Chapter 1 – Understanding IT Security¶
Before we dive into specific tools and techniques, it’s important to understand the foundation:
What is IT security, and why does it matter for everyday users?
In this chapter, you'll learn the three core principles of information security (confidentiality, integrity, availability) and get an overview of common threats.
We'll also explore what can go wrong and why regular users like you are just as much a target as large companies.
Clear foundational lessons help you build real security awareness without needing technical expertise.
1.1 The Three Pillars of IT Security (CIA Triad)¶
| Pillar | Meaning | Security-Relevant Example |
|---|---|---|
| Confidentiality | Only authorised people can read the data. | Medical records transmitted over an end-to-end-encrypted patient portal. |
| Integrity | Data remain correct and unaltered. | A software update verified by a digital signature before installation. |
| Availability | Systems and data are reachable when needed. | An online-banking platform stays online during a DDoS attack because traffic is absorbed by a cloud-based mitigation service. |
Why these three pillars matter
All three are required for a system to be secure.
If one fails, attackers might read, change, or block your data.
1.2 Common Threats You Should Know¶
- Malware – e.g., ransomware, viruses
- Phishing emails and fake login pages
- Unsecured Wi-Fi – especially in hotels, airports, cafés
- Social engineering – psychological tricks to get your credentials
These threats don’t require advanced hacking
Most attacks succeed because people trust too quickly, reuse passwords, or delay updates.
1.3 "I'm Not a Target, Right?"¶
Actually, you are – most attacks are automated:
- Hackers scan the internet for outdated devices
- Leaked passwords are reused in credential-stuffing attacks
- Phishing is mass-mailed – whoever clicks, loses
Nobody is too small to be targeted
If you have a device, internet access, or a bank account, you are a potential target.
1.4 Real-Life Consequences¶
| Scenario | What could happen |
|---|---|
| Email account hacked | Attacker resets passwords on Amazon, PayPal, etc. |
| Ransomware attack | All files encrypted – pay ransom or lose everything |
| Public Wi-Fi access | Login data intercepted without encryption |
These are not just 'IT problems'
A single breach can affect your identity, finances, and even relationships.
1.5 Self-Check: How Safe Are You?¶
- I use unique passwords for each of my accounts
- I have enabled two-factor authentication (2FA) for important services like email or banking
- My devices and apps are regularly kept up to date
Start with your email account
It’s the key to resetting other accounts—protect it with a strong password and 2FA first.
- If all boxes are checked: You're already ahead of most people—keep it up!
- If some are still open: No problem. This guide will walk you through every step.