Articulos de Ciberseguridad para adultos profesionales (en proceso)

Cybersecurity Articles for Professional Adults + Spanish (constant changing) This curriculum will be created for spanish speakers and it's in constant changes (Sept 11,2023).

Descripcion

The goal for this repo is to submit articles and create a final curriculum plan to improve the people's security in the virtual era, following the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). I am using some of their frameworks to help navigate through the different steps of analyzing cybersecurity incidents and response, risks and integrate my analysis into a general security strategy:

Table of Contents

Articulos

  1. Contraseña y su seguridad:
    1. Creación de contraseñas seguras y únicas.
    2. Usando un administrador de contraseñas.
    3. Habilitar la autenticación de dos factores (2FA) cuando sea posible.
  2. Concientización sobre el "phishing":
    1. Reconocimiento de correos electrónicos y mensajes de "phishing".
    2. Evitar hacer "clic" en enlaces sospechosos o descargar archivos adjuntos de fuentes desconocidas.
  3. Ataques de ingeniería social:
    1. Identificar y defenderse contra tácticas de ingeniería social (por ejemplo, pretextos, hostigamientos, seguimiento de vehículos).
  4. Hábitos de navegación segura:
    1. Verificar la autenticidad del sitio web.
    2. Comprobando HTTPS.
    3. Evitar descargar archivos de sitios web que no sean de confianza.

NIST

  • Identity:

    • Identify security risks through regular audits of internal networks, systems, devices, and access privileges to identify potential gaps in security.
  • Protect:

    • Internal assets through the implementation of policies, procedures, training and tools that help mitigate cybersecurity threats.
  • Detect:

    • Detecting potential security incidents and improve monitoring capabilities to increase the speed and efficiency of detections.
  • Respond:

    • To contain, neutralize, and analyze security incidents; implement improvements to the security process.
  • Recover:

    • Affected systems to normal operation and restore systems data and/or assets that have been affected by an incident.

framework-01