Definition: Cybersecurity = Protecting systems, networks, and data from digital attack, damage, or unauthorized access.
| Security Principle | Core Question | Cloud Connection |
|---|---|---|
| Confidentiality | Who can see the data? | IAM, Encryption at Rest |
| Integrity | Has the data been altered? | Checksums, versioning, logging |
| Availability | Can users access it when needed? | Redundancy, uptime SLAs |
These three together form the CIA Triad, the foundation of all security design.
| Threat | Description | Example | Prevention / Control |
|---|---|---|---|
| Phishing | Social engineering to steal credentials. | Fake login page for Google Cloud console. | User training, MFA. |
| Misconfiguration | Leaving cloud storage or APIs open. | Public bucket with client data. | Apply least privilege + auto audits. |
| Malware / Ransomware | Code that encrypts or damages data. | Compromised VM infects shared network. | Endpoint security + backups. |
| Insider Threats | Authorized user misuses access. | Admin downloads sensitive files. | Logging, IAM role reviews. |
| Denial of Service (DoS) | Overwhelming system resources. | Flooding web app with traffic. | Firewalls, rate limiting, load balancing. |
| Control Type | Function | Example |
|---|---|---|
| Administrative | Policies, training, procedures | Acceptable Use Policy, incident response plan |
| Technical | Hardware or software protection | Firewalls, MFA, encryption |
| Physical | Protect equipment & facilities | Locked server room, badge access |
| Term | Definition |
|---|---|
| Threat | Potential cause of harm to a system. |
| Vulnerability | Weakness that can be exploited. |
| Exploit | Code or method that takes advantage of a vulnerability. |
| Risk | Likelihood × impact of a threat occurring. |
| Patch Management | Updating software to fix security holes. |
| Zero Trust | “Never trust, always verify” model of access control. |