A vulnerability is a weakness in the design, implementation, operation, or internal control of a computer or system. Most of the vulnerabilities that have been discovered are documented in the Common Vulnerability and Exposures (CVE) database. An exploitable vulnerability is one for which at least one working attack or exploit exists. Vulnerabilities can be researched, reverse-engineered, hunted, or exploited using automated tools or customized script.

To manage the information security culture, five steps should be taken: pre-evaluation, strategic planning, operative planning, implementation, and post-evaluation.

  • Pre-evaluation: To identify the awareness of information security within employees and to analyze the current security policies.
  • Strategic planning: To come up with a better awareness program, clear targets need to be set. Assembling a team of skilled professionals is helpful to achieve it.
  • Operative planning: A good security culture can be established based on internal communication, management buy-in, security awareness and a training program.
  • Implementation: Four stages should be used to implement the information security culture. They are:
  1. Commitment of the management
  2. Communication with organizational members
  3. Courses for all organizational members
  4. Commitment of the employees
  • Post-evaluation: To assess the success of the planning and implementation, and to identify unresolved areas of concern.

What you’ll learn here is..

  • Summarize the main purpose of cyber security as a discipline
  • Summarize the basics of identification and authentication in cyber security
  • Explain the pros and cons of security through obscurity
  • Develop a lifelong learning plan for potential careers in cyber security