Introduction to cybersecurity
Imagine that you're preparing for a storm.
You've received notification that a storm is coming.
You prepare by gathering
the tools and materials you'll need to stay safe.
You make sure your windows and doors are secure.
You assemble a first aid kit,
tools, food and water. You're prepared.
The storm hits and there are
powerful winds and heavy rain.
The storm is using its force to try and breach your home.
You notice some water leaks
and begin patching them quickly
in order to minimize any risk or potential damage.
Handling a security incident is no different.
Organizations must prepare for the storm by ensuring they
have the tools to mitigate and
quickly respond to outside threats.
The objective is to minimize risk and potential damage.
As a security analyst,
you'll work to protect
your organization and the people it serves from
a variety of risks and outside
threats. And if a threat does get through,
you and your team will provide
a solution to remedy the situation.
To help you better understand what this means,
we'll define security and discuss
the roles of security professionals in organizations.
Let's start with some definitions:
Cybersecurity, or security, is the practice
of ensuring confidentiality, integrity,
and availability of information
by protecting networks, devices,
people, and data from
unauthorized access or criminal exploitation.
For example, requiring
complex passwords to access sites and
services improves confidentiality by
making it much more difficult for
a threat actor to compromise them.
A threat actor is any person
or group who presents a security risk.
Now that you know the definition of security,
let's discuss what security teams do for an organization.
Security protects against external and internal threats.
An external threat is someone outside of the organization
trying to gain access to
private information, networks or devices.
An internal threat comes
from current or former employees,
external vendors, or trusted partners.
Often these internal threats are accidental,
such as an employee clicking on
a compromised link in an email.
Other times, the internal actor intentionally engages in
activities such as unauthorized data access
or abusing systems for personal use.
Experienced security professionals
will help organizations
mitigate or reduce the impact of threats like these.
Security teams also ensure
an organization meets regulatory compliance, or
laws and guidelines, that require
the implementation of specific security standards.
Ensuring that organizations are in
compliance may allow them to avoid fines
and audits, while also upholding
their ethical obligation to protect users.
Security teams also maintain
and improve business productivity.
By establishing a plan for business continuity,
security teams allow people to do their jobs,
even in the case of something like a data breach.
Being security conscious can also
reduce expenses associated with risks,
such as recovering from data loss or
operational downtime, and potentially avoiding fines.
The last benefit of security that we'll
discuss is maintaining brand trust.
If services or customer data are compromised,
this can lower trust in the organization,
damage the brand, and hurt the business in the long term.
Loss of customer trust may
also lead to less revenue for the business.
Now, let's go over some common security-based roles.
After completing this certificate program,
here are some job titles you may want to search for:
Security analyst or specialist,
Cybersecurity analyst or specialist,
Security operation center or SOC
analyst, Information security analyst.
You'll also learn more about the responsibilities
associated with some of
these job titles later in the program.
As you may now realize,
the field of security includes
many topics and concepts and
every activity you complete in
this program moves you one step closer to a new job.
Let's keep learning together.