Cybersecurity cube is an online tool that helps to protect networks, domains, and the Internet.
- The Cybersecurity Cube’s first dimension is made up of three principles of information security.
- The second dimension is the information and data states.
- The third dimension of a cube is the required expertise to protect the system.
All three dimensions represent areas that must be addressed to protect the information system.
Cyberattacks are increasing not only in frequency but also in severity and complexity. It is important to have good information security management.
John Mc Cumbers developed a comprehensive security model, the McCumbers Cube or CyberSecurity Cube, in 1991.
Cybersecurity Cube
Cybercriminals often use the following methods to carry out cyber-attacks:
#1. Malware
Malware can be abbreviated as “malicious code“. It is used to cause damage to computers and their stored content. Malware can be defined as any malicious software, such as trojan horses, viruses, spyware, ransomware, or trojan horses.
#2. DDoS attacks
Cybercriminals may use a variety of cybercrime attacks to take down a network or system. Cybercriminals may use DDoS attacks to threaten money. A DDoS attack could also be used to distract from other types of cybercrime.
Don’t Miss: Google Cloud Blocks Record DDoS attack of 46 Million Requests Per Second
#3. Phishing
This is a type of online scam in which criminals send fraudulent emails that look legitimate. This email is intended to trick the recipient into clicking on a link and entering sensitive information (ex., account numbers, pins, passwords, birthday, etc.) into a fake site.
Once clicked on, the email will contain a link or attachment which will infect your computer with malware or steal sensitive information. Cybercriminals will use this information to commit identity fraud and sell it to other criminals.
3 Dimensions of The Cybersecurity Cube
#1. First Dimension
The Principles of Cybersecurity are the first dimension. The CIA Triad commonly refers to this principle.
C: Confidentiality
Privacy is another term for confidentiality. Confidentiality refers to the protection of sensitive information from being unauthorized.
Access Control is one example of a method that can protect privacy. Access Control is one way to control access. This can be done using the AAA security concepts.
- AAA stands for Authorization (verifies an individual’s identity to prevent unauthorized access)
- Authentication (services decide which resources users can access and the operations they can perform);
- Accounting is a way to keep track of users, such as what they access, how long they spend accessing resources, and any modifications made.
I: Integrity
Quality is another term for integrity. Integrity refers to maintaining the integrity of information throughout its lifecycle.
It isn’t easy to protect data integrity. Data integrity loss can render data resources useless and unreliable. Data integrity can be achieved by using access control, validation, hashing, and data consistency checks.
A: Assures
Assures that authorized users of a system have uninterrupted and timely access to the information within the system.
These activities include monitoring unusual activity, testing backups and equipment maintenance, and planning for disasters.
2. Second Dimension
The Information States, or the States of Data, is the next dimension. Cybersecurity cubes address the problem of data protection in three possible states. These are the possible states of data:
a. Storage (Stored Data)
Data at rest is often used to refer to stored data. Data at rest is when a storage device keeps the information even though no user or process uses it.
b. Transmission
Transmission is the transfer of information from one device or another. This process is challenging because of the data confidentiality and integrity issues.
c. Process
Data in process refers only to data that was input, modified, compiled, or output during the initial infusion.
3. Third Dimension
These are commonly referred to as cybersecurity safeguards. There are three layers of cybersecurity safeguards:
a. Technologies
Cyber-attacks can be prevented using technology such as Content Filtering, Firewall Appliances and Virtual Private networks (VPN), Network Access Control (NAC), etc.
b. Education, training, awareness.
Cybercriminals can’t be defeated with technology tools alone. To stay safe, the user must also follow best practices.
c. Policies & Procedures
To keep cyberspace users safe, you need good policies, procedures, and guidelines. While ISO 27000 was not published by ISO, it is a mandatory standard for information security management. However, many countries use ISO 27000 de facto.
Follow Us on Twitter for more information.
