The Defense of Internet Protocol Resources
THE DEFENDERS OF INTERNET PROTOCOL RESOURCES, LAYER 8
•Government/Intelligence: They focus on Geo-political impact to policy. Targets policy to help make informed political decisions regarding the domestic or international (offending countries) cyber arena.
•Law enforcement: Prosecution in silos, interested in finding out who was behind the attack and being able to present enough evidence to support the attribution to a crime. Connecting Attribution to a crime has to be beyond a reasonable doubt.
•Cyber Security firms: Cybersecurity companies earn money by offering any number of services to clients, including providing outsourced technology support, Threat intelligence, managed services, software tools, penetration testing, systems auditing, vulnerability analysis and consulting. Take artifacts and observables (IOC) and turn them into Threat Intelligence. Attribution is usually based off a high degree of confidence, reasonable suspicion.
•Private sector/Businesses: Profit driven, bottom line, return on investment - how to make business decisions and keep their operations running to maintain or increase their profit margins.
* Two distinct disciplines - Security exclusion keeps the bad guys out, using detection and response. Security inclusion lets the good guys in, which is driven by identity and access assurance.
1. Information Technology: Deploy people, processes & technology, deals with deploying the technology that will help for the running and growth of a business. Respond and ensure controls, sometimes referred to as "defensive security" which focuses on reactive measures, such as patching software and finding and fixing system vulnerabilities.
2. Information Security: Deals with security-related issues and it ensures that technology is secure and protected from possible breaches and attacks. Offensive security is a proactive and adversarial approach to protecting computer systems, networks and individuals from attacks.
Conventional security: Most CISO roles focus on Internet Security Governance, Risk and Compliance. Sometimes referred to as "defensive security" which focuses on reactive measures, such as patching software and finding and fixing system vulnerabilities. In contrast, offensive security (usually outsourced by CISOs) measures are focused on seeking out the perpetrators and in some cases attempting to disable or at least disrupt their operations.
•CERTS and CSIRTS: A computer emergency response team or computer security incident response team, is a historic term for an expert group that handles computer
•Defensive Researchers/Academia: Researchers conduct research in the technologies and techniques of cyber security which secures information systems of tomorrow. Research focused on recognizing the potential threats to information security and data integrity, as well as implications for personal and institutional privacy.
•Non-government Organization: Cybersecurity in Non-Profit and Non-Governmental Organizations are think-tanks of cyber security and policy experts with the vision of pioneering Cyber Peace Initiatives to build collective resiliency against cybercrimes & global threats of cyber warfare. Cyber NGOs are involved in Policy Advocacy, Research and Training related to all aspects of Cyber Peace and Cyber Security.
•General Public: The goal of implementing cybersecurity is to provide a good security posture for computers, servers, networks, mobile devices and the data stored on these devices from attackers with malicious intent. The goal of the general public is to practice safe security hygiene, learn and understand safe internet practices.
THE CYBER ECOSYSTEM MAP