Cybersecurity Architecture: Five Principles to Follow (and One to Avoid)
IBM Security QRadar EDR : ibm.biz/Bdyd7k
IBM Security X-Force Threat Intelligence Index 2023: ibm.biz/Bdyd76
This ten part video series is based on a 400 level class on Enterprise Cybersecurity Architecture taught by Jeff "the Security Guy" Crume at a local university. He'll begin by explaining the foundational principles of cybersecurity - five that are best practices and one that's just the opposite. The subsequent episodes will look at the various domains that apply to a well-designed security architecture. Be sure to subscribe so you'll get notified of the next video!
Get started for free on IBM Cloud → ibm.biz/ibm-cloud-sign-up
Subscribe to see more videos like this in the future → ibm.biz/subscribe-now
#AI #Software #ITModernization #Cybersecurity #QRadar #JeffCrume #ibm
Chapters
00:00 Principles Introduction
01:05 Defense in Depth
04:20 Least Privilege
07:55 Separation of Duties
09:50 Secure by Design
12:15 Keep It Simple, Stupid (KISS)
14:43 Security by Obscurity
You do a great job of explaining these fundamental concepts.
Super stuff and thanks for the great presentation. Simple and concise.
Thank you for this. Looking forward to more in the future!
This channel is so underrated
I’m glad you are finding value in it!
I like the clarity in these lectures this is the best
Learned a lot from them.
Highly underrated
10 / 10 conceptually, but I wish they would dive into some code every once in a while
Great series, learned a lot. Thank you.
I completed IBM's Cybersecurity Analyst course and got my certificate, I'm here to refine my knowledge before applying a CS architect job
Excellent! Good luck to you in your learning journey!
God bless you for sharing this!!
Thank you won't be enough to show our gratitude for the content ❤ Looking forward to the next video in this series
Your kind comments are more than enough! Thank you!
This is gold, thank you very much! looking forward for the rest of the series!!
Thanks for the encouraging feedback!
I learned a lot from the cybersecurity 10 videos series, I was always fascinated with security and this serie was water-satisfying... Particulary a value among many values that I learned is these fundamentals from the first video, that we should put multiple lines of defense and not rely on one defense to avoid the one single point of failure, another one is that complexity is the enemy of security, that one was very intresting to me... All the practices that you noted we should avoid and best practices that you propone are very valuable. Thank you very much!!
You learned the lessons well!
Really Thank you for sharing the knowledge.
Great video, very comprehensive
Great video! Very clear explanation, thank you :)
I highly recommend this for anyone who is pursuing Cybersecurity at a total beginner level like myself. I’m watching these along with my IBM Cybersecurity Analyst Cert course, and it’s really helped me understand concepts that were so over my head at first. Really appreciate it!
I appreciate your watching and giving such great feedback!
Totally enjoyed this primer on Cybersecurity. The explanation and use of visuals were informative.
Thanks so much!
Loved the video. SImple, but quite insightful. Please keep making videos on Cyber security.
Thanks for saying so!
Thanks for thoose basics delivery. Will continue on with other Subjs of Your track in further videos. Shaking Your hand 🤝
Thanks for the virtual handshake! 🤝
I cannot say how good excited I am feeling knowing now what I know to create something wonderful simple for everyday consumers
I have been searching for this for a long time. You just said what I was looking for. Thank you very much!
I love it! Glad I could help
Excellent content and neat, simple and clearly presented
I love ❤️❤️❤️ these Videos. Thank you so much IBM. Please keep them coming.
@abuwilliams7228 thanks so much for watching and for the great feedback!
The best masterclass on overall security. Crystal clear concept and razor sharp analysis.. I enjoyed and learned a lot.
can agree no more. It's so great that you've got all my words when I was just about to text the Professor some same positive comments and attributes as token of personal thanks... My immediate impression on him is naturally simple: he is really a good teacher!!!
I can’t tell you how much feedback like this means to me!
I have to say, this has gotta be one of the best cybersec vdos out there when it comes to architecture plays, very few vendors like Cisco, Palo Alto and IBM can actually boast an end-to-end cybersec strategy and Jeff you have done a fantastic job laying it out, keep those vdos coming!
Thank you so very much for all the kind words! I really appreciate it!
Cheers, summarised and ppted in 5 seconds.
found your lecture very easy to follow and digest the concepts and ideas
I’m so glad to hear that!
Hey Jeff, given the high demand for cybersecurity would you be so kind to give a roadmap of how to get into cybersecurity - the certifications etc from beginner to master. I'm definitely gonna hop on this series as the videos come out.
Hi Seetsa. Here's an attempt at that: kzhead.info/sun/Z6euiLKrbYWYoo0/bejne.html
I've watched all 10 videos - very good - lots of pointers for following up on. Thank you.
Thank you for watching!
Sir. I must salute you in a standing position. I mean I don't have words to praise you. Just watched your first video and I subscribed. Now watch the second video. Your way of communicating cyber security is so simple and easy to understand that this is as it should be.
You’re very kind to say so! I love making these videos and the payoff is reading comments like yours that make the effort all worthwhile!
Thanks for making it easy to understand the main principles of security solutions and technologies we sell to our customers.
You’re very welcome and thank you for watching!
Thanks for sharing this nice demonstration. It is very rich in relevant information . As a beginner, it hepled me to understand good thigs.
You’re very welcome!
Thank you Jeff, IBM for giving me this topic free.
You are most welcome!
many thanks of IBM for great information sharing. this series were fantastic too.
Many thanks to you for watching!
Great explanation, wonderful summarization, and perfect delivery. Your work here is very appreciated sir. Thank you very much.
Thanks so much for saying! And your viewing is very much appreciated as well!
Wow! this is so amazing. You have simplified this information so well, especially for someone like me who is pursuing a career in cybersecurity. currently preparing for my ISC2 cc Certification.
I’m so glad you liked it! Best of luck on your certification pursuit!
Thank you so much for these 10-part series. I included the videos as study materials for my ISC2 Certified in Cybersecurity exam (I'm a newbie in Cybersecurity), and I'm glad to say i passed. Your explanations made the topics and concepts so easy to understand. Thank you!!!!
Wow! Congratulations on that! I’m so glad to hear that these videos helped!
Same here. I'm currently listening to it while preparing for my ISC2 exam.
Amazing job, Prof!
Thanks so much @chiedozieHez!
Man-in-the-middle attack! A wise man once said, learn something everyday, even if its something small. Thank you for teaching me something today...I just considered getting my certificate in cyber security and i'm starting this journey very soon!!! GREAT VIDEO
That’s great advice about learning something new every day! Glad I could help
Great lecture series. Thank you so much. 🙏👏👏👏
Thank you for watching!
Thanks a lot for these lessons. They really make things quite clear fundamentally. Thanks a lot.
You are most welcome!
IBM having many great learning videos, thanks.
Pretty clear explanations and examples. love it!
so glad to hear it!
Thank you for the great presentation and knowledge sharing.
Thank you for watching!
Good stuff. Thanks
Great video.
It's been years since I found learning enjoyable and thank you sir for creating such a great video.
Your comment made my day. Thank you!
I wore an NC State Wolfpack tee-shirt when I was around 9, 10 and 11. I turned 18 then officially wore the Hokie tee-shirts and sweatshirts 😁 😏, but I still love my Wolfpack tee 😊. Very informative and well explained video. Thanks for posting. 👍🏼👍🏼👌🏽
Go Pack!!! 😊
Awesome explaination.
great infomation
really simply explained, I'm impressed
Thank you!
I remember someone who was so confident of his security arrangement that he posted his Social Security Number on billboards. It didn't end well...
A predictable outcome 😂
Excellent!
Thank you :)
simply superb
Thank you!
Outstanding sir. Excellent video brother!
Thanks so much!
Very good
Ty!
Greetings Professor, how do see security from a monolithic archicteture as different from a hybrid cloud archicteture? How does do you see DevSecOps and zero trust as necessary cybersecurity skill set for the Enterprise needs?
Thanks a lot, Jeff!
My pleasure!
Thanks ❤
Would you organize the playlist of " Cybersecurity " for easy access
Thanks a lot.
How would you modify for a modern “data open by default” stance, where you want to encourage filesharing and collaboration across disciplines (only lock read on data and files internally with privacy rule)? How does read all line up with least privilege?
It all depends upon the value and sensitivity of the data. For some, just ensuring that it isn’t tampered with by making it read only is fine but for others we may need much tighter controls. More on this in the Data Security video later in the series…
IBM and Google are my most favourites.
COOL👍🏾😎
Great information! Thank you. Is there a transcript that can be downloaded?
Yes, click into the description and scroll down and you will find a link to the transcript. This should be the case for all the videos we do on the channel
Awesome content perfectly crafted! ❤ And No exams! 😂🎉
No exams for me to have to grade too! Win-win!!! 😊
Great explanation
Thanks!
Million dollar knowledge, 🙏
amazing content
Thank you!
Thanks for this video. How do you ensure that the public key is unique to the user ? If i change my computer, how retain my private key ? How do you ensure ia cannot find the private key associated with public one, if mathematically associated ?
There are a number of ways to handle this depending on the level of security you need. The easiest is to use an encrypted cloud sync service. Another is to have the keys stored in removable hardware that is tamper resistant. In some cases, you may just decide to have different keys for different devices. All depends on the needs of the particular use case
Hi, nice vid. IMHO one principle was missing. "Secure by default"
Great point!
What about zero trust? Could that be one of the principles?
very good video
Thanks!
thanks
Welcome
As I pointed out the ultimate security in all levels are in the language of security firewalls from one point till end
hi i am a CS graduate but have a very little about cybersecurity. I want to start the career but it seems like it's a very vast field with multiple paths. Can anyone please guide me where to start. I am also planning to apply for erasmus mundus scholarship for master program in cybersecurity. What should I have to ace this scholarship?
❤❤❤
🥳👍
I am a lot more worried about AI "response" poisoning than I am about data poisoning ... Remember Schumer, Schiff and the Department of Truth?
❤
Thia channel is underrated
Thanks for saying so!
Hi how can I start my career in cyber security Can anyone please suggest how should I start
How they reached there with the encryption key is software developed which then clears the encryption into legit reading😊
Can verification by other my device be an example duty sep????i mean credit cards verification
Typically we think of SOD as involving multiple people whereas what I think you are describing is more like multi-factor authentication, if I’m understanding your comment
Goodjob sir. Can we use https instead of http :)
Please do!
Do you need to know a programming language to use cyber security fully?
No. There are plenty of jobs in cybersecurity that don’t involve coding.
Can someone help me with the tool he's using for creating this video, how is he marking and doing it in front ?
Sure, search the channel for “how we make them” and you’ll see me in a video explaining
🙏🙏🙏🙏🙏❤
Tell IBM to start making laptops.
@4;10 you said,, the user is also responsible for security. I beg the difference. The user is NOT responsible for security. It is the job of the designer and implementor. For example: I'm a user who can access to my bank account via a bank portal. No one holds me responsible for security of the website.
I understand you point but would say that you as a user still bear some of the responsibility such as to pick a good password and not share it. Security is the responsibility of everyone to various degrees
Yeah dont be stupid and make simple passwords or leave all your SPII or PII accessible lol
The user is totally responsible for security, In a workplace environment staff must understand their responsibilities to ensure data is protected using a cyber hygiene approach. Since the human is the weakest link in the chain, the end user can be vulnerable therefore annual training should be in place for staff to understand the importance of security and what to be aware of and how they can help defend. Everyone has a part to play to defend.
This is the type of mindset that would get the whole org in trouble.
Are you drunk? Your bank will never pay you if they hijack your login. Don’t lock your door, the government is responsible for your security. 😂
Why can't my text book explain it like this!
I had the same reaction back in the days when I was a student. Now that I’m teaching, I’m trying to take a different approach
Showing off those lefty superpowers.
Ha! If only, I could. Search in the channel for the video I did on “how we make them” and you’ll find out I’m actually not a lefty … 😊
Hi I'm Ariful Islam leeton im software developer and Students connect cyber security
Yet everything is being attacked it means enemies within and some crazed fixated lowlife obsessors on individuals creating havoc control decimation of their lives. Therefore ultimately security in consumers hands I figured this long time back as bastard obsessor kept moving with me wherever i went, neither the bastard as such has hole to face me or has any interest except block my life and with abuse horrific ones that too
The video was a mish mash of best practices, tools, process, some architecture and people responsibility Disappointing
what an idiotic way of teaching cybersecurity. the vast majority do not understand how the OSI model works, they just rely on software to help them find out things. the damn thing is called firewall. using all these acronyms does not make this teacher and other that smart.
You are too Good
Very kind of you!
I completed IBM's Cybersecurity Analyst course and got my certificate, I'm here to refine my knowledge before applying a CS architect job
Congratulations on completing the course and best of luck to you!
❤