Illusoryxdays - Illusoryxdays

An Introduction to Cybersecurity

I created this post for the Studyblr Masterpost Jam, check out the tag for more cool masterposts from folks in the studyblr community!

What is cybersecurity?

Cybersecurity is all about securing technology and processes - making sure that the software, hardware, and networks that run the world do exactly what they need to do and can't be abused by bad actors.

The CIA triad is a concept used to explain the three goals of cybersecurity. The pieces are:

Confidentiality: ensuring that information is kept secret, so it can only be viewed by the people who are allowed to do so. This involves encrypting data, requiring authentication before viewing data, and more.

Integrity: ensuring that information is trustworthy and cannot be tampered with. For example, this involves making sure that no one changes the contents of the file you're trying to download or intercepts your text messages.

Availability: ensuring that the services you need are there when you need them. Blocking every single person from accessing a piece of valuable information would be secure, but completely unusable, so we have to think about availability. This can also mean blocking DDoS attacks or fixing flaws in software that cause crashes or service issues.

What are some specializations within cybersecurity? What do cybersecurity professionals do?

incident response

digital forensics (often combined with incident response in the acronym DFIR)

reverse engineering

cryptography

governance/compliance/risk management

penetration testing/ethical hacking

vulnerability research/bug bounty

threat intelligence

cloud security

industrial/IoT security, often called Operational Technology (OT)

security engineering/writing code for cybersecurity tools (this is what I do!)

and more!

Where do cybersecurity professionals work?

I view the industry in three big chunks: vendors, everyday companies (for lack of a better term), and government. It's more complicated than that, but it helps.

Vendors make and sell security tools or services to other companies. Some examples are Crowdstrike, Cisco, Microsoft, Palo Alto, EY, etc. Vendors can be giant multinational corporations or small startups. Security tools can include software and hardware, while services can include consulting, technical support, or incident response or digital forensics services. Some companies are Managed Security Service Providers (MSSPs), which means that they serve as the security team for many other (often small) businesses.

Everyday companies include everyone from giant companies like Coca-Cola to the mom and pop shop down the street. Every company is a tech company now, and someone has to be in charge of securing things. Some businesses will have their own internal security teams that respond to incidents. Many companies buy tools provided by vendors like the ones above, and someone has to manage them. Small companies with small tech departments might dump all cybersecurity responsibilities on the IT team (or outsource things to a MSSP), or larger ones may have a dedicated security staff.

Government cybersecurity work can involve a lot of things, from securing the local water supply to working for the big three letter agencies. In the U.S. at least, there are also a lot of government contractors, who are their own individual companies but the vast majority of what they do is for the government. MITRE is one example, and the federal research labs and some university-affiliated labs are an extension of this. Government work and military contractor work are where geopolitics and ethics come into play most clearly, so just… be mindful.

What do academics in cybersecurity research?

A wide variety of things! You can get a good idea by browsing the papers from the ACM's Computer and Communications Security Conference. Some of the big research areas that I'm aware of are:

cryptography & post-quantum cryptography

machine learning model security & alignment

formal proofs of a program & programming language security

security & privacy

security of network protocols

vulnerability research & developing new attack vectors

Cybersecurity seems niche at first, but it actually covers a huge range of topics all across technology and policy. It's vital to running the world today, and I'm obviously biased but I think it's a fascinating topic to learn about. I'll be posting a new cybersecurity masterpost each day this week as a part of the #StudyblrMasterpostJam, so keep an eye out for tomorrow's post! In the meantime, check out the tag and see what other folks are posting about :D

71/100

I've bad period cramps today... couldn't go to uni... I gotta be honest here... not everyday will be 10/10... we will have these days and its ok. accepting a not so productive day when ur body is barely surviving is more than ok! sending love and warmth to all my perfectionist girlies out there!

Log: 17th Feb 2025 running wild

Read Ministry of Time

Journal_mental health check

Gentle stretching and long shower

Protein rich brunch

Studied Gradient Descent __2P

Loss function __2P

Language P

called home

watched Run Jin Variety Show Extravaganza

Note to self: No self-hatred is allowed! u r doing what u can!

688 notes View Post

illusoryxdays

1 month ago

I want so many trinkets and clips and bits on my traveler’s journal that it takes me 5 minutes to even get into it for me to actually write in it.

191 notes View Post

illusoryxdays

1 month ago

27.04.25

Big fan of an espresso tonic.

Weather’s turned for the better; sun has returned and everything is beginning to flower, to the detriment of my allergies. But nice weather warrants espresso tonics again, so there’s that small delight to enjoy amidst everything. Time of pressure in the PhD program again. Acquaintance of mine dropped out of the program a bit ago and gave me a small notebook before leaving. Mentioned knowing how much I like writing on paper and felt it was an apt parting gift. Aim to honor their intent by getting good mileage out of said notebook; in tandem with my normal spiral bound, it has thus far served its purpose well.

🎶 Sweet Life - Frank Ocean

372 notes View Post

illusoryxdays

1 month ago