Skip to main content
HashnodeCyvallyCyvally

Command Palette

Search for a command to run...

Cybersec Base #003: Pillars of Cybersecurity|People, Process, Technology

Updated
4 min read
Cybersec Base #003: Pillars of Cybersecurity|People, Process, Technology
C
Cyvally
Part of seriesCybersec Shell

I never imagined chemistry would come in handy in cybersecurity until I came up with the acronym "Cyber PPT". I remembered using pipette during my chemistry practical days, to transfer liquids and constantly referring to it as "PPT." It was a minor recollection, but it gave rise to a wonderful concept. If someone ever questioned me if I had used chemistry in cybersecurity, I would say emphatically, "YES," and I know you would be my witnesses.

In this post, we will talk about the 3 pillars of cybersecurity.

Follow along!!!

1.1 Pillars of Cybersecurity(Cyber PPT)

People, process, and technology are all required for effective Cybersecurity. Each of these components/pillars is essential in defending systems and data from cyber threats.

Simply use the acronym Cyber PPT to help you recall. We will go over each of them briefly.

Pillar 1: People

Humans are frequently regarded as the weakest link in cybersecurity. This is due to the fact that human error, such as falling for phishing schemes or using weak passwords, can expose systems to cyberattacks.

People/human are also the strongest link because they are the greatest defense in the realm of cybersecurity; they establish and implement security policies, monitor systems for threats, and respond to security problems (Meaning you cant do without people in Cybersecurity)

The majority of people who disregard security protocol are not doing so deliberately; rather, they lack the necessary training or understanding of the importance of their actions. Effective training, education and test can assist reduce the risk of human error and improve an organization's overall security posture.

Employee testing following cybersecurity training is a vital aspect of ensuring that employees have the necessary knowledge and abilities to secure the organization's systems and data from cyber threats. Knowledge assessments, phishing simulators, scenario-based exercises, role-playing exercises, and continuous monitoring are examples of varied testing methods(WHICH OF THESE HAVE YOU TRIED?)

Pillar 2: Process

An organization's response to security threats and incidents is governed by the policies, procedures, and guidelines that make up its cybersecurity processes. Good processes guarantee that security is a top concern at all organizational levels and that there are precise instructions for how to handle security events. Organizations may identify areas for improvement and make sure their cybersecurity processes are current and efficient by conducting regular security audits and risk assessments.

ARE CYBERSECURITY PROCESSES DOCUMENTED?

OF COURSE THEY ARE!!!

WHY?

Documenting cybersecurity processes is important because it ensures that everyone involved in protecting the organization's systems and data is on the same page and following uniform procedures. Also, it makes it simpler to find and fix any security posture gaps or weaknesses within the firm.

To make sure that cybersecurity processes are effective and current with the most recent threats and security best practices, it is crucial to continuously examine and update them in addition to documenting them. The organization's security posture may be maintained over time by using this continual evaluation process to spot areas that need improvement.

(Don't worry, we'll go into cybersecurity policies in greater detail in a later post. REMAIN SUBSCRIBED!)

Pillar 3: Technology

Technology is a crucial element of cybersecurity because it offers the infrastructure and capabilities required to defend systems and data from online threats. This is where logical security comes into play. Variety of techniques and technology are used to assist protect against, identify, and react to recognized threats.

Firewalls, intrusion detection systems, encryption, and other security tools fall under this category. But, cybersecurity cannot be ensured just by technology. To guarantee that it is used successfully and that security policy are correctly applied, technology must be reinforced by people and processes.

Ultimately, for good cybersecurity, the interaction between people, process, and technology is essential. To build a solid security posture that shields systems and data from cyber threats, all three components must cooperate.

"Human error is the biggest security vulnerability."

David Kim

1.2 Review Questions

  1. Which of the cybersecurity pillars does Wireshark belong to?

  2. Which of the cybersecurity pillars does password management policy belong?

  3. Research: _________ under the U.S. Commerce Department has developed the Cybersecurity Framework for private-sector companies to use as a guide in creating their own best practices

Cybersec Shell

Part 18 of 20

Welcome to Cyber Shell! Explore cybersecurity resources, including courses and certifications, tailored to all experience levels. Stay updated with the latest trends, and explore opportunities to advance your skills and career. Thanks for visiting!

Up next

Cybersec Base #002: What is Cybersecurity?| Definition and its Importance

To access Hallowe supermarket, you must put all your valuables in a safe (Everyone has had this experience, especially when going to a bank or a sensitive meeting requiring more protection). The safe at Hallowe is always guarded to prevent anyone fro...

More from this blog

C

Cyvally

26 posts

Cyvally is a blog offering interesting content on everything cybersecurity, with practical tutorials, best practices, and career guidance for beginners and professionals.