Skip to main content

Posts

Showing posts from September, 2021

My InfoTech Journal!

My InfoTech Journal: Decoding the Networking Enigma: OSI vs. TCP/IP Reference Models

My InfoTech Journal: Decoding the Networking Enigma: OSI vs. TCP/IP Reference Models The OSI (Open Systems Interconnection) Reference Model and the TCP/IP (Transmission Control Protocol/Internet Protocol) Reference Model: The OSI Reference Model and the TCP/IP Reference Model are both conceptual frameworks used to understand and standardize how different networking protocols and technologies interact. Here are some areas of comparison: 1. Number of Layers: OSI Model : It consists of seven layers: Physical, Data Link, Network, Transport, Session, Presentation, and  TCP/IP Model : It has four layers: Network Interface, Internet, Transport, and Application. 2. L ayer Functionality: OSI Model : Tends to be more comprehensive and abstract, defining each layer's functions independently. TCP/IP Model : Reflects the actual implementation of the Internet and focuses on how protocols are used in practice. 3. Adoption / Use: OSI Model : Less commonly used in practice, but it is still valuab

Where in the World has the FASTEST Internet?

My InfoTech Journal: Where in the World has the FASTEST Internet? Which countries have the FASTEST Internet?  Here is the latest table of the TOP 10 countries with the FASTEST Internet Speed as of SEP-2021 Topping the list at Number 1 is SINGAPORE with an average download speed of 242.27 Mbits/sec . Next is THAILAND at Number 2 with an average download speed of 211.10 Mbits/sec . At Number 3 is MONACO with an average download speed of 203.15 Mbits/sec . Ranked at Number 4 is  SWITZERLAND  with an average download speed of 194.16 Mbits/sec . At Number 5 is   DENMARK with an average download speed of 193.23 Mbits/sec . Next is ROMANIA at  Number 6  with an average download speed of 186.06 Mbits/sec . At  Number 7 is   ANDORRA  with an average download speed of 180.10 Mbits/sec . Ranked at  Number 8  is  FRANCE  with an average download speed of 194.16 Mbits/sec . Next is HUNGARY at  Number 9  with an average download speed of 172.10 Mbits/sec . UNITED STATES is at  Number 10  with

Physical Security for Information Protection

My InfoTech Journal: Physical Security for Information Protection  Physical Security  What comes to your mind when we talk about Physical Security ? In most cases people think about padlocks, steel doors, cabinet safe, Security Guards, CCTV cameras, turnstiles, biometrics, and other cool stuff. These are all correct answers and can keep our valuable assets safe from thieves. Physical Security for Information Protection   When we shift our focus to Physical Security for Information Protection , the definition shifts to securing information (personal, sensitive, confidential, critical), hardware assets, systems, network and data from physical events and actions with malicious intent. This also includes protection from natural disasters like tornadoes, typhoons, earthquakes, flooding, fire; protection from thieves; protection from hackers and other threats. So where do we start? Physical Security for Information Protection  covers a wide scope, from perimeter security, access control syst

Designing Countermeasures in CyberSecurity

My InfoTech Journal: CyberSecurity CyberSecurity CyberSecurity is the principle of securing your digital assets, specially your critical systems and sensitive information from cyber threats or cyber attacks. For this article, I will be discussing the CyberSecurity principles by IBM . CyberSecurity Domains IBM has defined a strong CyberSecurity strategy as having layers of protection against cyber crime, including cyber attacks that attempt to access, change or destroy data; extort money from users or organisations; or aim to disrupt business operations. 1    IBM has listed the following CyberSecurity Domains as the fundamental areas covered by their  CyberSecurity strategy. CyberSecurity Domains: Critical Information Security  Network Security  Application Security  Cloud Security  Information Security  End-User Education  Disaster Recovery / Business Continuity Planning  Based on the IBM strategy, the following CyberSecurity Domains must be considered when designing countermeasures: C

CyberSecurity Vulnerabilities in Control Systems

My InfoTech Journal:  CyberSecurity Vulnerabilities in Industrial Control Systems For this article, I will be presenting an overview of CyberSecurity Vulnerabilities, using the US   CyberSecurity & Infrastructure Security Agency (CISA) guidelines for Industrial Control Systems . Please note that this US CISA CyberSecurity guideline is specific to Industrial Control Systems. Nonetheless the framework and line of thought can be used as reference for any other similar environment. CyberSecurity aims to protect sensitive information hosted in critical systems from different faces of evolving threats. Year-by-year business reports would publish the cost of data breaches globally in millions of US dollars. This includes losses in business revenues, cost of responding to the breach, cost of deciphering the extent of the data breach,  performing root cause analysis, and most of all the long term damage of the company reputation and brand. In order to protect your Control System’s risk and

Information Security Tenets (The CIA Triad)

My InfoTech Journal:   Information Security Tenets The CIA Triad The   three tenets or fundamental principles of Information Security are  Confidentiality ,  Integrity , and  Availability .  This is also commonly known as the CIA Triad . The Information Security  programs refers to the controls designed and implemented to protect these three tenets:  Confidentiality ,  Integrity , and  Availability .   What is Confidentiality? Confidentiality ensures that private information remains private and that these private information can only be accessed or viewed by authorized individuals on need to know basis. Information Security controls must therefore be put in place to protect the data from unauthorized disclosure.  Examples of  Information Security controls  to ensure Data Confidentiality : Access Control List (ACL) Username and Password  Encryption  Two-Factor Authentication (Password, Token, PIN, Biometric, etc) What is Integrity? Integrity refers to the accuracy and completeness of t

Information Security

My InfoTech Journal: Information Security Information Security is always a very interesting domain for discussion.  Over the years, Information Security has evolved as a domain that requires more and more stringent security controls in order to comply with growing compliance requirements and most importantly to protect corporate sensitive data, confidential, personal information, and other critical data. There are several Information Security Standards or Frameworks available in the industry to choose from.  But there is no one standard that can claim the title of being an all-in-one package solution. So if you are into Information Security compliance, you need to understand your organization to know what standards will best fit your compliance requirement.  In some cases, you will have to implement combinations of industry standards for your compliance governance program. Back in the days, I was involved in an outsourcing project as an Account Security Officer (ASO) for a large corpo

My InfoTech Journal

 M My InfoTech Journal My InfoTech Journal will record the research that I have consolidated so that I can go back and use these articles for future reference. I will start with topics related to Information Security, Data Privacy, and expand to other domains with the objective of promoting knowledge sharing for those that may have the same research requirement. I will also share personal experiences that may be useful to the topics being presented. I hope that these research articles will be useful to others looking for references on the same topic. The Author: My InfoTech Journal  Support My InfoTech Journal