Work shop on

Cyber Security
V EN K ATA S . D EN D U KURI
Understanding on Cyber Security
Cybersecurity is the body of technologies, processes and practices
designed to protect networks, computers, programs and data from
attack, damage or unauthorized access. In a computing context,
security includes both cybersecurity and physical security
Source - wikipedia
 CIS Critical Security Controls
Inventory of Authorized and Unauthorized Devices

Inventory of Authorized and Unauthorized Software

Secure Configurations for Hardware & Software on Mobile Devices, Laptops,

Workstations, and Servers

Continuous Vulnerability Assessment and Remediation

Malware Defenses

Application Software Security

Wireless Access Control

Data Recovery Capability

Security Skills Assessment and Appropriate Training to Fill Gap

Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
 CIS Critical Security Controls (Contd)
Limitation and Control of Network Ports, Protocols, and Services

Controlled Use of Administrative Privileges

Boundary Defense

Maintenance, Monitoring, and Analysis of Audit Logs

Controlled Access Based on the Need to Know

Account Monitoring and Control

Data Protection

Incident Response and Management

Secure Network Engineering

Penetration Tests and Red Team Exercises

Statistics
Barriers
Tools
 Cyber Security Framework

Identify Protect Detect Respond Recover

Anomalies and
Asset Management Access Control Response Planning Recovery Planning
Events

Business Awareness and Security Continuous

Communications Improvements
Environment Training Monitoring

Governance Data Security Detection Process Analysis Communications

Information
Risk Assessment Protection Processes Mitigation
and Procedures

Risk Management
Maintenance Improvements
Strategy

Protective
Technology
 Vendors
inline
with
Cyber Security