Home
Resistine's Open Source CyberSecurity Guide
A practical guide as simple as finger counting:
1st hand: Personal
- strong password (stories) ... are not enough (second factor online) and
- protect (passwords, antivirus, firewall) ... but protection may fail
- backup (regularly) ... to prevent the failure
- update (or delete what cannot be updated) but the most important is to
- think first, click then (even the best protection can’t save you from yourself)
Sounds simple?
Good, security is like an onion, the more layers it has, the harsher winter can come.
The Personal hand includes securing the Computer, Phone, Network, Internet of Things and the Internet security basics.
If you have the skills, you can move forward...
2nd hand: Organizational
- identify and assess risk (people, devices, network segments)
- segment and protect (information, access, devices)
- monitor and detect (establish security operation center and automate)
- triage and respond to incidents (priority, block, restart, reinstall, …)
- recover and prevent (educate and control)
Sounds familiar? In fact, it is simplified NIST Cybersecurity Framework.
The Organization hand includes the Cyber-Security in general, introduction to the Frameworks and enterprise-level securing the Hardware, Software, Services but also Human and othe organizations Chain.
If this is all easy for you, there are two more feet for high-risk individuals and organizations.
Also, you can continue with Official (ISC)² Certified in Cybersecurity (CC) Self-Paced Training of the references...
[1] NIST Cybersecurity Framework
[2] ISO/IEC 27000:2018 Information technology — Security techniques — Information security management systems
[3] ENISA Threat Landscape 2022
[4] MITRE ATT&CK® - a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.