecurity Landscape
Cybersecurity risks and threats are ever-present in our world today. The infrastructure of
networks and the Internet are increasingly vulnerable to a wide variety of both physical
and cyber attacks. Sophisticated cyber criminals, as well as nations, exploit these
vulnerabilities to steal information and money.
Cybersecurity Specialist
Ethical Hacker
All of these roles can be part of your work in the exciting, ever-changing, high-demand
field of cybersecurity. Students who complete the Cybersecurity Essentials course are
prepared to continue their education in more advanced security courses.
A Global Community
When you participate in the Networking Academy, you are joining a global community
linked by common goals and technologies. Schools, colleges, universities, and other
entities in over 160 countries participate in the program. Click here to view a video
about how Cisco Networking Academy is changing the world.
Look for the Cisco Networking Academy official site on Facebook© and LinkedIn©. The
Facebook site is where you can meet and engage with other Networking Academy
students from around the world. The Cisco Networking Academy LinkedIn site connects
you with job postings, and you can see how others are effectively communicating their
skills.
The material in this course is presented using a broad range of technologies including
text, graphics, voice, video, and rich interactions. These technologies help facilitate how
people work, live, play, and learn.
Networking and the Internet affect people differently in different parts of the world.
Although we have worked with instructors from around the world to create these
materials, it is important that you work with your instructor and fellow students to make
the material in this course applicable to your local situation.
How We Teach
E-doing is a design philosophy that applies the principle that people learn best by doing.
The curriculum includes embedded, highly interactive e-doing activities to help stimulate
learning, increase knowledge retention, and make the whole learning experience much
richer. This e-doing makes understanding the content much easier.
How We Teach
E-doing is a design philosophy that applies the principle that people learn best by doing.
The curriculum includes embedded, highly interactive e-doing activities to help stimulate
learning, increase knowledge retention, and make the whole learning experience much
richer. This e-doing makes understanding the content much easier.
Course Overview
By the end of this course, you will be able to:
Many of the world’s original hackers were computer hobbyists, programmers and
students during the 60’s. Originally, the term hacker described individuals with
advanced programming skills. Hackers used these programming skills to test the limits
and capabilities of early systems. These early hackers were also involved in the
development of early computer games. Many of these games included wizards and
wizardry.
As the hacking culture evolved, it incorporated the lexicon of these games into the
culture itself. Even the outside world began to project the image of powerful wizards
upon this misunderstood hacking culture. Books such as Where Wizards Stay up Late:
The Origins of The Internet published in 1996 added to the mystique of the hacking
culture. The image and lexicon stuck. Many hacking groups today embrace this imagery.
One of the most infamous hacker groups goes by the name Legion of Doom. It is
important to understand the cyber culture in order to understand the criminals of the
cyber world and their motivations.
Sun Tzu was a Chinese philosopher and warrior in the sixth century BC. Sun Tzu wrote
the book titled, The Art of War, which is a classic work about the strategies available to
defeat the enemy. His book has given guidance to tacticians throughout the ages. One of
Sun Tzu’s guiding principles was to know your opponent. While he was specifically
referring to war, much of his advice translates to other aspects of life, including the
challenges of cybersecurity. This chapter begins by explaining the structure of the
cybersecurity world and the reason it continues to grow.
This chapter discusses the role of cyber criminals and their motivations. Finally, the
chapter explains how to become a cybersecurity specialist. These cybersecurity
specialists help defeat the cyber criminals that threaten the cyber world.
There are many data groups that make up the different domains of the “cyber world”.
When groups are able to collect and utilize massive amounts of data, they begin to
amass power and influence. This data can be in the form of numbers, pictures, video,
audio, or any type of data that can be digitized. These groups could become so powerful
that they operate as though they are separate powers, creating separate cybersecurity
domains.
The word ‘domain’ has many meanings. Wherever there is control, authority, or
protection, you might consider that 'area' to be a domain. Think of how a wild animal will
protect its own declared domain. In this course, consider a domain to be an area to be
protected. It may be limited by a logical or physical boundary. This will depend on the
size of the system involved. In many respects, cybersecurity experts have to protect
their domains according the laws of their own country.
The experts at Google created one of the first and most powerful domains within the
broader cyber world of the Internet. Billions of people use Google to search the web
every day. Google has arguably created the world’s largest data collection infrastructure.
Google developed Android, the operating system installed on over 80% of all mobile
devices connected to the Internet. Each device requires users to create Google accounts
that can save bookmarks and account information, store search results, and even locate
the device. Click here to see some of the many services Google currently offers.
Facebook is another powerful domain within the broader Internet. The experts at
Facebook recognized that people create personal accounts every day to communicate
with family and friends. In doing so, you are volunteering a great deal of personal data.
These Facebook experts built a massive data domain to enable people to connect in
ways that were unimaginable in the past. Facebook affects millions of lives on a daily
basis and empowers companies and organizations to communicate with people in a more
personal and focused manner.
LinkedIn is yet another data domain on the Internet. The experts at LinkedIn recognized
that their members would share information in the pursuit of building a professional
network. LinkedIn users upload this information to create online profiles and connect
with other members. LinkedIn connects employees with employers and companies to
other companies worldwide. There are broad similarities between LinkedIn and
Facebook.
A look inside these domains reveals how they are constructed. At a fundamental level,
these domains are strong because of the ability to collect user data contributed by the
users themselves. This data often includes users’ backgrounds, discussions, likes,
locations, travels, interests, friends and family members, professions, hobbies, and work
and personal schedules. Experts create great value for organizations interested in using
this data to better understand and communicate with their customers and employees.
The data collected within the Internet is considerably more than just the data that the
users contribute voluntarily. Cyber domains continue to grow as science and technology
evolve, enabling the experts and their employers (Google, Facebook, LinkedIn, etc.) to
collect many other forms of data. Cyber experts now have the technology to track
worldwide weather trends, monitor the oceans, as well as the movement and behavior of
people, animals and objects in real time.
New technologies, such as Geospatial Information Systems (GIS) and the Internet of
Things (IoT), have emerged. These new technologies can track the health of trees in a
neighborhood. They can provide up-to-date locations of vehicles, devices, individuals and
materials. This type of information can save energy, improve efficiencies, and reduce
safety risks. Each of these technologies will also result in exponentially expanding the
amount of data collected, analyzed and used to understand the world. The data collected
by GIS and IoE poses a tremendous challenge for cybersecurity professionals in the
future. The type of data generated by these devices has the potential to enable cyber
criminals to gain access to very intimate aspects of daily life.
In the early years of the cybersecurity world, the typical cyber criminals were teenagers
or hobbyists operating from a home PC, with attacks mostly limited to pranks and
vandalism. Today, the world of the cyber criminals has become more dangerous.
Attackers are individuals or groups who attempt to exploit vulnerabilities for personal or
financial gain. Cyber criminals are interested in everything from credit cards to product
designs, and anything with value.
Amateurs
Amateurs, or script kiddies, have little or no skill, often using existing tools or
instructions found on the Internet to launch attacks. Some are just curious, while others
try to demonstrate their skills and cause harm. They may be using basic tools, but the
results can still be devastating.
Hackers
This group of criminals breaks into computers or networks to gain access for various
reasons. The intent of the break-in determines the classification of these attackers as
white, gray, or black hats. White hat attackers break into networks or computer systems
to discover weaknesses in order to improve the security of these systems. The owners of
the system give permission to perform the break-in, and they receive the results of the
test. On the other hand, black hat attackers take advantage of any vulnerability for
illegal personal, financial or political gain. Gray hat attackers are somewhere between
white and black hat attackers. The gray hat attackers may find a vulnerability and report
it to the owners of the system if that action coincides with their agenda. Some gray hat
hackers publish the facts about the vulnerability on the Internet, so that other attackers
can exploit it.
The figure gives details about the terms white hat hacker, black hat hacker, and gray hat
hacker.
Organized Hackers
Cyber criminal profiles and motives have changed over the years. Hacking started in the
‘60s with phone freaking (or phreaking) which refers to using various audio frequencies
to manipulate phone systems. In the mid-‘80s, criminals used computer dial-up modems
to connect computers to networks and used password-cracking programs to gain access
to data. Nowadays, criminals are going beyond just stealing information. Criminals can
now use malware and viruses as high tech weapons. However, the greatest motivation
for most cyber criminals is financial. Cybercrime has become more lucrative than the
illegal drug trade.
General hacker profiles and motives have changed quite a bit. The figure displays
modern hacking terms and a brief description of each
Why Become a Cybersecurity Specialist?
The demand for cybersecurity specialists has grown more than the demand for other IT
jobs. All of the technology that transforms the kingdom and improves people’s way of life
also makes it more vulnerable to attacks. Technology alone cannot prevent, detect,
respond and recover from cybersecurity incidents. Consider the following:
The skill level required for an effective cybersecurity specialist and the shortage
of qualified cybersecurity professionals translates to higher earning potential.
Thwarting the cyber criminals is a difficult task and there is no such thing as a “silver
bullet.” However, company, government and international organizations have begun to
take coordinated actions to limit or fend off cyber criminals. The coordinated actions
include:
Establishing early warning sensors and alert networks. Due to cost and the
impossibility of monitoring every network, organizations monitor high-value targets
or create imposters that look like high-value targets. Because these high-value
targets are more likely to experience attacks, they warn others of potential attacks.
Enacting new laws to discourage cyberattacks and data breaches. These laws
have severe penalties to punish cyber criminals caught carrying out illegal actions.
The figure displays measures to thwart cyber criminals and a brief description of each.
Lab - Cybersecurity Job Hunt
In this lab, you will use popular job search websites to identify jobs in the cybersecurity
profession and learn about the qualifications required of cybersecurity professionals.