You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
What is Cybersecurity
What is Cybersecurity
Cybersecurity is the practice of protecting systems, networks, and data from digital attacks, unauthorised access, and damage. As organisations move more operations online, cybersecurity has become one of the most critical disciplines in information technology.
Why Cybersecurity Matters
Cyber threats are growing in frequency and sophistication:
- 2017 — WannaCry ransomware infects 230,000+ computers across 150 countries in a single day
- 2020 — SolarWinds supply-chain attack compromises thousands of organisations, including US government agencies
- 2021 — Colonial Pipeline ransomware attack disrupts fuel supply to the US East Coast
- 2023 — MOVEit Transfer vulnerability exposes data of 60+ million individuals globally
- Today — the average cost of a data breach exceeds $4.5 million (IBM Cost of a Data Breach Report)
Cybersecurity is no longer just an IT concern — it is a business-critical function that protects revenue, reputation, and customer trust.
The CIA Triad
The CIA triad is the foundation of all cybersecurity:
| Principle | Definition | Example |
|---|---|---|
| Confidentiality | Only authorised people can access data | Encryption, access controls, classification |
| Integrity | Data is accurate and has not been tampered with | Checksums, digital signatures, version control |
| Availability | Systems and data are accessible when needed | Redundancy, backups, disaster recovery |
Every security control maps back to one or more of these three principles.
Beyond CIA — Additional Principles
| Principle | Definition |
|---|---|
| Authentication | Verifying the identity of a user or system |
| Authorisation | Determining what an authenticated entity is allowed to do |
| Non-repudiation | Ensuring actions cannot be denied by the person who performed them |
| Accountability | Tracking and logging who did what and when |
The Threat Landscape
Threat Actors
| Actor | Motivation | Example |
|---|---|---|
| Script Kiddies | Curiosity, notoriety | Using pre-built tools to deface websites |
| Hacktivists | Political or social causes | Anonymous collective DDoS campaigns |
| Cybercriminals | Financial gain | Ransomware gangs (e.g., LockBit, ALPHV) |
| Nation-States | Espionage, sabotage | APT groups (e.g., APT28, Lazarus Group) |
| Insiders | Revenge, negligence, financial gain | Disgruntled employees leaking data |
Attack Surfaces
The attack surface is the total number of points where an attacker can try to enter:
- Network — open ports, exposed services, weak protocols
- Application — web apps, APIs, mobile apps
- Human — phishing, social engineering, credential theft
- Physical — server rooms, USB devices, unattended laptops
- Supply chain — third-party software, hardware components
Cybersecurity Domains
Cybersecurity is a broad field with multiple specialisations:
| Domain | Focus |
|---|---|
| Network Security | Protecting networks from intrusion and attack |
| Application Security | Securing software from vulnerabilities |
| Cloud Security | Protecting cloud environments and data |
| Identity & Access Management | Managing who can access what |
| Security Operations | Monitoring, detecting, and responding to threats |
| Incident Response | Handling security breaches and incidents |
| Governance, Risk & Compliance | Policies, frameworks, and regulatory compliance |
| Cryptography | Protecting data through encryption |
| Digital Forensics | Investigating cyber incidents and preserving evidence |
| Penetration Testing | Simulating attacks to find vulnerabilities |
Key Frameworks and Standards
| Framework | Organisation | Purpose |
|---|---|---|
| NIST Cybersecurity Framework | NIST (US) | Risk-based approach: Identify, Protect, Detect, Respond, Recover |
| ISO 27001 | ISO/IEC | International standard for information security management systems |
| CIS Controls | Center for Internet Security | Prioritised set of actions to defend against common attacks |
| MITRE ATT&CK | MITRE | Knowledge base of adversary tactics, techniques, and procedures |
| OWASP | OWASP Foundation | Application security best practices and the OWASP Top 10 |
The NIST Cybersecurity Framework
The five core functions:
- Identify — understand your assets, risks, and vulnerabilities
- Protect — implement safeguards (access controls, encryption, training)
- Detect — monitor for security events and anomalies
- Respond — contain and mitigate incidents
- Recover — restore systems and learn from incidents
Career Paths in Cybersecurity
| Role | Responsibility |
|---|---|
| Security Analyst | Monitor alerts, investigate incidents, triage threats |
| Penetration Tester | Simulate attacks to find vulnerabilities |
| Security Engineer | Design and build secure systems and infrastructure |
| Security Architect | Define security strategy and architecture |
| Incident Responder | Lead investigation and containment of breaches |
| CISO | Chief Information Security Officer — strategic leadership |
| GRC Analyst | Governance, risk, and compliance management |
| Threat Intelligence Analyst | Research and analyse emerging threats |
Key Certifications
| Certification | Provider | Level |
|---|---|---|
| CompTIA Security+ | CompTIA | Entry |
| CEH (Certified Ethical Hacker) | EC-Council | Intermediate |
| CISSP | (ISC)^2 | Advanced |
| OSCP | OffSec | Advanced (practical) |
| CISM | ISACA | Management |
Tip: Cybersecurity is a mindset, not just a set of tools. Think like an attacker to defend like a professional.
Summary
Cybersecurity protects systems, networks, and data by applying the principles of confidentiality, integrity, and availability. The threat landscape includes nation-states, cybercriminals, hacktivists, and insiders. Frameworks like NIST and ISO 27001 provide structured approaches to managing risk. In the following lessons, we will explore networking, threats, cryptography, and the security controls that form the foundation of modern cyber defence.