Welcome to the first module of the Foundational Cybersecurity Course.
Here we explore what cybersecurity really means, why it matters, and how it touches everything — from personal devices to global infrastructure.
You’ll learn key terms like threat, vulnerability, and risk, understand the CIA Triad, and perform your first practical exercise: threat mapping.
💡 Learning Objectives
By the end of this module, you’ll be able to:
Define cybersecurity and explain its goals.
Describe the three pillars of the CIA Triad.
Identify major threat actors and their motivations.
Differentiate between threat, vulnerability, exploit, and risk.
Perform a basic threat-mapping exercise on a real-world case.
🔍 1. What Is Cybersecurity?
Cybersecurity is the practice of protecting systems, networks, and data from digital attacks.
These attacks aim to:
Steal information (confidential data)
Disrupt operations (availability)
Alter or destroy data (integrity)
In modern life, cybersecurity is no longer limited to corporations. Every connected individual — student, freelancer, or small-business owner — has something valuable to protect: data, reputation, identity, or finances.
🔐 2. The CIA Triad — Foundation of Security
| Component | Description | Example |
|---|---|---|
| Confidentiality | Ensuring information is accessible only to authorized people. | Encryption of passwords, using 2FA. |
| Integrity | Ensuring data is accurate and unaltered. | File hashing, version control. |
| Availability | Ensuring systems and data are accessible when needed. | Backups, DDoS protection, redundant servers. |
⚔️ 3. The Threat Landscape
Attackers today come in many forms:
| Threat Actor | Motivation | Example |
|---|---|---|
| Cybercriminals | Financial gain | Ransomware / phishing scams |
| Hacktivists | Political/social cause | Website defacements |
| Nation-state groups | Espionage | Targeting government or energy sectors |
| Insiders | Revenge / carelessness | Employee leaking data |
| Script kiddies | Curiosity / bragging rights | Using tools without full understanding |
🧩 4. Key Concepts & Terminology
| Term | Definition |
|---|---|
| Threat | Any potential cause of an unwanted incident. |
| Vulnerability | Weakness in a system that can be exploited. |
| Exploit | The method or code that takes advantage of a vulnerability. |
| Risk | The likelihood that a threat will exploit a vulnerability. |
| Malware | Malicious software designed to damage or steal. |
| Phishing | Social engineering to trick users into revealing info. |
🧠 5. Practical Lab — Threat Mapping Exercise
Goal: Understand how to classify threats and actors.
Steps:
Choose one real incident (e.g., a major ransomware or data-leak case).
Identify:
Threat Actor: who was behind it
Motivation: financial, political, etc.
Attack Vector: how the attack started
Impact: data loss, downtime, financial cost
Map these on a simple chart (Threat → Vulnerability → Impact).
Discuss or note defensive controls that could’ve mitigated it.
Tip: You can use examples like WannaCry 2017 or LinkedIn Data Breach 2021.
⚖️ 6. Ethics & Responsible Practice
Ethical boundaries define true cybersecurity professionals.
Never attack or scan systems you don’t own or have written permission to test.
Always use isolated lab environments (VMs, emulators, or sandbox platforms).
Follow laws such as the Information Technology Act (India) and global norms like GDPR.
Ethics build trust — and trust builds careers in cybersecurity.
📘 7. Summary & Next Steps
In this first module, you’ve built a foundation:
You understand cybersecurity goals and principles.
You can identify threats, vulnerabilities, and risks.
You’ve practiced mapping an incident and thinking like an analyst.
✅ Next Up: Module 2 — Digital Self-Defense & Personal Security →