Cybersecurity Compliance Frameworks

/ bugejajoseph / Leave a comment
Photo by Markus Winkler on Pexels.com

Cybersecurity is a top priority for businesses of all sizes. Cybersecurity compliance frameworks offer a structured approach to managing cybersecurity risks, improving overall security posture, and potentially meeting regulatory requirements.

Here is a summary of some of the most popular frameworks:

  • NIST Cybersecurity Framework (CSF): Developed by the National Institute of Standards and Technology (NIST), the NIST CSF is a voluntary framework that emphasizes six core functions: Govern, Identify, Protect, Detect, Respond, and Recover. It provides a flexible and customizable approach that can be adapted to any organization’s specific needs. (https://www.nist.gov/cyberframework)
  • PCI DSS (Payment Card Industry Data Security Standard): This mandatory framework is enforced by the PCI Security Standards Council (PCI SSC) and applies to any organization that processes, stores or transmits cardholder data. It comprises a set of 12 core requirements, which are organized into six key control objectives. (https://www.pcisecuritystandards.org/)
  • HITRUST CSF (Health Information Trust Alliance Common Security Framework): Built on the NIST CSF foundation, HITRUST CSF specifically addresses the security needs of the healthcare industry. However, its applicability extends beyond healthcare. It incorporates HIPAA (Health Insurance Portability and Accountability Act) compliance requirements, making it a valuable tool for healthcare organizations. (https://hitrustalliance.net/hitrust-framework)
  • CIS Critical Security Controls (CIS Controls): Developed by the Center for Internet Security (CIS), CIS Controls are a prioritized set of actionable recommendations that address the most common cyber threats. Implementing these controls can significantly reduce risk and improve an organization’s overall security posture. (https://www.cisecurity.org/)
  • COBIT (Control Objectives for Information and Related Technology): This framework, developed by ISACA (Information Systems Audit and Control Association), focuses on aligning IT governance with business objectives. It provides a comprehensive framework for managing IT processes, ensuring alignment with strategic goals. (https://www.isaca.org/resources/cobit)
  • ISO 27001 (International Organization for Standardization): ISO 27001 is an internationally recognized standard that outlines the requirements for an Information Security Management System (ISMS). ISMS is a risk-based approach to managing an organization’s information security. Achieving ISO 27001 certification demonstrates that an organization has implemented best practices for information security and that its information assets are protected. (https://www.iso.org/standard/27001)

The best framework for your organization depends on several factors, including your industry, size, regulatory requirements, and security goals. Some organizations may benefit from implementing a single framework, while others may need to adopt a combination of frameworks to address their specific needs. By understanding and implementing a relevant cybersecurity compliance framework, your organization can significantly improve its security posture, reduce the risk of cyberattacks, and potentially achieve regulatory compliance.

ResearchRabbit: Unveiling Scholarly Connections with AI

/ bugejajoseph / Leave a comment

The ever-growing volume of scholarly publications necessitates innovative approaches to literature exploration. ResearchRabbit, a free online “citation-based literature mapping tool”, has emerged as a promising solution by leveraging citation network analysis and visualization maps. Users initiate the process by feeding the tool a select few seed publications relevant to their research topic. ResearchRabbit then analyzes the reference lists of these seed articles, employing a combination of citation networks and proprietary algorithms to identify similar publications.

These publication recommendations are presented as two distinct visualization maps: network view and timeline view. The network view allows users to explore connections between publications, pinpointing potentially valuable sources that traditional keyword-based searches might miss. Within the network view, users can further refine their exploration by filtering for earlier, later, or similar works based on citations and the tool’s algorithms. The timeline view offers a complementary perspective, plotting publications by year to illustrate the historical development of research within the field.

Exploring the Scholarly Landscape: Generative AI and Cyber security Literature with ResearchRabbit.

This visualization approach offers a distinct advantage over traditional search methods like when using Google Scholar. By visually depicting connections between publications and authors, ResearchRabbit empowers researchers to grasp the broader context of their field and identify seminal works that have shaped current research trends. While limitations exist, such as the initial learning curve associated with the tool’s various functionalities, ResearchRabbit offers a valuable addition to the modern researcher’s toolkit. This AI-powered tool can significantly streamline the literature review process and enhance research efficiency by fostering a deeper understanding of the scholarly landscape.

Bibliography:

Cole V, Boutet M. ResearchRabbit. J Can Health Libr Assoc. 2023 Aug 1;44(2):43–7. doi: 10.29173/jchla29699. PMCID: PMC10403115.

Delving into the RSA Cryptosystem and Beyond

/ bugejajoseph / Leave a comment

In my recent lectures (10 and 11) on Applied Cryptography, I delved into Public Key Cryptography (PKC) with a particular emphasis on the RSA cryptosystem. Initiating with an examination of fundamental number theory, I introduced essential components such as the Extended Euclidean Algorithm, Euler’s Totient Function, and Fermat’s Little Theorem. Utilizing the whiteboard, I also explained through simple examples the Miller-Rabin primality test and the Square and Multiply algorithm.

Building upon this foundation, I then delved into the RSA cryptosystem and why and how it works. In a practical application, I leveraged the Python’s PyCryptodome library to demonstrate RSA encryption, incorporating also the Optimal Asymmetric Encryption Padding (OAEP) for secure session key exchange with AES. Close to the end of lecture, I also harnessed the power of SageMath to delve into mathematical attacks on RSA. 

In my upcoming lecture, I will introduce also Elliptic Curve Cryptography (ECC). ECC is an alternative to the RSA. It is based on a different trapdoor one-way function than RSA, and is used for digital signatures in cryptocurrencies, as well as one-way encryption of emails, data and software. While the RSA key generation involves the selection of two large prime numbers, ECC key generation essentially involves choosing a random elliptic curve over a finite field. 

If you have a project or initiative you would like to collaborate on, or if there is a specific area where our expertise aligns, do not hesitate to get in touch.

Safeguarding the Future: My IoT Security Lecture at Lund University

/ bugejajoseph / Leave a comment

Last Thursday, I had the honor of delivering an online lecture at Lund University, focusing on IoT security. The lecture addressed the core threats targeting IoT systems and the essential security measures to protect these devices from potential harm. In an increasingly interconnected world, the critical role of IoT security cannot be overstated.

As we continue to witness the exponential growth of IoT devices, it is crucial to prioritize security measures. The potential consequences of a security breach can be catastrophic, and we must remain vigilant in safeguarding our digital assets.

It is always a pleasure to share my expertise and insights on cybersecurity and IoT to guide the next-generation. I appreciate the opportunity and eagerly await what the future has in store.

My First Lecture at the University of Malta

/ bugejajoseph / Leave a comment
Snapshot of the title slide captured prior to the lesson.

I initiated the Applied Cryptography course at the University of Malta on Monday evening. As a cyber security professional and academic with a strong commitment to the field of information security, I am genuinely excited to be leading this specialized academic course this year.

Throughout the introductory lecture, I delved into the foundational concepts of cryptology, emphasizing its profound relevance within contemporary security applications. The pedagogical discourse traversed a diverse spectrum of topics, encompassing cryptographic mechanisms, the examination of classical substitution ciphers and their formal representations, a concise introduction to cryptanalysis, and more.

I am excited to be a part of this journey and look forward to the next lecture in this course on Monday!

The Evolution of Cybersecurity: NIST Cybersecurity Framework 2.0

/ bugejajoseph / Leave a comment
Photo by Tima Miroshnichenko on Pexels.com

The National Institute of Standards and Technology (NIST) reached a significant milestone on August 8, 2023, with the release of the draft for NIST Cybersecurity Framework (CSF) 2.0. This step marks a positive advancement since its inception in 2014. The CSF is a cornerstone in reducing cybersecurity risks, offering comprehensive guidance to organizations in comprehending, evaluating, prioritizing, and communicating these risks, along with actionable measures to mitigate them.

CSF 2.0 extends its influence, delivering invaluable cybersecurity insights to organizations of diverse sizes and industries. A pivotal change is evident in the revised title, which omits the term “Critical Infrastructure” (previously named “Framework for Improving Critical Infrastructure Cybersecurity”), highlighting its broader applicability.

At the core of CSF 2.0 lies an intensified emphasis on the indispensable role of governance in the realm of cybersecurity. Acknowledging its foundational significance, strong governance emerges as the bedrock of an effective cybersecurity program. By positioning governance as the cornerstone, the framework guides organizations in steering the other five functions—identify, protect, detect, respond, and recover—aligned with their mission and stakeholder expectations.

A compelling highlight of the draft pertains to the criticality of supply chain risk management. It underscores the imperative need for holistic risk management programs that address the vulnerabilities associated with suppliers. Additionally, a clarion call for proactive third-party risk monitoring resonates throughout the document, underscoring the importance of a vigilant stance.

In an era characterized by dynamic cyber threats, the adoption of advanced frameworks becomes an inescapable imperative. The integration of NIST CSF 2.0 into our strategic cybersecurity approach is paramount. Furthermore, forging alliances with industry leaders amplifies our collective efforts in fortifying our digital defenses against the ceaselessly evolving landscape of digital threats.

In conclusion, NIST Cybersecurity Framework 2.0 signifies a monumental stride towards bolstering our digital resilience. By embracing its principles and fostering collaborative partnerships, we equip ourselves to navigate the complex challenges posed by the digital age.

Read more here: https://www.nist.gov/news-events/news/2023/08/nist-drafts-major-update-its-widely-used-cybersecurity-framework

Data Security and Privacy in the Era of Floating Homes

/ bugejajoseph / Leave a comment
Image source: https://reinaboats.com/reinaboats/reina-mini-t24

Slightly over a year ago, I mentioned Ocean Builders’ innovative living pods and how they are using smart home technologies in their vessels. Now, a new contender, Reina, takes the stage. Reina’s flagship yacht home model, the luxurious Reina Live L44DR, showcases not only lavishness but enhanced comfort and convenience also by incorporating smart home functionalities (smart TV, smart speakers, etc.).

The transition from a fixed abode to a mobile dwelling incites inquiry. Can a floating home offer a higher degree of security and privacy compared to its stationary counterpart? Do the potential challenges of connectivity experienced within the realm of floating homes share similarities with those encountered in the context of connected cars and trucks? Beyond concerns about location privacy, the intricate facets of this discourse warrant scholarly exploration, as the enduring appeal of these aquatic residences persists. This theme was also briefly addressed in one of the recent conferences at which I presented.

Tips for Excelling in Your Ph.D. Defense

/ bugejajoseph / Leave a comment
Photo by Lukas on Pexels.com

As you embark on the final leg of your academic journey, the Ph.D. defense stands as a pivotal milestone. This defining moment offers you the chance to present your research to a panel of esteemed experts and vigorously defend your work against their probing inquiries. Successfully conquering your defense will culminate in the grand achievement of being awarded your Ph.D. degree.

Drawing from my own personal experience, where I defended my thesis now over two years ago, I am eager to share with you some tips on how to prepare for your own Ph.D. defense:

  1. Embrace an intimate familiarity with your thesis: Your thesis should become ingrained in your mind. Be ready to elucidate your research questions, methods, findings, and conclusions with utmost precision and detail.
  2. Rehearse your presentation relentlessly: Practice makes perfect, as they say. Take advantage of a mirror, or better yet, enlist the support of a trusted friend or family member as your audience. This exercise will help you become comfortable with your material and identify areas that may require improvement.
  3. Anticipate the inevitable: Ponder the possible questions your opponent, examiner, committee members, and perhaps the invited audience might pose. Consider the strengths and weaknesses of your research, as well as the broader implications of your findings. Equip yourself with clear and concise answers to address these questions with confidence.
  4. Attend other Ph.D. defenses: Make an effort to attend other Ph.D. defenses within your department or university. Observing how fellow students defend their work offers invaluable insights into different presentation styles, strategies for handling questions, and a broader perspective on the defense process.

By incorporating these tips into your preparation regimen, you can enhance your chances of a triumphant Ph.D. defense. With meticulous groundwork, you are poised to confidently defend your work and emerge triumphant in your Ph.D. defense.

The Diamond Model of Intrusion Analysis

/ bugejajoseph / Leave a comment
Photo by Michael Morse on Pexels.com

In the world of cyber security, effectively processing data and turning it into actionable intelligence is crucial. While the Cyber Kill Chain® and the MITRE ATT&CK Framework are commonly used methodologies, there is perhaps a lesser-known alternative called the Diamond Model of Intrusion Analysis. Developed in 2013 by renowned cyber security professionals, Sergio Caltagirone, Andrew Pendergast, and Christopher Betz, this model is an indispensable resource for cyber security professionals. It offers a simple yet powerful way to analyze and document intrusion incidents.

The Diamond Model is composed of four features: adversary, infrastructure, capability, and victim. The adversary represents individuals, groups, or organizations that exploit vulnerabilities to achieve their goals. Capability encompasses the tools, techniques, and methods used by adversaries, while infrastructure refers to communication systems like IP addresses and domain names. Victims can be individuals, organizations, or specific assets such as target email addresses. In addition, it delineates supplementary meta-features that bolster higher-level constructs, while also incorporating measurement, testability, and repeatability to deliver a more encompassing scientific approach to analysis.

Despite its unassuming appearance, the Diamond Model possesses the ability to swiftly navigate intricate and multifaceted details. The dynamics of a threat actor exist in a perpetual state of flux, as attackers continuously modify their infrastructure and capabilities. Moreover, when integrated with the Cyber Kill Chain® and other frameworks, it contributes to the establishment of a comprehensive cyber security framework. This integration facilitates a deeper understanding of threats and strengthens incident response capabilities, empowering a more proactive defense posture.

An example of using the Diamond Model in practice is found here.

Realizing the Potential of Machine Learning with Python Libraries

/ bugejajoseph / Leave a comment
Photo by Pixabay on Pexels.com

In the realm of data science, machine learning stands out as a powerful approach to problem-solving by harnessing the potential of data. Unlike traditional programming, where solutions are explicitly defined, machine learning involves enabling computers to learn and find solutions autonomously. This article will focus on the pivotal role of machine learning libraries in Python, highlighting their significance in creating and training machine learning models for a variety of applications.

Python offers a plethora of libraries dedicated to machine learning, each with its own unique strengths and capabilities. These libraries have been instrumental in shaping my journey as a researcher, enabling me to unlock valuable insights and make data-driven decisions. Alongside a team of skilled researchers, I have had the privilege of utilizing various libraries, with Scikit-learn playing a particularly vital role in our work.

Scikit-learn, built on top of the powerful NumPy and SciPy libraries, has been an invaluable asset in our machine learning endeavors. Its vast collection of classes and functions provides a solid foundation for implementing traditional machine learning algorithms. From classification and regression to clustering and dimensionality reduction, Scikit-learn has been our go-to library for a wide range of tasks.

However, the power of machine learning extends beyond our research endeavors. As we explored earlier in our blog series, machine learning has proven to be an indispensable tool for threat hunting. By leveraging the capabilities of machine learning libraries, organizations can effectively detect and combat cyber threats, enhancing their security posture and safeguarding sensitive data.

Now, let us delve into some of the popular machine learning libraries that have significantly improved the field:

  1. TensorFlow: Renowned as a leading framework in deep learning, TensorFlow enables the resolution of intricate problems by defining data transformation layers and fine-tuning them iteratively. Its extensive ecosystem and diverse set of tools make it a preferred choice for constructing and training sophisticated deep learning models.
  2. PyTorch: Positioned as a robust and production-ready machine learning library that has garnered significant recognition, PyTorch excels in addressing complex deep learning challenges by harnessing the computational power of GPUs. Its dynamic computational graph and intuitive interface make PyTorch a preferred choice for flexible and efficient model development.
  3. Keras: Renowned for its user-friendly interface and high-level abstractions, Keras simplifies the development of neural networks. Its seamless integration with TensorFlow enables rapid prototyping and deployment of deep learning models.

These machine learning libraries—Scikit-learn, TensorFlow, Keras, and PyTorch—play an indispensable role in unlocking the predictive potential of data and driving innovation across diverse domains.

In summary, Python’s rich ecosystem of machine learning libraries are powerful tools for building, training, and deploying machine learning models. Through my own usage and exploration, I have found these libraries to be incredibly helpful, with Scikit-learn being particularly influential in my work. Furthermore, the impact of machine learning extends to critical domains such as threat hunting and cyber security, empowering organizations to proactively address emerging threats and safeguard their valuable assets.