Cybersecurity Architecture: Five Principles to Follow (and One to Avoid)
ฝัง
- เผยแพร่เมื่อ 19 มิ.ย. 2024
- IBM Security QRadar EDR : ibm.biz/Bdyd7k
IBM Security X-Force Threat Intelligence Index 2023: ibm.biz/Bdyd76
This ten part video series is based on a 400 level class on Enterprise Cybersecurity Architecture taught by Jeff "the Security Guy" Crume at a local university. He'll begin by explaining the foundational principles of cybersecurity - five that are best practices and one that's just the opposite. The subsequent episodes will look at the various domains that apply to a well-designed security architecture. Be sure to subscribe so you'll get notified of the next video!
Get started for free on IBM Cloud → ibm.biz/ibm-cloud-sign-up
Subscribe to see more videos like this in the future → ibm.biz/subscribe-now
#AI #Software #ITModernization #Cybersecurity #QRadar #JeffCrume #ibm
Chapters
00:00 Principles Introduction
01:05 Defense in Depth
04:20 Least Privilege
07:55 Separation of Duties
09:50 Secure by Design
12:15 Keep It Simple, Stupid (KISS)
14:43 Security by Obscurity
I completed IBM's Cybersecurity Analyst course and got my certificate, I'm here to refine my knowledge before applying a CS architect job
Excellent! Good luck to you in your learning journey!
This channel is so underrated
I’m glad you are finding value in it!
I like the clarity in these lectures this is the best
Learned a lot from them.
Highly underrated
10 / 10 conceptually, but I wish they would dive into some code every once in a while
You do a great job of explaining these fundamental concepts.
Thank you for this. Looking forward to more in the future!
I learned a lot from the cybersecurity 10 videos series, I was always fascinated with security and this serie was water-satisfying... Particulary a value among many values that I learned is these fundamentals from the first video, that we should put multiple lines of defense and not rely on one defense to avoid the one single point of failure, another one is that complexity is the enemy of security, that one was very intresting to me... All the practices that you noted we should avoid and best practices that you propone are very valuable. Thank you very much!!
You learned the lessons well!
I highly recommend this for anyone who is pursuing Cybersecurity at a total beginner level like myself. I’m watching these along with my IBM Cybersecurity Analyst Cert course, and it’s really helped me understand concepts that were so over my head at first. Really appreciate it!
I appreciate your watching and giving such great feedback!
Super stuff and thanks for the great presentation. Simple and concise.
Thank you won't be enough to show our gratitude for the content ❤
Looking forward to the next video in this series
Your kind comments are more than enough! Thank you!
Great video! Very clear explanation, thank you :)
Really Thank you for sharing the knowledge.
I have to say, this has gotta be one of the best cybersec vdos out there when it comes to architecture plays, very few vendors like Cisco, Palo Alto and IBM can actually boast an end-to-end cybersec strategy and Jeff you have done a fantastic job laying it out, keep those vdos coming!
Thank you so very much for all the kind words! I really appreciate it!
This is gold, thank you very much! looking forward for the rest of the series!!
Thanks for the encouraging feedback!
God bless you for sharing this!!
Thank you for such a wonderful lecture series. I learned a lot.
Excellent content and neat, simple and clearly presented
I have been searching for this for a long time. You just said what I was looking for. Thank you very much!
I love it! Glad I could help
Cheers, summarised and ppted in 5 seconds.
Thanks for thoose basics delivery. Will continue on with other Subjs of Your track in further videos. Shaking Your hand 🤝
Thanks for the virtual handshake! 🤝
Great series, learned a lot. Thank you.
Got a motivation to learn Cybersecurity through this video... Excellent presentation.
Great video, very comprehensive
I've watched all 10 videos - very good - lots of pointers for following up on. Thank you.
Thank you for watching!
IBM having many great learning videos, thanks.
Hey Jeff, given the high demand for cybersecurity would you be so kind to give a roadmap of how to get into cybersecurity - the certifications etc from beginner to master. I'm definitely gonna hop on this series as the videos come out.
Hi Seetsa. Here's an attempt at that: th-cam.com/video/4CuXNs6SboU/w-d-xo.html
Thanks a lot for these lessons. They really make things quite clear fundamentally. Thanks a lot.
You are most welcome!
many thanks of IBM for great information sharing. this series were fantastic too.
Many thanks to you for watching!
Wow! this is so amazing. You have simplified this information so well, especially for someone like me who is pursuing a career in cybersecurity. currently preparing for my ISC2 cc Certification.
I’m so glad you liked it! Best of luck on your certification pursuit!
Totally enjoyed this primer on Cybersecurity. The explanation and use of visuals were informative.
Thanks so much!
found your lecture very easy to follow and digest the concepts and ideas
I’m so glad to hear that!
Thank you Jeff, IBM for giving me this topic free.
You are most welcome!
Sir. I must salute you in a standing position. I mean I don't have words to praise you. Just watched your first video and I subscribed. Now watch the second video. Your way of communicating cyber security is so simple and easy to understand that this is as it should be.
You’re very kind to say so! I love making these videos and the payoff is reading comments like yours that make the effort all worthwhile!
Thanks for making it easy to understand the main principles of security solutions and technologies we sell to our customers.
You’re very welcome and thank you for watching!
Thank you so much for these 10-part series. I included the videos as study materials for my ISC2 Certified in Cybersecurity exam (I'm a newbie in Cybersecurity), and I'm glad to say i passed. Your explanations made the topics and concepts so easy to understand. Thank you!!!!
Wow! Congratulations on that! I’m so glad to hear that these videos helped!
Same here. I'm currently listening to it while preparing for my ISC2 exam.
Thank you :)
I love ❤️❤️❤️ these Videos. Thank you so much IBM. Please keep them coming.
@abuwilliams7228 thanks so much for watching and for the great feedback!
Pretty clear explanations and examples. love it!
so glad to hear it!
Great lecture series. Thank you so much. 🙏👏👏👏
Thank you for watching!
Great explanation, wonderful summarization, and perfect delivery. Your work here is very appreciated sir. Thank you very much.
Thanks so much for saying! And your viewing is very much appreciated as well!
Loved the video. SImple, but quite insightful. Please keep making videos on Cyber security.
Thanks for saying so!
Thank you for the great presentation and knowledge sharing.
Thank you for watching!
Thanks ❤
Good stuff. Thanks
Excellent!
really simply explained, I'm impressed
Thank you!
Awesome explaination.
The best masterclass on overall security. Crystal clear concept and razor sharp analysis.. I enjoyed and learned a lot.
can agree no more. It's so great that you've got all my words when I was just about to text the Professor some same positive comments and attributes as token of personal thanks... My immediate impression on him is naturally simple: he is really a good teacher!!!
I can’t tell you how much feedback like this means to me!
Ty!
Thanks a lot.
Outstanding sir. Excellent video brother!
Thanks so much!
Great video.
It's been years since I found learning enjoyable and thank you sir for creating such a great video.
Your comment made my day. Thank you!
simply superb
Thank you!
I remember someone who was so confident of his security arrangement that he posted his Social Security Number on billboards. It didn't end well...
A predictable outcome 😂
I wore an NC State Wolfpack tee-shirt when I was around 9, 10 and 11. I turned 18 then officially wore the Hokie tee-shirts and sweatshirts 😁 😏, but I still love my Wolfpack tee 😊. Very informative and well explained video. Thanks for posting. 👍🏼👍🏼👌🏽
Go Pack!!! 😊
Thanks for sharing this nice demonstration. It is very rich in relevant information . As a beginner, it hepled me to understand good thigs.
You’re very welcome!
great infomation
IBM and Google are my most favourites.
Man-in-the-middle attack! A wise man once said, learn something everyday, even if its something small. Thank you for teaching me something today...I just considered getting my certificate in cyber security and i'm starting this journey very soon!!! GREAT VIDEO
That’s great advice about learning something new every day! Glad I could help
Amazing job, Prof!
Thanks so much @chiedozieHez!
Thanks a lot, Jeff!
My pleasure!
Great explanation
Thanks!
Greetings Professor, how do see security from a monolithic archicteture as different from a hybrid cloud archicteture? How does do you see DevSecOps and zero trust as necessary cybersecurity skill set for the Enterprise needs?
Very good
Million dollar knowledge, 🙏
COOL👍🏾😎
Would you organize the playlist of " Cybersecurity " for easy access
A suggestion: Yes if you don't need SSH either remove or disable it. But if you do need it, does it need to be from everywhere or a specific list? If a specific list set to allow only from that list. In that way even if a vulnerability is found, you have a smaller attack surface.
Awesome content perfectly crafted! ❤ And No exams! 😂🎉
No exams for me to have to grade too! Win-win!!! 😊
amazing content
Thank you!
Hi, nice vid. IMHO one principle was missing. "Secure by default"
Great point!
thanks
Welcome
What about zero trust? Could that be one of the principles?
Thia channel is underrated
Thanks for saying so!
How would you modify for a modern “data open by default” stance, where you want to encourage filesharing and collaboration across disciplines (only lock read on data and files internally with privacy rule)? How does read all line up with least privilege?
It all depends upon the value and sensitivity of the data. For some, just ensuring that it isn’t tampered with by making it read only is fine but for others we may need much tighter controls. More on this in the Data Security video later in the series…
Great information! Thank you. Is there a transcript that can be downloaded?
Yes, click into the description and scroll down and you will find a link to the transcript. This should be the case for all the videos we do on the channel
very good video
Thanks!
Great video but don't you think there is a thin line between Security-by-Design and Secure by Design?
Thanks for this video. How do you ensure that the public key is unique to the user ? If i change my computer, how retain my private key ?
How do you ensure ia cannot find the private key associated with public one, if mathematically associated ?
There are a number of ways to handle this depending on the level of security you need. The easiest is to use an encrypted cloud sync service. Another is to have the keys stored in removable hardware that is tamper resistant. In some cases, you may just decide to have different keys for different devices. All depends on the needs of the particular use case
Hi how can I start my career in cyber security
Can anyone please suggest how should I start
hi i am a CS graduate but have a very little about cybersecurity. I want to start the career but it seems like it's a very vast field with multiple paths. Can anyone please guide me where to start. I am also planning to apply for erasmus mundus scholarship for master program in cybersecurity. What should I have to ace this scholarship?
Goodjob sir. Can we use https instead of http :)
Please do!
❤❤❤
❤
As I pointed out the ultimate security in all levels are in the language of security firewalls from one point till end
Can I get a copy of the PowerPoint slides please.
How they reached there with the encryption key is software developed which then clears the encryption into legit reading😊
Do you need to know a programming language to use cyber security fully?
No. There are plenty of jobs in cybersecurity that don’t involve coding.
Can verification by other my device be an example duty sep????i mean credit cards verification
Typically we think of SOD as involving multiple people whereas what I think you are describing is more like multi-factor authentication, if I’m understanding your comment
I am a lot more worried about AI "response" poisoning than I am about data poisoning ... Remember Schumer, Schiff and the Department of Truth?
🥳👍
Can someone help me with the tool he's using for creating this video, how is he marking and doing it in front ?
Sure, search the channel for “how we make them” and you’ll see me in a video explaining
🙏🙏🙏🙏🙏❤
I cannot say how good excited I am feeling knowing now what I know to create something wonderful simple for everyday consumers
Tell IBM to start making laptops.
Showing off those lefty superpowers.
Ha! If only, I could. Search in the channel for the video I did on “how we make them” and you’ll find out I’m actually not a lefty … 😊
i love agry dog)
I want homework…👉👈🥺
@4;10 you said,, the user is also responsible for security. I beg the difference. The user is NOT responsible for security. It is the job of the designer and implementor. For example: I'm a user who can access to my bank account via a bank portal. No one holds me responsible for security of the website.
I understand you point but would say that you as a user still bear some of the responsibility such as to pick a good password and not share it. Security is the responsibility of everyone to various degrees
Yeah dont be stupid and make simple passwords or leave all your SPII or PII accessible lol
The user is totally responsible for security,
In a workplace environment staff must understand their responsibilities to ensure data is protected using a cyber hygiene approach.
Since the human is the weakest link in the chain, the end user can be vulnerable therefore annual training should be in place for staff to understand the importance of security and what to be aware of and how they can help defend.
Everyone has a part to play to defend.
This is the type of mindset that would get the whole org in trouble.
Are you drunk? Your bank will never pay you if they hijack your login. Don’t lock your door, the government is responsible for your security. 😂
Why can't my text book explain it like this!
I had the same reaction back in the days when I was a student. Now that I’m teaching, I’m trying to take a different approach
Hi I'm Ariful Islam leeton im software developer and Students connect cyber security