π Day 3: Exploring Common Tactics in Cybersecurity Threats
alice eneyoToday, I continued my journey by delving into the tactics used by threat actors to manipulate individuals and exploit vulnerabilities. Understanding these strategies is essential for enhancing our defenses and safeguarding both digital and physical assets.
π Key Tactics Used by Threat Actors:
Intimidation & Threats
Consensus/Social Proof
Scarcity
Familiarity
Trust
Urgency
π Exploring the CISSP Security Domains:
Asset Security: Protecting digital and physical assets from threats.
Security Architecture and Engineering: Implementing tools and processes to optimize data security.
Communication and Network Security: Safeguarding physical and wireless communication networks.
Identity and Access Management: Ensuring only authorized users have access to data, preventing breaches.
Security and Risk Management: Setting security goals, ensuring compliance, and maintaining business continuity.
Security Assessment and Testing: Regularly testing and assessing security measures to validate their effectiveness.
Security Operations: Actively maintaining and monitoring security measures to counter ongoing threats.
Software Development Security: Integrating security into the software development lifecycle to prevent vulnerabilities.
π Enhancing Cybersecurity Through Structured Policies and Security Testing:
Security Control and Management: Establishing policies for controlling and managing physical and logical assets.
Security Assessment and Testing: Conducting thorough security control testing, collecting and analyzing data, and performing audits.
Security Operations: Proactively investigating incidents and implementing preventive measures.
Software Development Security: Secure coding practices are crucial in creating secure applications and services.
πΌ Why Cybersecurity Matters:
Protecting sensitive information and ensuring privacy.
Preventing financial loss and guarding against identity theft.
Maintaining business continuity, protecting organizational reputation, and enhancing customer trust.
Understanding these tactics and critical CISSP security domains is key to building a resilient defense against cyber threats. The journey continues, and Iβm excited to keep learning and growing in this ever-evolving field. Remember: You canβt retire from being great!
#Cybersecurity #LearningJourney #CISSP #ThreatAwareness #InformationSecurity #TechSkills #Coursera
Subscribe to my newsletter
Read articles from alice eneyo directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
alice eneyo
alice eneyo
Compliance Analyst with 2+ years of hands-on experience driving risk assessments, regulatory compliance, and governance initiatives across GRC frameworks including ISO 27001, NIST SP 800-53, SOC 2, and GDPR. Adept at developing and enforcing security policies, conducting internal audits, maintaining risk registers, managing third-party compliance, and supporting ISO 27001 certification readiness. Strong understanding of cybersecurity best practices and risk mitigation strategies. Known for strengthening operational resilience through proactive governance and cross-functional collaboration. Actively seeking opportunities in Compliance, GRC (Governance, Risk & Compliance), or Cybersecurity Analyst roles.