CYBERSECURITY

LEARNING
SATURDAY

Fundamental Cybersecurity
Principles
Presented by
Rafeeq Rehman

November 04, 2023

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Why Learn Cybersecurity

Fundamental Principles
Core and fundamental principles in cybersecurity provide the foundational knowledge
and guidance that all cybersecurity professionals should be familiar with. These
principles help shape effective cybersecurity strategies and practices.

Certificate in
Cybersecurity
Foundation

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Need to Know
restricts access to information or resources only to individuals who have a
legitimate need for that specific information in order to perform their job or
responsibilities

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Confidentiality
Protecting sensitive information from unauthorized access. This is often
achieved through encryption, access controls, and data classification

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Integrity
Ensuring the accuracy and trustworthiness of data. This involves
preventing unauthorized alterations, tampering, or corruption of data.

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Availability
Ensuring that systems, data, and resources are available when needed.
This principle focuses on preventing disruptions, downtime, and service
outages

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Authentication
Verifying the identity of users, systems, and devices. Strong authentication
methods, such as multi-factor authentication (MFA), enhance security

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Authorization
Granting or restricting access based on a user's or system's permissions.
Authorization ensures that users can only access resources they are
allowed to

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Accountability and Auditing

Monitoring and tracking user activities to hold individuals or systems
accountable for their actions. Audit logs help in incident investigation

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Least Privileges
Providing users and systems with the minimum level of access and
permissions required to perform their tasks. This principle limits potential
damage in case of a breach

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Defense in Depth
Employing multiple layers of security controls to protect against various
attack vectors. This approach minimizes the likelihood of a single point of
failure

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Security by Design
Integrating security into the design and development of systems and
applications from the beginning rather than as an afterthought

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Security Awareness
Educating users and staff about security best practices to reduce
human-related security risks, such as social engineering

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Incident Response
Developing a plan for responding to security incidents and recovering from
them. The goal is to minimize damage and downtime

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Encryption
Using encryption to protect data in transit and at rest. This helps maintain
confidentiality and prevents unauthorized access

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Network Segmentation
Isolating network segments to limit the potential spread of threats and
lateral movement by attackers

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Policies and Procedures

Establishing clear guidelines and procedures for maintaining security.
Policies should be regularly reviewed and updated

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Risk Management
Identifying and assessing security risks and taking steps to mitigate or
manage them effectively

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Security Compliance
Adhering to relevant security regulations, standards, and best practices to
maintain legal and industry compliance

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Vulnerability Management
Monitoring newly discovered vulnerabilities. Promptly applying security
patches and updates to address known vulnerabilities.

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Physical Security
Protecting physical access to data centers, server rooms, and other critical
infrastructure

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY
LEARNING
SATURDAY

Thank You!

● Follow me on Twitter (or DM): @rafeeq_rehman

● Subscribe to my personal blog: https://rafeeqrehman.com
● Follow me on LinkedIn: https://www.linkedin.com/in/rafeeq/

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY

Get my latest books

LEARNING
SATURDAY

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved

 CYBERSECURITY

What is Cybersecurity Learning Saturday?

LEARNING
SATURDAY

● This is a learning network supported by volunteers

● Instructor-led and live online training sessions are held on Saturdays
● Diverse topics
● Have something to offer? You can volunteer to be a trainer
● Join Cybersecurity Learning Saturday LinkedIn Group -
https://www.linkedin.com/groups/8988689/
● Follow LinkedIn Page
https://www.linkedin.com/company/cybersecurity-learning-saturday

Copyright © 2020-23 Cybersecurity Learning Saturday – Proprietary, all rights reserved