Unit I Overview: Cyberspace, Layers & Threat Landscape
Unit I introduces the foundational vocabulary and conceptual framework of cyber security. Before you can defend a system, you must understand what you are defending, who is attacking, and why. This unit covers the definition of cyberspace, the layered architecture of cyber security, the spectrum of cybercrimes, and the key actors behind attacks.
---
What is Cyberspace?
Cyberspace is the virtual environment created by interconnected computer networks, systems, devices, and the internet. The term was coined by science fiction author William Gibson in his 1984 novel Neuromancer, but it has since become the authoritative term for the global digital infrastructure.
Cyberspace has three distinct layers that are both interdependent and separately vulnerable:
| Layer | Definition | Components | Attack Surface | Protection Strategy |
|---|---|---|---|---|
| Physical Layer | Tangible hardware infrastructure | Servers, routers, cables, satellites | Physical theft, hardware tampering | Physical locks, guards, CCTV |
| Logical Layer | Software, protocols, data flows | TCP/IP, DNS, web services, databases | Exploits, malware, protocol attacks | Patches, firewalls, encryption |
| Social Layer | Human users and their behavior | Employees, administrators, customers | Social engineering, insider threats | Training, policy, access controls |
---
Layers of Cyber Security
A holistic cyber security strategy addresses all threats across all layers using the OSI Security Model and industry frameworks like NIST and ISO 27001:
| Security Layer | Objective | Threats Countered | Technologies | Standard |
|---|---|---|---|---|
| Physical | Prevent unauthorized physical access | Theft, vandalism, natural disaster | Biometrics, security guards, UPS | ISO 27001 A.11 |
| Perimeter / Network | Control traffic entering/leaving networks | Intrusions, port scanning, DDoS | Firewall, IDS/IPS, DMZ | NIST SP 800-41 |
| Host | Harden individual computers | Malware, rootkits, privilege escalation | Antivirus, EDR, OS hardening | CIS Benchmarks |
| Application | Secure software from vulnerabilities | XSS, SQLi, buffer overflow | SAST, DAST, WAF | OWASP Top 10 |
| Data | Protect data at rest and in transit | Exfiltration, ransomware | AES-256, TLS 1.3, DLP | FIPS 140-2 |
| Mission / Business | Align security with business goals | APT, insider threats | GRC tools, risk assessment | ISO 31000 |
---
The Cyber Threat Landscape
A cyber threat is any potential malicious action that aims to disrupt, damage, steal, or gain unauthorized access to information systems. Threats are classified by:
By origin:
- Insider threats — Malicious or negligent actions by employees, contractors, or business partners with authorized access
- External threats — Attacks from outside the organization: hackers, cybercriminals, nation-states, hacktivists
- Supply chain threats — Attacks through third-party vendors or software (SolarWinds, Log4Shell)
By motivation:
- Financial — Ransomware, fraud, cryptocurrency theft
- Espionage — Nation-state actors stealing intellectual property or government secrets
- Disruption — Hacktivists, terrorists targeting critical infrastructure
- Notoriety — Script kiddies seeking fame
Exam Tip: Know the difference between a threat, a vulnerability, and a risk: Threat = potential harm; Vulnerability = weakness that can be exploited; Risk = Threat × Vulnerability × Impact. This is the risk equation.
---
Key Terminology Quick Reference
| Term | Definition | Example | Related Concept | Category |
|---|---|---|---|---|
| Cybercrime | Criminal activity involving computers/networks | Identity theft, ransomware | Cyber law, IT Act | Legal |
| Cybercriminal | Person who commits cybercrimes | Hacker, cracker, script kiddie | APT groups | Actor |
| Cyber threat | Potential for unauthorized action causing harm | Phishing email, malware | Attack vector | Risk |
| Cyberspace | Global digital infrastructure | Internet, intranets, IoT | Cyberwarfare | Environment |
| Cyberwarfare | State-sponsored digital attacks | Stuxnet (US/Israel vs Iran) | APT, nation-state | Warfare |
| Botnet | Network of infected computers controlled remotely | Mirai botnet (IoT DDoS) | C2 server, zombie | Infrastructure |
| Cyberstalking | Using technology to harass or stalk | Tracking via social media | Harassment laws | Cybercrime |
---
Study Deep: Unit I Foundational Concepts
- Cyberspace is not just the internet: Cyberspace encompasses all digital infrastructure — military networks (intranet), industrial control systems (SCADA), IoT devices, and private corporate networks. Securing cyberspace means securing ALL these interconnected systems, not just websites.
- The threat landscape evolves daily: New vulnerabilities (CVEs) are published every day by MITRE. In 2023, over 28,000 CVEs were published — approximately 77 per day. Security professionals must stay continuously updated through sources like CERT-In (India), US-CERT, and SANS Internet Storm Center.
- Human error causes 95% of breaches (IBM): Technical controls alone cannot prevent all attacks. The weakest link is almost always human — clicking phishing emails, reusing passwords, misconfiguring servers. This is why security awareness training is considered as important as any technical control.
- Attack surfaces are expanding: With cloud computing, remote work, IoT devices, and mobile apps, the attack surface an organization must defend has expanded enormously. Each connected device is a potential entry point. The average enterprise has 135,000 exposed assets (Randori, 2022).
- Regulations are driving security investment: India's IT Act 2000 (amended 2008), GDPR, HIPAA, and PCI-DSS create legal obligations for security. Data breaches can result in fines of up to 4% of global annual revenue under GDPR. This regulatory pressure is a major driver of the cyber security market growing to $266 billion by 2027.
Exam Tip: The three layers of cyberspace are: Physical, Logical, and Social. Attacks can target any of the three. Social engineering attacks target the Social layer — the human element — which is often the weakest.