12. Identify cyber security controls (AC 3.1)

Cyber security controls is what keeps you or an organisations safe, more specifically it is what protects the important data and computer systems from threats. It's all the tools, practices and policies that help in keeping you safe from cyber threats. Encryption Encrypting means you're turning the data into a secret code that only you and or one other party may read. It keeps your information private, so even if someone unintended was to read your data they wouldn't be able to, without the secret code. Antivirus As the name implies, it's a something that protects you against viruses, and other malicious code. It's a software that runs on your device that scans all for harmful programs and removes them. It's like a security system for your computer. Intrusion Detection System (IDS) IDS is an automated system that continually monitors your network for any suspicious activity. In simple terms, it's like a home alarm system, that alerts you when there's an intrusion or any unusual activity around your home (network). Because of it's ability to recognise suspicious activity, IDS helps you take action before any serious damage can happen. Least privilege Is a concept where users are given the access they strictly need. This helps with the risk of misuse, and should the account be compromised, only the limited information can be accessed by the attacker. Multi-factor Authentication Is a login method where multiple way of confirming your identity is required. This is considered to be the safest way of authenticating The three most common kinds of factors are: Something you know - Like a password or PIN. Something you have - Like a smartphone, or a secure USB key Something you are - Like a fingerprint, or facial recognition Audit trail It's a logbook, a detailed record of who accessed what, when and how on a network. It helps with understanding of accidents, as it can pinpoint each event on an individual system, giving clear data on what exactly happened. Patch management Is about regularly updating, patching all the necessary software. This can either be automatic process or it can be updating when you learn of a new vulnerability before it had a chance of damaging your systems. Network defences Are are exactly what it sounds like. It's tools and practices that protect the network from external sources. This can include tools like firewalls or VPNs (Virtual Private Networks) Firewalls will filter network traffic, and give network administrators the tools to restrict access to malicious websites. VPNs are used to hide all online user activities from attackers. Practices like separating public Wi-Fi from organisation's network. This keeps the organisation's network safe from any potential attacker's that can use the public Wi-Fi. And using robust defences for securing credit card information belonging to customers. Mobile devices Enterprise Mobility Management (EMM) is often used in organisations as a way or managing and securing mobile devices used by employees. Should a mobile device fall into the wrong hands, EMM can remotely wipe all data, keeping the company's data secure. Training programmes Are for employees to educate them about safe cyber practices. This can be about using a strong password, the dangers of phishing, and using social media safely. An educated employee is less likely to make a costly mistake for the organisation. Access controls Strategies that define who can access what information. They are the overall systems and rules that decide which people can access IT resources. Unlike Least privileges that are about specific principle within access control Encrypted backup Is essential in any organisation or private use. Should a data loss occur due to an incident, having a secure backup can quickly help get the organisation back on its feet. Data loss can happen through various ways: data corruption, data breach, or physical accidents such as fire, or water damage. It's important to have your backup in a safe place. This could be external location such as a cloud, or in a different building. It's a good practice to keep more than one copy of a backup.