Cyber Security Basics: Exploring the Fundamentals of Cyber Security

With technology evolving at an exponential rate, it’s never been more important for organisations and individuals to bolster their cyber security practices. The incidence of cyber threats is rising year-on-year, costing trillions of dollars globally, so it’s no wonder cyber security professionals are in demand.

Understanding the basics of cyber security is the first step for anyone looking to enter the field. We’ve put together some cyber security fundamentals to get you on the path to a successful cyber security career.

The three concepts of cyber security

The foundation of cyber security basics lies in the CIA triad, which stands for confidentiality, integrity and availability. These three concepts of cyber security form the basis of protecting sensitive information and ensuring digital systems can operate securely.

1. Confidentiality

Within the CIA triad, ‘confidentiality’ refers to the assurance that data and information are accessible only to authorised persons. It involves strict security measures like encryption and access controls, which are deployed to prevent unauthorised access and data breaches.

2. Integrity

Integrity is all about keeping the data accurate and unaltered during transfers and storage. Any unauthorised modification or tampering with data will compromise its integrity, potentially leading to serious consequences.

3. Availability

Availability ensures that systems, data and resources are accessible and usable by authorised individuals around the clock. Protection against denial-of-service (DoS) attacks and system failures is crucial to maintaining availability.

What are the basics of cyber security?

Aspiring professionals should familiarise themselves with some cyber security fundamentals:

    • common cyber security terminology
    • types of cyber security threats
    • cyber security best practices.

These fundamentals of cyber security can serve as an introduction to this exciting, fast-paced field. Ultimately, getting to grips with basic terminology, common threats and best practices will put you in a stronger position when it comes to studying and finding your dream cyber security job.

Common cyber security terminology

Beyond the basic concepts of cyber security, you can’t master the fundamentals of cyber security without first understanding the common parlance. Here are some cyber security terms you should familiarise with:

• Firewall: A security barrier between internal and external networks, designed to filter and block unauthorised traffic.
• Encryption: This is the process of converting data into code that protects it during transfers or storage.
• Vulnerability: A weakness or flaw in a system that can be exploited.
• Patch: A software update that developers release to fix known security vulnerabilities.
• Two-factor authentication (2FA): This requires users to provide two forms of ID before they can access an account or system.
• Antivirus: Antivirus software is designed to detect, prevent and remove malicious software.
• Penetration testing: This is a controlled simulation of cyber attacks on a system or network that can help identify vulnerabilities and assess its security posture.
• Virtual private network (VPN): A VPN is a secure and encrypted network connection that allows users to access the internet or a private network confidentiality.
• Security incident response plan: This response plan outlines the step-by-step procedures an organisation should follow in the event of a security breach or cyber attack.

Types of cyber security threats

While malicious actors are continuously developing and deploying new types of cyberattacks, there are some common threats aspiring cyber professionals should be aware of, including:

• Malware: Short for malicious software, malware covers a wide range of harmful software, including viruses, worms, Trojans and ransomware. Malware can disrupt systems, steal sensitive data and even extort money from targets.
• Phishing: Phishing is a social engineering technique used by cybercriminals to trick users into revealing sensitive information. This is often in the form of login credentials or financial details, which are ‘phished’ using deceptive emails, links, downloads and websites.
• Data breaches: Data breaches happen when an unauthorised attacker gains access to sensitive information, which usually leads to personal or confidential data being exposed.
• Denial-of-service attacks: In DoS attacks, the attacker floods a system or network with an overwhelming amount of traffic, which causes it to become unavailable to legitimate users.
• Insider threats: Insider threats are when someone within an organisation misuses their privileges to access and steal sensitive information or intentionally cause disruption.

Cyber security best practices

The best practices described below should be considered cyber security fundamentals, but they aren’t an exhaustive list. Instead, cyber professionals will need to continuously monitor and assess potential risks, stay informed about emerging threats and adapt best practices accordingly.

1. Strong passwords

Arguably the fundamental of cyber security is the use of strong, unique passwords. A strong password should include a combination of upper- and lower-case letters, numbers and special characters. The worst thing you can do is to use passwords with easily guessable information, such as birthdays or common words and numbers. It’s also important to use a different password for each account.

2. Regular software updates

Developers regularly release updates to their software that include security patches and address vulnerabilities and bugs. Enabling automatic updates for your operating systems and commonly used programs will protect against known exploits and potential cyber attacks.

3. Data backup

Data loss can happen for any number of reasons – ransomware attacks, hardware failures or even disasters like a fire or flood. Both individuals and organisations should have a robust data-backup strategy in place so you can always access critical information – even in the event of a cyber incident or system failure.

4. Network segmentation

Network segmentation involves dividing a network into smaller segments – or sub-networks – to limit the potential impact of a cyber attack. By isolating sensitive data and resources from the rest of the network, you can contain and mitigate the effects of any breach.

How to study cyber security

As a fast-growing industry, particularly due to a rise in the number of attacks, cyber security is an exciting and potentially lucrative career choice.

If you’re ready to gain the cyber security skills and training you need to build a successful career, the University of Adelaide has online study options to meet your needs:

• Boost your organisational resilience against cyber criminals and gain experience with a wide range of cyber security tools with a Graduate Certificate in Cyber Security Online.
• Existing students can lay the groundwork for an exciting future by gaining best-in-class technical and managerial skills with a Master of Cyber Security Online.

Interested in responding to the urgent demand for skilled cyber security professionals in Australia? Find out more about different cyber security career pathways.