Cybersecurity pillar · Module 1 of 6

What is cybersecurity, really?

Let me be honest: most “intro to cybersecurity” content makes it sound more complicated than it needs to be. At its core, security is about protecting things that matter from people who want to harm them.

← Back to Cybersecurity Fundamentals Training

1.1 The CIA triad (no, not that CIA)

These three principles are the foundation of everything in security. Every control, every policy, every tool ultimately serves one or more of these goals:

Confidentiality

Keep secrets secret. Only the right people should see sensitive information. Your medical records, your company’s trade secrets, your password—these should stay private.

When it fails: Data breaches, leaked documents, stolen credentials.

Integrity

Make sure it’s accurate. Data should be trustworthy and unchanged by unauthorised people. You need to know that the bank balance you see is real, not modified by an attacker.

When it fails: Tampered records, fake news, altered financial data.

Availability

Keep it running. Systems need to be accessible when needed. If your hospital’s patient records are down, lives could be at risk.

When it fails: Ransomware, denial of service, outages.

1.2 Why should you actually care?

Here’s the uncomfortable truth: security breaches happen to organisations of every size, every day. And the consequences are real:

Money. The average data breach costs $4.45 million (IBM, 2023). For small businesses, even a fraction of that can be fatal.
Reputation. Customers don’t trust companies that lose their data. Rebuilding that trust takes years.
Legal consequences. GDPR fines can reach €20 million or 4% of global revenue. Executives can face personal liability.
Operations. Ransomware can shut down operations for weeks. Some businesses never recover.
People. Identity theft, harassment from leaked data, stress from dealing with breaches—real humans suffer from security failures.

🎯 The mindset shift

Security isn’t about achieving perfection—that’s impossible. It’s about making it hard enough that attackers go elsewhere, and being prepared to respond when something does go wrong.

Free resources to go deeper

Interactive lab: TryHackMe: Intro to Cybersecurity — Free, hands-on, perfect for beginners
Video series: Professor Messer: Security+ Training — Free, thorough, great production
Reading: CISA Cybersecurity Best Practices — From the US government agency that handles this stuff

Next: How attacks happen →