Security is a quality issue. Except we don’t treat it that way and that’s costing us dearly.
With the initial set of cybersecurity basics segments done, I’m think it’s worth moving to a “basics” basics series. The goal would be to help everyone understand how the internet works, how email is structure, etc. Thoughts?
Built-in security is always best. That’s “security by design” but when that fails (due to mistakes, oversight, humans), built-in security steps up…or, um, in.
In your personal life you’re assessing risk constantly whether you know it or not. In the digital world the same thing happens BUT you probably don’t have the required context to make an informed decision.
Risk assessments are useful when kept in context and continually updated. A penetration test (or pen test) is when your system undergoes a “friendly” attack with the idea of find issues before cybercriminals do. Together they are a strong...
Personally identifiable information (PII) and Personal Health Information (PHI) are critical concepts. They help identify information that needs additional safeguards and care.
Who did it? It’s a powerful question and the answer to “What is attack attribution?”
Authentication and authorization are two critical concepts that are intertwined. Understanding the difference and their purpose is key to understanding cybersecurity.
Hackers and cybercriminals are all “malicious actors”. While you may not know who is attacking a system, having a better understanding of common motivations is important.
Malicious software (malware) is an umbrella term that covers a number of different types of software designed to do bad things…but those specific categories don’t mean to much day-to-day when it comes to defence…
Encryption: what is it? why does it work?
Perspective is a tricky thing….maybe the hardest aspect of cybersecurity