This is the first article of our new getting started with cyber security fundamentals. If you haven’t read my introduction post, you’ll want to go read that one first so you can get the big picture of what I’m trying to create here. But to the TL;DR, I’m going back to the basics and will be showing you how to get started with cyber security in your life. These posts will be geared towards 3 different audiences so you’ll want to find the section that is relevant to you. Each post will have an introduction of the topic, answer a few questions, look at what’s happening in the news today, and then deep dive into specific steps or actions you can take. The goal is to raise awareness, provide information, and help people on their cyber security journey. . . wherever that may be.
What is Information Security / Cyber Security
There is a clear distinction between information security and cyber security. Most folks usually bucket the two together, but in general, there are some differences between the two. Information security, as the name implies, is simply securing information. Information can be in many forms but most recently, it has evolved into a digital format. But information security also includes protecting physical information that someone may have such as tax returns, accounting books, and any information physically written down. Most of this information is moving to a digital format which is where cyber security starts to play an important role.
Cyber security is protecting digital assets against digital attacks. This can usually be a lot more challenging as specific skill sets are required to protect against these attacks. Failure to protect your information from cyber attacks will usually yield in some entity gaining unauthorized access to your digital information.
Things that you should be worried about protecting
You ideally want to protect two different types of assets when dealing with security. Data is probably the most important asset you want to protect. As discussed in the previous section, data is created every day and whether it’s physical or digital, you want to take precautions to protect that data. The value of data varies from person to person. If you are a business owner, data is perhaps the most valuable thing you have. This data can be customer records, inventory records, or billing information. This data is of extreme value because without it, your business might not function. For every day users of the internet, data might not have the same monetary value, but data should still be protected. You’d want to know that your bank account information, pictures, and videos are all safe and kept away from unauthorized people. And finally for students, data might be the least of your worries right now. But, this is why I’m creating these posts. As a student, you have a unique opportunity to gain a new appreciation for the data you create. As all mediums of information go digital, students of all ages should be aware of the dangers of not protecting data. Now is the time for you to increase your awareness and appreciation of how important it is to take protecting data seriously!
Another thing you want to protect are your resources. These are usually going to be physical resources such as your computer, router, printers, etc. These items are gateways to your digital data and thus, you should take every precaution you can to protect your resources.
Why should you care about cyber security
Given the number of attacks and information leaks that have happened over the last few years, I’d say that more people need to care about information and cyber security. Every person on the internet should be aware of the implications of utilizing the internet. Failure to appreciate the dangers causes collateral damage to so many businesses. As a business owner, you want to train your employees to be more aware of their responsibilities in handling your digital data. As a user of the internet, you need to be aware that your actions you take while using the internet can have monetary impact to your employer or to you personally. As students, not taking this stuff seriously will create bad habits in the future that are just going to allow this vicious cycle to repeat.
We all need to do better. There are simply too many stories about how hackers broke into companies, stole data, or held data up for ransom. We can all do our part to be more aware of these dangers and actually make conscious decisions when using the internet. We all play a part in making the internet a safer place and it starts by taking information and cyber security more seriously.
What’s the cost if you ignore it?
Depending on who you are and how much you rely on data to make money, ignoring information and cyber security can have various costs for you. If you are a business owner, the highest cost can be losing your entire business. This can come because customers lose confidence, your reputation is compromised, or because all your money goes away. For every day users of the internet, the costs aren’t as high, but still in some cases it can involve getting your identity stolen, bankruptcy, and maybe even losing your job. For students, it probably has the lost cost. But, again, I firmly believe that raising awareness at this level is most important to minimize the impact of attacks years from now.
News Roundup and Discussion
For this particular article, it’s difficult to find news articles on just the topic of cyber security fundamentals. But I’ll say this, go look up articles relating to cyber security and you’ll see why this is so important. Perhaps you’ll be inspired to really learn this stuff and hopefully you’ll be encouraged to come back here and really invest your time and grow with me on this journey.
Actions for Small Business Owners
Action 1: You should evaluate how much you are currently investing into information and cyber security. If you utilize the internet to perform any kind of business transaction or interaction, you should seriously be considering updating your awareness of info and cyber security. If you haven’t given info/cyber security any thought, it’s never too late to get started. Feel free to reach out to me and I can help you turn your ship around!
Step 2: If you currently have some security policies in place, you should review them and make sure they make sense and that they are up to date. You might not be protecting yourself against new threats and/or your employees might need a refresher on tried and true hacking attacks such as phishing attempts and other forms of social engineering based attacks. If you need help updating your training, feel free to reach out to me and I can help you beef up your training. Don’t have training, you seriously need to consider introducing some basic training if you have any human being working for you or your business.
Actions for every day users of the internet
Action 1: If you work for someone, you should start exploring what you can do to help do your part. A business’s biggest vulnerability is its human workforce. Being mindful and aware of attacks that can have serious consequences for your employer should be something you strive to improve.
Action 2: Look around your home and see what is important to you. What resources should you be protecting around your house? What data are you creating that it would be bad or cost you money to replace should it get stolen or hacked? Take inventory of these items and start formulating a plan to protect them.
Actions for students
This is the ground floor of a very exciting future! You should open up your curiosity and research this topic as much as you can. Compared to any other audience member, students have the most amount of time to research and learn as much as they possibly can about this topic. Not only will it help you be a better user of the internet, but it will open up new career opportunities. And for those with that entrepreneurial spirit, you might get inspired to create the next big breakthrough in the cyber security world.
This is just the beginning of this journey. I am trying to start out at the very beginning so that more challenging topics in the future make sense. My goal is that if you follow along with me, you should be able to jump into the exciting field of cyber security and be able to actively make changes and participate in the community. By the end of this journey, you should be much more prepared to not only be smarter, but also learn the skills necessary to be a confident cyber security practitioner.