Cybersecurity Architecture: Five Principles to Follow (and One to Avoid)
HTML-код
- Опубликовано: 28 май 2024
- IBM Security QRadar EDR : ibm.biz/Bdyd7k
IBM Security X-Force Threat Intelligence Index 2023: ibm.biz/Bdyd76
This ten part video series is based on a 400 level class on Enterprise Cybersecurity Architecture taught by Jeff "the Security Guy" Crume at a local university. He'll begin by explaining the foundational principles of cybersecurity - five that are best practices and one that's just the opposite. The subsequent episodes will look at the various domains that apply to a well-designed security architecture. Be sure to subscribe so you'll get notified of the next video!
Get started for free on IBM Cloud → ibm.biz/ibm-cloud-sign-up
Subscribe to see more videos like this in the future → ibm.biz/subscribe-now
#AI #Software #ITModernization #Cybersecurity #QRadar #JeffCrume #ibm
Chapters
00:00 Principles Introduction
01:05 Defense in Depth
04:20 Least Privilege
07:55 Separation of Duties
09:50 Secure by Design
12:15 Keep It Simple, Stupid (KISS)
14:43 Security by Obscurity
I completed IBM's Cybersecurity Analyst course and got my certificate, I'm here to refine my knowledge before applying a CS architect job
Excellent! Good luck to you in your learning journey!
This channel is so underrated
I’m glad you are finding value in it!
I like the clarity in these lectures this is the best
Learned a lot from them.
Highly underrated
10 / 10 conceptually, but I wish they would dive into some code every once in a while
I highly recommend this for anyone who is pursuing Cybersecurity at a total beginner level like myself. I’m watching these along with my IBM Cybersecurity Analyst Cert course, and it’s really helped me understand concepts that were so over my head at first. Really appreciate it!
I appreciate your watching and giving such great feedback!
You do a great job of explaining these fundamental concepts.
Man-in-the-middle attack! A wise man once said, learn something everyday, even if its something small. Thank you for teaching me something today...I just considered getting my certificate in cyber security and i'm starting this journey very soon!!! GREAT VIDEO
That’s great advice about learning something new every day! Glad I could help
Thank you for this. Looking forward to more in the future!
Thank you Jeff, IBM for giving me this topic free.
You are most welcome!
Thanks for making it easy to understand the main principles of security solutions and technologies we sell to our customers.
You’re very welcome and thank you for watching!
Thank you for such a wonderful lecture series. I learned a lot.
The best masterclass on overall security. Crystal clear concept and razor sharp analysis.. I enjoyed and learned a lot.
can agree no more. It's so great that you've got all my words when I was just about to text the Professor some same positive comments and attributes as token of personal thanks... My immediate impression on him is naturally simple: he is really a good teacher!!!
I can’t tell you how much feedback like this means to me!
Great video! Very clear explanation, thank you :)
I learned a lot from the cybersecurity 10 videos series, I was always fascinated with security and this serie was water-satisfying... Particulary a value among many values that I learned is these fundamentals from the first video, that we should put multiple lines of defense and not rely on one defense to avoid the one single point of failure, another one is that complexity is the enemy of security, that one was very intresting to me... All the practices that you noted we should avoid and best practices that you propone are very valuable. Thank you very much!!
You learned the lessons well!
Thank you so much for these 10-part series. I included the videos as study materials for my ISC2 Certified in Cybersecurity exam (I'm a newbie in Cybersecurity), and I'm glad to say i passed. Your explanations made the topics and concepts so easy to understand. Thank you!!!!
Wow! Congratulations on that! I’m so glad to hear that these videos helped!
Same here. I'm currently listening to it while preparing for my ISC2 exam.
Super stuff and thanks for the great presentation. Simple and concise.
IBM having many great learning videos, thanks.
Thanks a lot for these lessons. They really make things quite clear fundamentally. Thanks a lot.
You are most welcome!
Really Thank you for sharing the knowledge.
Hey Jeff, given the high demand for cybersecurity would you be so kind to give a roadmap of how to get into cybersecurity - the certifications etc from beginner to master. I'm definitely gonna hop on this series as the videos come out.
Hi Seetsa. Here's an attempt at that: ruclips.net/video/4CuXNs6SboU/видео.html
IBM and Google are my most favourites.
Thank you :)
I have to say, this has gotta be one of the best cybersec vdos out there when it comes to architecture plays, very few vendors like Cisco, Palo Alto and IBM can actually boast an end-to-end cybersec strategy and Jeff you have done a fantastic job laying it out, keep those vdos coming!
Thank you so very much for all the kind words! I really appreciate it!
This is gold, thank you very much! looking forward for the rest of the series!!
Thanks for the encouraging feedback!
found your lecture very easy to follow and digest the concepts and ideas
I’m so glad to hear that!
simply superb
Thank you!
I wore an NC State Wolfpack tee-shirt when I was around 9, 10 and 11. I turned 18 then officially wore the Hokie tee-shirts and sweatshirts 😁 😏, but I still love my Wolfpack tee 😊. Very informative and well explained video. Thanks for posting. 👍🏼👍🏼👌🏽
Go Pack!!! 😊
Thank you won't be enough to show our gratitude for the content ❤
Looking forward to the next video in this series
Your kind comments are more than enough! Thank you!
Cheers, summarised and ppted in 5 seconds.
Excellent content and neat, simple and clearly presented
God bless you for sharing this!!
I remember someone who was so confident of his security arrangement that he posted his Social Security Number on billboards. It didn't end well...
A predictable outcome 😂
Great video, very comprehensive
Million dollar knowledge, 🙏
Great series, learned a lot. Thank you.
Got a motivation to learn Cybersecurity through this video... Excellent presentation.
I've watched all 10 videos - very good - lots of pointers for following up on. Thank you.
Thank you for watching!
I have been searching for this for a long time. You just said what I was looking for. Thank you very much!
I love it! Glad I could help
really simply explained, I'm impressed
Thank you!
Thanks for thoose basics delivery. Will continue on with other Subjs of Your track in further videos. Shaking Your hand 🤝
Thanks for the virtual handshake! 🤝
Great explanation
Thanks!
Wow! this is so amazing. You have simplified this information so well, especially for someone like me who is pursuing a career in cybersecurity. currently preparing for my ISC2 cc Certification.
I’m so glad you liked it! Best of luck on your certification pursuit!
Thanks ❤
Awesome explaination.
Outstanding sir. Excellent video brother!
Thanks so much!
Pretty clear explanations and examples. love it!
so glad to hear it!
Totally enjoyed this primer on Cybersecurity. The explanation and use of visuals were informative.
Thanks so much!
Good stuff. Thanks
many thanks of IBM for great information sharing. this series were fantastic too.
Many thanks to you for watching!
Great lecture series. Thank you so much. 🙏👏👏👏
Thank you for watching!
Thanks a lot.
Thanks a lot, Jeff!
My pleasure!
Great video.
Loved the video. SImple, but quite insightful. Please keep making videos on Cyber security.
Thanks for saying so!
Excellent!
Thank you for the great presentation and knowledge sharing.
Thank you for watching!
great infomation
I love ❤️❤️❤️ these Videos. Thank you so much IBM. Please keep them coming.
@abuwilliams7228 thanks so much for watching and for the great feedback!
Great explanation, wonderful summarization, and perfect delivery. Your work here is very appreciated sir. Thank you very much.
Thanks so much for saying! And your viewing is very much appreciated as well!
Sir. I must salute you in a standing position. I mean I don't have words to praise you. Just watched your first video and I subscribed. Now watch the second video. Your way of communicating cyber security is so simple and easy to understand that this is as it should be.
You’re very kind to say so! I love making these videos and the payoff is reading comments like yours that make the effort all worthwhile!
Amazing job, Prof!
Thanks so much @chiedozieHez!
Awesome content perfectly crafted! ❤ And No exams! 😂🎉
No exams for me to have to grade too! Win-win!!! 😊
Ty!
It's been years since I found learning enjoyable and thank you sir for creating such a great video.
Your comment made my day. Thank you!
Very good
Thanks for sharing this nice demonstration. It is very rich in relevant information . As a beginner, it hepled me to understand good thigs.
You’re very welcome!
amazing content
Thank you!
Hi, nice vid. IMHO one principle was missing. "Secure by default"
Great point!
thanks
Welcome
Thia channel is underrated
Thanks for saying so!
very good video
Thanks!
Great information! Thank you. Is there a transcript that can be downloaded?
Yes, click into the description and scroll down and you will find a link to the transcript. This should be the case for all the videos we do on the channel
COOL👍🏾😎
Would you organize the playlist of " Cybersecurity " for easy access
As I pointed out the ultimate security in all levels are in the language of security firewalls from one point till end
What about zero trust? Could that be one of the principles?
How would you modify for a modern “data open by default” stance, where you want to encourage filesharing and collaboration across disciplines (only lock read on data and files internally with privacy rule)? How does read all line up with least privilege?
It all depends upon the value and sensitivity of the data. For some, just ensuring that it isn’t tampered with by making it read only is fine but for others we may need much tighter controls. More on this in the Data Security video later in the series…
Greetings Professor, how do see security from a monolithic archicteture as different from a hybrid cloud archicteture? How does do you see DevSecOps and zero trust as necessary cybersecurity skill set for the Enterprise needs?
Thanks for this video. How do you ensure that the public key is unique to the user ? If i change my computer, how retain my private key ?
How do you ensure ia cannot find the private key associated with public one, if mathematically associated ?
There are a number of ways to handle this depending on the level of security you need. The easiest is to use an encrypted cloud sync service. Another is to have the keys stored in removable hardware that is tamper resistant. In some cases, you may just decide to have different keys for different devices. All depends on the needs of the particular use case
I am a lot more worried about AI "response" poisoning than I am about data poisoning ... Remember Schumer, Schiff and the Department of Truth?
Hi how can I start my career in cyber security
Can anyone please suggest how should I start
Do you need to know a programming language to use cyber security fully?
No. There are plenty of jobs in cybersecurity that don’t involve coding.
Goodjob sir. Can we use https instead of http :)
Please do!
Can someone help me with the tool he's using for creating this video, how is he marking and doing it in front ?
Sure, search the channel for “how we make them” and you’ll see me in a video explaining
Can I get a copy of the PowerPoint slides please.
❤❤❤
How they reached there with the encryption key is software developed which then clears the encryption into legit reading😊
❤
Can verification by other my device be an example duty sep????i mean credit cards verification
Typically we think of SOD as involving multiple people whereas what I think you are describing is more like multi-factor authentication, if I’m understanding your comment
hi i am a CS graduate but have a very little about cybersecurity. I want to start the career but it seems like it's a very vast field with multiple paths. Can anyone please guide me where to start. I am also planning to apply for erasmus mundus scholarship for master program in cybersecurity. What should I have to ace this scholarship?
🥳👍
🙏🙏🙏🙏🙏❤
Showing off those lefty superpowers.
Ha! If only, I could. Search in the channel for the video I did on “how we make them” and you’ll find out I’m actually not a lefty … 😊
i love agry dog)
@4;10 you said,, the user is also responsible for security. I beg the difference. The user is NOT responsible for security. It is the job of the designer and implementor. For example: I'm a user who can access to my bank account via a bank portal. No one holds me responsible for security of the website.
I understand you point but would say that you as a user still bear some of the responsibility such as to pick a good password and not share it. Security is the responsibility of everyone to various degrees
Yeah dont be stupid and make simple passwords or leave all your SPII or PII accessible lol
The user is totally responsible for security,
In a workplace environment staff must understand their responsibilities to ensure data is protected using a cyber hygiene approach.
Since the human is the weakest link in the chain, the end user can be vulnerable therefore annual training should be in place for staff to understand the importance of security and what to be aware of and how they can help defend.
Everyone has a part to play to defend.
This is the type of mindset that would get the whole org in trouble.
Are you drunk? Your bank will never pay you if they hijack your login. Don’t lock your door, the government is responsible for your security. 😂
Tell IBM to start making laptops.
I cannot say how good excited I am feeling knowing now what I know to create something wonderful simple for everyday consumers
Why can't my text book explain it like this!
I had the same reaction back in the days when I was a student. Now that I’m teaching, I’m trying to take a different approach
Hi I'm Ariful Islam leeton im software developer and Students connect cyber security
Yet everything is being attacked it means enemies within and some crazed fixated lowlife obsessors on individuals creating havoc control decimation of their lives. Therefore ultimately security in consumers hands I figured this long time back as bastard obsessor kept moving with me wherever i went, neither the bastard as such has hole to face me or has any interest except block my life and with abuse horrific ones that too
The video was a mish mash of best practices, tools, process, some architecture and people responsibility
Disappointing
what an idiotic way of teaching cybersecurity. the vast majority do not understand how the OSI model works, they just rely on software to help them find out things. the damn thing is called firewall. using all these acronyms does not make this teacher and other that smart.