Whitepaper: Understanding the basics of cybersecurity
This whitepaper covers the fundamentals of information security, what it does, and why it is so important.
Information security or ‘infosec’, describes everything relating to protecting information: principles, tools, techniques, technologies, products, services, and practices. Infosec begins and ends with people – compromises happen almost exclusively because of a human failing of some kind.
There are three main categories of human compromises: ignorance, social engineering, and negligence.
- Ignorance is a lack of knowledge and can be a security risk when we mistakenly believe that we know something that we do not.
- Social engineering can be as simple as a fake call from a so-called ‘Microsoft technician’ or as sophisticated as a spear-phishing email leading to a replica website. It aims to get you to reveal details that give access to your accounts.
- While all of us can be ignorant and vulnerable to social engineering, negligence is a choice – it requires someone to deliberately choose to put aside some aspect of their duty, such as educating themselves or performing a task.
Fortunately, technology can be used to help prevent infosec compromises by blocking attacks, sending reminders to operators, and detecting malicious, abnormal, or negligent behaviour.
Contents of the whitepaper
By understanding the basics of cybersecurity you will be comfortable in a security conversation. When reading this whitepaper you'll learn more about:
- The basics of IT information security concepts
- The basics of IT information security defences
- The anatomy of an attack
- Advances infosec concepts