«Ciberseguridad» as reflected in the previous article called "Information Security: History, Terminology and Field of Action", is an associated discipline intimately to the field of
«Informática» known as
«Seguridad de la Información». Which in turn, in summary, is nothing more than the area of knowledge which consists of the preservation of the confidentiality, integrity and availability of the
«Información» associated with a
«Sujeto», as well as the systems involved in its treatment, within an organization.
«Seguridad Cibernética» is an emerging discipline that is dedicated entirely to the protection of the
«información computarizada», that is, ensure the
«Información» that resides in some
«Ciber-infraestructura», such as, a telecommunications network, or within the processes that these networks allow. Although, for others, Cybersecurity simply means protecting a
«Infraestructura de información» from a physical or electronic attack.
According to Eric A. Fischer the
«Seguridad Cibernética» refers to 3 things:
“Protection measures on information technology; the information it contains, the processes, the transmission, the associated physical and virtual elements (cyberspace); and the degree of protection that results from the application of these measures ”.
And its purpose is to protect the
«Patrimonio Tecnológico» public and private, which flows through the networks through ICT to prevent individuals or groups from attempting or violating the four macro lines or principles of information that travels through cyber space, which are:
- Confidentiality: The data transmitted or stored is private, it should only be seen by authorized persons.
- Integrity: The transmitted or stored data are authentic, except for errors made in storage or transport.
- Availability: The data transmitted or stored must always be accessible, as far as possible, to all authorized subjects.
- No Repudiation: The data transmitted or stored is of indisputable authenticity, especially when supported by acceptable digital certificates, digital signatures, or other explicit identifiers.
Table of Contents
What is Cybersecurity?
Defining in a more technical way the concept of
«Ciberseguridad»we can use as a reference the concept developed by the professionals of
«Seguridad IT» de ISACA in one of the held meetings known as
«bSecure Conference o IT Master CON», what does it say:
"Cybersecurity is the protection of information assets, through the treatment of threats that put at risk the information that is processed, stored and transported by the information systems that are interconnected."
Clarifying that according to the standard
«ISO 27001» the concept of
«activo de información» It is defined as:
"The knowledge or data that have value for an organization, while information systems comprise applications, services, information technology assets or other components that allow its management."
Therefore, and in summary, it can be said with total precision that la
«Ciberseguridad» its focus is the protection of digital information that resides in interconnected systems. Consequently, it is included within the scope of the
«Seguridad de la Información».
Cybersecurity, Free Software and GNU / Linux
In both the recent past and the present, it has been shown that la
«Ciberseguridad» is an essential point in our current
«Sociedad de la Información», whether at a personal, business or government level.
In recent times, we have seen a growing rise and power of various
«ataques cibernéticos», both
«organizaciones criminales» to public and private organizations, such as from countries to countries, which have created a lot of concern in users or ordinary people, such as IT professionals, programmers, company managers and leaders of countries.
Thus, many tend to take their respective computer measurements of
«Seguridad Cibernética», such as the use of Antivirus, Firewalls, IDS / IPS, VPNs, or others, which often include the Equipment Operating System, on the level of computers and servers of their technological platforms.
And although, platforms
«Sistemas Operativos» and
«Programas de Seguridad Informática» commercial and private are very goodThey are also the preferred target of individual, collective, commercial or state attacks. Furthermore, they do not usually detect faults or correct errors at the speed that users might consider the most optimal.
Advantage of Free Software and Open Source
For these and other reasons, Free Software, Linux-based Operating Systems and GNU-type Programs (Free and Open) tend to have a better level of quality in terms of
«Ciberseguridad», both for normal users and for public and private environments.
Whether, at the level of simple users as for critical infrastructure server computers or not. Not counting, whether at the level of defense or attack the
«Plataformas de Software Libre, Código Abierto y Linux» they are preferred for these purposes.
And all this, thanks to
«cuatro (4) leyes básicas del Software Libre» that allow the responses to be not only more efficient and effective, but also forceful, varied and with specific guidelines. Still, despite the alleged huge fragmentation of
«Software Libre, Código Abierto y Linux».
Linux Distros and Cybersecurity
Today, there are many
«Distros Linux» (and BSD) that make it easier to resolve or improve our defenses regarding
«Ciberseguridad», such as mass espionage, or our attack or infiltration mechanisms to violate the
«Seguridad Cibernética» of others.
Here is a good list of the best known today, both for computers of simple users and for servers of critical infrastructures or not, for the subsequent investigation of them:
- container linux
- Network Security Toolkit
- Samurai Web Security Framework
- smooth wall
«Distro Linux» Which is chosen to use, whether personally or professionally, at home or at work, it will always be important to bear in mind that simply using it, there is no total guarantee that a user will be protected from any danger or threat to his
Therefore, the most important thing will always be to maintain
«mejores prácticas» de
«Seguridad Informática», both personally, and those guided by IT staff within the organization where it operates. Remember, users will always be the weakest link in the chain of
«Seguridad Informática». And if you want to delve a little more into the subject, we recommend this great Glossary of Cybersecurity terms.