Basic knowledge of security protection

Enterprise 2022-03-30 00:39:36 views: null

The blog content is mostly collected from the Internet and summarized based on personal learning. If there is any infringement, please contact immediately and delete it immediately (〃'▽'〃)
It is not easy to organize, please ask for advice with an open mind, and welcome your guidance ( • ̀ω•́ )✧

Basic knowledge of security protection

cyberspace security

State of the Cyber ​​Security Industry

  • According to statistics from the China Academy of Information and Communications Technology, the scale of the global cybersecurity industry in 2019 reached US$124.401 billion, with a year-on-year growth rate of 9.11%.
  • In 2019, the scale of the domestic cybersecurity industry reached 156.359 billion yuan, an increase of 17.1% over 2018, accounting for 0.158% of GDP, and China accounted for 19.33% of the global cybersecurity market. In 2020, the scale of the domestic network security industry is about 170.2 billion yuan.
  • In 2019, the size of the U.S. cybersecurity market was US$44.7 billion (approximately RMB 290.067 billion), accounting for 0.21% of GDP
  • In 2019, the global network security product market share exceeded the network security service market for the first time in 2019, reaching 50.22%.

Cybersecurity Industry Goals

According to the Ministry of Industry and Information Technology's "Three-Year Action Plan for the High-Quality Development of the Cybersecurity Industry", by 2023, the innovation capability of cybersecurity technology will be significantly improved, the level of products and services will continue to improve, the demand for economic and social cybersecurity will be released faster, and the cooperation between industry and integration will be precise and efficient. The network security talent team is growing day by day, the basic capabilities and comprehensive strength of the industry continue to increase, the industrial structure and layout are more optimized, and the industrial development ecology is healthy and orderly.

  • industry scale. The scale of the network security industry exceeds 250 billion yuan, with a compound annual growth rate of more than 15%.
  • Technological innovation. A number of key core technologies for network security have achieved breakthroughs and reached advanced levels. The integration and innovation of emerging technologies and network security has been significantly accelerated, and the innovation capability of network security products and services has been further enhanced.

Cyberspace Security Overview

Cyberspace has become the "fifth space" of territory, territorial waters, airspace and space, or the "second type of living space" for human beings, and has become a new frontier for the extension of national sovereignty.
Cyberspace Security (Cyberspace Security) refers to the security of cyberspace (Cyberspace) as a whole domain in the information environment. Ensure the security of all aspects of this cyberspace consisting of independent and interdependent information infrastructures and networks, including the Internet, telecommunication networks, computer systems, embedded processors, and control systems.

Cybersecurity Assessment

Elements related to risk assessment
Understand the relevant elements and interrelations of risk assessment such as assets, threats, vulnerabilities, security risks, security measures, and residual risks.
Risk Assessment Approaches and Methods
Understand risk assessment methods such as baseline assessment and risk assessment methods such as self-assessment and inspection assessment;
understand knowledge-based assessment, understand the concepts and differences between qualitative assessment and quantitative assessment, and master the methods of quantifying risk in quantitative analysis.

assets

The assets that make up the risk assessment are the information or resources that establish value to the organization and are the objects of security policy protection.
The value of assets in risk assessment is not measured by the economic value of the assets, but is determined by the degree of achievement of the assets in these three security attributes or the degree of influence caused when the security attributes are not achieved.

threat

Potential cause of an undesired accident that could result in harm to a system or organization.
Threats can be described by various attributes such as threat subjects, resources, motivations, and approaches. External factors
that cause risk Factors that create threats: human and environmental factors.
According to the motivation of the threat:
Human factors can be divided into malicious and non-malicious.
Environmental factors include natural force majeure factors and other physical factors

vulnerability

Assets or weaknesses in several assets that may be exploited by a threat.
Vulnerability exists in the asset itself. If it is not exploited by the corresponding threat, the mere vulnerability itself will not cause damage to the asset.
Threats always exploit the vulnerability of assets to cause harm.

Relationship between risk assessment elements

insert image description here

The basic process of risk assessment

insert image description here

Prepare for Risk Assessment

Risk assessment preparation is the guarantee of the effectiveness of the entire risk assessment process. The
implementation of risk assessment by an organization is a strategic consideration, and the results will be affected by the organization's
business strategy, business processes, security requirements, system size and structure.
Preparing for a risk assessment:

  1. Determine the goals of the risk assessment
  2. Determining the Scope of the Risk Assessment
  3. Formation of appropriate assessment management and implementation teams
  4. Conduct system research
  5. Determine the basis and method of evaluation
  6. Develop a risk assessment plan
  7. Obtain top management support for risk assessment efforts

Network security attack and defense

Security attack and defense overview

Network security actual combat offensive and defensive exercises (hereinafter referred to as "offensive and defensive exercises") are aimed at obtaining the highest control of the target system. The attack path does not limit the attack method”, and the “organized” network attack behavior is formed. The attack and
defense exercise is usually a controllable and auditable network security actual combat attack on the target system of the participating units in the real environment. Through offensive and defensive exercises, the security protection and emergency response capabilities of participating units are tested, and the comprehensive prevention and control capabilities of network security are improved.

Introduction to the net

The HW operation refers to an annual cyber security exercise led by the Ministry of Public Security for the country's important information systems and critical information infrastructure, which tests my country's critical information infrastructure security protection and emergency response capabilities through actual combat network attacks. Each time lasts about 2 to 4 weeks. In the form of a red-blue confrontation, the red team is responsible for the attack and the blue team is responsible for the defense.
Scope:
In 2016, only three public institutions, the Ministry of Public Security, the Civil Aviation Administration and the State Grid, participated in the "Network Protection 2016" campaign.
In 2017, some government departments joined the "Protecting the Net 2017" campaign to organize drills to simulate real scenarios such as attacks on important information systems on portal websites.
In 2018, some state-owned enterprises, public institutions and other key units joined the "Net Protection 2018" campaign, and organized drills to simulate attacks on relevant websites and information systems.
In 2019, units such as industry and information technology, security, armed police, transportation, railway, civil aviation, energy, news, radio and television, and telecommunications operators have all joined the "Network Protection 2019" campaign.
In 2020, public cloud and IoT-related companies will also join in.

Preparation Phase

  • Determine the defensive organization and team
  • Clear responsibility matrix
  • Asset sorting
  • network topology
  • Determining Internet Exposure
  • Defender's data preparation

Self-inspection and rectification stage

  • Internet Security Check
  • Host Security Check
  • Application System Security Check
  • Operation and maintenance terminal security inspection
  • log audit
  • Backup validity check
  • Security Awareness Training
  • Security rectification and reinforcement

Offensive and defensive exercise stage

  • Exercise kick-off meeting
  • Authorization and filing
  • Attack drills (penetration testing, social engineering, DDOS...)
  • Defensive drills (equipment status monitoring, honeypots)
  • Exercise summary

Formal protection

  • Security Equipment Monitoring
  • Deploy the honeypot
  • Security Incident Handling
  • log analysis
  • Situation Analysis

Summary optimization

  • Summary of device status
  • Personnel input summary
  • Event Handling Summary
  • Overall summary optimization

Guess you like

Origin blog.csdn.net/qq_53571321/article/details/123262347
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com