Weekly Standup — Filtering In SQL || Assets, Threats, and Vulnerabilities
Hey, it’s great to be back for my weekly standups.
It’s been a whopping six weeks since I last did this, which is a long time. Unfortunately, some unforeseen circumstances came up and I had no choice but to take a break. But now I’m back, feeling stronger and better than ever. I’m sorry for the interruption in our communication.
Disclaimer: The information (most of the definitions) shared here is based on my knowledge gained from the Google cybersecurity certification program on Coursera and some online articles and videos.
While I was away, I didn’t have consistent learning sessions, but I was able to learn a few things that I’d like to share with you.
- FILTERING IN SQL
As a security analyst, you’ll likely need to analyze data. And often finding the specific data you’ll need depends on more than one factor.
Filtering means selecting data that matches a certain condition. You can filter for multiple conditions to retrieve specific information from the database. You can also filter for what does not match a particular condition. Some commands used to filter in SQL include
WHERE: This indicates the condition for a filter
LIKE: This is used with WHERE to search for a pattern in a column.etc.
SQL joins enable you to combine tables that contain a shared column. This is helpful when you need to connect information that appears in different tables. In SQL, there are two types of Joins: Inner join, which returns rows matching a specified column that exists in more than one table, and Outer join
Outer Join consists of three types: LEFT JOIN, RIGHT JOIN, and FULL OUTER JOIN.
Next, I’ll be talking about Assets, Threats, and Vulnerabilities.
An Asset is an item perceived as having value to an organization.
A Threat is any circumstance or event that can negatively impact assets.
Vulnerability is a weakness that can be exploited by a threat.
In the world of cybersecurity, security risk planning is based on the analysis of these three elements. Risk is anything that can impact the confidentiality, integrity, or availability of an asset.
To properly secure the assets of an organization, an asset inventory has to be drafted (which is a catalog of assets that need to be protected), after which the assets are classified (based on sensitivity and importance) and tracked (for the risks that affect them). This process is called Asset Management.
Four levels of asset classification include Public, Internal-only, Confidential, and Restricted.
To be able to protect assets and data, we’ll need to know the different states of data. These are:
- Data in use: This is data being accessed by one or more users. An example is the photos or files being accessed on a device.
- Data in transit: This is data traveling from one point to another. An example is an email being sent.
- Data at rest: This is data not currently being used. An example is when you’re done using your PC and close it up, the data in it is at rest.
Remember, protecting data depends on where the data is and what it’s doing. Keeping track of information is part of the puzzle that companies solve when considering their security plan. Understanding the three states of data enables security teams to analyze risk and determine an asset management plan for different situations.
Risk assessments are how security teams determine whether their security operations are adequately positioned to prevent cyber attacks and protect sensitive information.
Developing a security plan from the beginning that addresses all risks can be challenging. This makes security frameworks a useful option.
The NIST (National Institute of Standards and Technology) CSF (Cyber Security Framework) is a voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk. It is a flexible resource that organizations may use to assess and improve their security posture.
The NIST CSF consists of 3 components: core, tiers, and profiles; and 5 core functions: identify, protect, detect, respond, and recover.
The framework has a significant advantage as it aligns with the security practices of many organizations worldwide. It also aids in meeting regulatory compliance requirements that might be shared among business partners. To sum up, implementing the CSF can assist businesses in meeting regulatory compliance requirements, thereby mitigating financial and reputational risks.
Thanks for reading. Let’s discuss, exchange ideas, and connect in the comment section. Also looking forward to collaborations.
See you next week.
