Cyber 101

Understand the basics with this easy-to-use guide.

WELCOME!

Cybersecurity is complicated — we make it simple!

Practicing good cybersecurity begins with a solid understanding of the basics. This section will help you get comfortable with critical cyber concepts and definitions.

Let’s get started!

COMMENCE LEARNING IN 3…2…1

Making learning easy is our jam!

Your learning journey begins here. We built this site to be easy to use and understand. Start with the first section, continue to the next, and enjoy the journey! Feel free to reach out to us if you have questions along the way.

Cheers!

IMPORTANT cybersecurity definitions

SECTION ONE

CYBERSECURITY DEFINITIONS can be complex and intimidating. There are so many words! That’s why we break them down into terms anyone can understand. Here are some of the most important ones.

  • The process of continually finding, tracking, and monitoring all your organization’s computers (and any vulnerabilities linked to them). Learn more here!

  • Those who wish to harm others. There are two main types: cybercriminals (working for themselves) and nation-state actors (working for a government). Sometimes they’re known as “threat actors” or just “the bad guys.”

  • When someone takes over an email account and pretends to be that person. Picture this: your CEO emails asking you to wire 1M to an overseas account, but guess what? Your CEO didn’t send the email. An imposter did.

  • A bunch of remote computers meant to operate as a single system. It is designed to make information available anywhere and anytime you need it. It can either store and manage data, run applications, or deliver content. Alas (as the name might indicate), it doesn't live in the sky but in large data warehouses.

  • Your username and password.

  • “Cyber” can mean many things for many people. On this site, it refers only to matters of cybersecurity.

  • A small, hidden part of the Internet that cannot be accessed through standard browsers where you can buy and sell goods and services, which is primarily used to traffic illegal goods and services.

  • The concept of always having multiple layers of cyber defense for your business. Learn more here!

  • DevSecOps stands for development, security, and operations and describes an application development practice where security is integrated into all software development life cycle (SDLC) phases. Learn more here!

  • A security solution that covers your entire network, not just a single device or application.

  • A documented framework that outlines specific steps and procedures you should take in the event of a cyber incident in real time. Learn more here!

  • A non-physical asset you own, legally protected from unauthorized use. Read more about it here!

  • Malicious software (like a computer virus) that someone intentionally installs on your computer.

    “Malicious” + “software” = “malware.”

  • When someone sends an email with links to things that seem okay but are actually dangerous.

    There are many types of phishing, like smishing (SMS or text phishing), vishing (voice phishing), and whaling (phishing that targets people in charge of an organization, like a CEO). Here are 5 tips for identifying phishing emails!

  • A type of malware that a bad cyber actor installs on your computer systems, encrypting essential files to hold your business hostage in exchange for money. Learn more here.

  • A security framework (pronounced “sassy”) that continually evaluates the user/device, the context of the request, and the company’s policies to determine if that user/device should be given access. It all takes place in the cloud.

  • A central command center where you detect, investigate, and prevent threats 24/7.

  • A software platform that helps you diagnose and respond to threats automatically.

  • Software used by bad actors for spying on people via their trusted devices (like a computer).

  • A service that protects your internet connection and privacy online. It creates an encrypted portal for your data to pass through securely, hiding everything from unwanted eavesdropping.

  • They are automated tools to help you find known vulnerabilities in your company’s network. Learn more here!

  • Everyone is denied access to your system(s). Access is only granted once someone is properly verified. Learn more here!

RELEVANT PLAYERS in the cyber world

SECTION TWO

GUESS HOW MANY different types of people make up the cybersecurity world? More than one and less than a gazillion…err…let’s just say a lot! Here we discuss the most relevant players.

Under construction! Clickable icons and their subsequent articles coming soon!

CISO

Chief Information Security Officer (CISO)

A senior leader at an organization focused on cybersecurity.

The Fed

The “Fed”

The US federal government — generally speaking. The term is widely misused.

Incident Responder

Private-sector employees  who respond to cybersecurity incidents, mostly data breaches.

Nation-state Actors

Nation-state Actor

People who target organizations for cyberattacks at the behest of their government.

Hackers

Hacker

Typically, people who enter computer systems illegally. We’ll cover all of them: the good ones, the bad ones, and the kind everyone gets wrong.

BASIC CONCEPTS, simplified & explained

SECTION THREE

STILL A BIT FUZZY ON SOME CONCEPTS? Pssh, don’t sweat it! We’ll help you navigate the concepts you need to understand and the ones you can leave to the tech uber gurus. You might be asking yourself…

  • Website security, the basics

    What are some best practices regarding website security?

    For small businesses, a website is one of the most effective ways to promote your company and sell your products. Unfortunately, a business website is also attractive to bad actors.

    Learn More
  • How to spot a phishing email

    [Asking for a friend] How would I Spot a Phishing Email?

    Phishing is a social engineering technique that tricks you (or your “friend”) into clicking on something that can harm you or your company. Learn how to spot and defend against phishing attempts!

    Learn More
  • GRC, the basics

    What is this "GRC" thing I keep hearing about?!

    It stands for Governance, Risk, and Compliance (GRC). Good GRC integrates cybersecurity into your governance and controls so that protecting your systems, networks, and data is in your organizational DNA.

    Learn More

FEELING GOOD?! 

Ready for a cyber deep dive?

Head to our personas page for ideas and insights that can help protect your business!

  • A guide to help solopreneurs understand cybersecurity

    The Solopreneur

    One person armies

    Start
  • A guide to help SMBs understand cybersecurity

    SMBs

    2 - 249 employees

    Start
  • A guide to help Boards of Directors understand cybersecurity

    BoD

    Board of Directors

    Start

“Tell me and I forget. Teach me and I remember. Involve me and I learn.”

- Benjamin Franklin