Lesson Notes
Why Cybersecurity Matters
Module 1: Foundations. Global stats ($10T cybercrime), breaches like Equifax, personal risks from weak crypto. Pentest angle: test your own assets to find gaps (authorized scope reminder).
Module 1: Foundations — Why Cybersecurity Matters
This lesson connects the CIA triad to the real world: global cost of cybercrime, major breaches, and personal risk. You will also see how an authorized pentest mindset helps—testing your own assets to find gaps before attackers do.
Global Stats and the Cost of Cybercrime
Cybercrime costs the world on the order of $10 trillion annually (estimates vary by year and method). That includes ransomware payments, fraud, recovery costs, and lost productivity. Thousands of attacks happen every day. Understanding the scale reinforces why confidentiality, integrity, and availability are not academic—they protect real money, privacy, and safety.
Breaches That Changed the Game: Equifax and Others
The Equifax breach (2017) exposed roughly 147 million people. Unencrypted or weakly protected data (including SSNs) was leaked. That is a massive confidentiality and integrity failure: data was both exposed and could be altered or misused. Such breaches lead to identity theft, fraud, and long-term risk for victims. They also show why encryption at rest and in transit, and proper access controls, are non-negotiable.
Personal Risks: Identity Theft and Weak Crypto
When sites or services use weak cryptography or store data in plaintext, one breach can leak passwords, SSNs, and financial data. Attackers use that for identity theft, account takeover, and fraud. As a user, you can choose strong passwords and MFA; as a defender or pentester, you look for missing encryption, weak hashing, and exposed data.
Pentest Angle: Test Your Own Assets (Authorized Scope)
An authorized penetration test means you have permission to find weaknesses in a defined scope (e.g. your own lab, your company’s test environment, or a bug bounty target). Testing your own assets—with clear scope and rules of engagement—lets you find gaps before attackers do. Always get authorization in writing; never test systems you do not own or have explicit permission to test. This lesson is a reminder: why cybersecurity matters is also why ethical, scoped testing matters.
Key Takeaway for Lesson 2
Global cybercrime is measured in trillions; breaches like Equifax show what happens when confidentiality and integrity fail. Personal risk from weak crypto is real. Your job as a learner and future defender: understand the impact, then practice finding and fixing gaps in authorized scope. Next: social engineering and your first line of defence—how people fit into the CIA triad before we go deeper on technical attacks like MITM.