Keeping Cyber Security Simple

By Tommy Lorenzo

As technology increasingly permeates our lives, digital safety has become of vital importance. "Keeping Cyber Security Simple" offers an accessible introduction into cybersecurity aimed specifically at those new to cybersecurity practices or non-technical individuals.

This book offers a friendly yet thorough exploration of cyber threats, their real-world effects, and ways you can secure your digital life or that of your organization. Covering everything from basic online safety practices to common scams to safeguarding personal data - this guide equips readers with essential knowledge and practical steps needed for confident digital navigation.

"Keeping Cyber Security Simple" offers relatable analogies, real world examples and user-friendly explanations to simplify complex concepts for you. No prior technical expertise is needed as you embark on a learning adventure to empower informed decisions, adopt best practices, and secure yourself against cyber risks.

• Language: English
• Publisher: Tommy Lorenzo
• Release date: Apr 29, 2024
• ISBN: 9798224528837

Tommy Lorenzo

Thomas Lorenzo, also known as Tommy, is an IT veteran of over 24 years covering Digital Transformation and Security concepts for customers. Thomas has had the privilege to work with various global companies such as Telefonica, Microsoft, Trend Micro, and Dell Technologies. During this time, he has helped customers with Incident Response, Generating new Security Postures, and Educating non-technical audiences on the importance of adopting Cyber Security as a Business Practice. When he is not working with Customers, Tommy spends most of his time reading, watching sports, and traveling the world. An admitted Star Wars fanatic, he spends many hours re-watching the movie series and reading Star Wars novels or, says his wife of 9 years! A good coffee cup is never too far away from his desk. Tommy currently lives near Fort Lauderdale, FL, with his wife. Keep in touch with Tommy via the web: Twitter: http://www.twitter.com/tlorenzo_pr (now known as X) Instagram: https://instagram.com/tommylorenzoauthor 

Book preview

Acknowledgment

Iwant to thank those who inspired and helped me during this journey, giving me the confidence to achieve my dream of being an author. My daughter Gabriela Nichole gave credence to this dream and helped me review every word while challenging me to make the book easier to understand for those interested in security but not technically versed.  My brother Eduardo, who painfully read the book's first few drafts, offered me the perspective on how to let my voice speak in every chapter.

I also have to acknowledge the support of my wife Shanell, who would follow up with me every week on how the progress went; Estephanie Aguilar, Edwin Rivera, and Jean Hernandez each provided their two cents on topics our customers ask us every week, and being brutally honest with their assertations on how not to make it boring.

To all my coworkers and customers who challenge me every day to be better and learn new ways to evangelize the message of security, I thank you all.

I enjoyed this process and hope it helps you learn or clarify that security is not an easy topic, but we have ways to simplify it and make it practical in our daily lives.

Introduction

It’s 2009, you’re in Los Angeles, and Kobe Bryant’s LA Lakers just won the NBA finals, and everyone is in a frenzy. With most people celebrating, it’s a perfect time to move on to your mission. You feel comfortable looking well-dressed, handsome, and athletic with a million-dollar smile. The mission is to infiltrate a heavily guarded building to obtain highly classified information. The team has been evaluating and planning how to access and move about the building for months. Gaining access requires an ID, and you identify the janitor as the easiest target; like in most movies, she has the keys that provide access to the whole building with one credential. You can quickly take the identity from her with your charm and wit.

A distraction is needed to move freely to the top floor because most people in the building don’t know you. As in all spy movies, your backup team keeps an eye as you move around the building, and they manage to cut all video cameras that monitor the building and trigger the alarm to have everyone evacuate the premises. Once you reach the top floor, you pull out your camera to take pictures of classified documents or break into the safe to take the crown jewels you came for. You can sell everything to the best bidder or request a ransom with everything secured.

At this point, you may ask yourself, What in the name of... does this have to do with cyber security?

A person sitting at a desk with a computer Description automatically generated with low confidence

In today’s modern society, the ‘heavily guarded building’ could be your home, office, or anywhere your data lives. The spy is the hacker, and the ‘backup team’ is the group cooperation they use to infiltrate your systems (most hackers share scripts, tools, and methods). Hackers are brilliant and patient people taking their time evaluating your defenses and creating distractions (they trigger mini-attacks to see how your security will try to defend). They can steal your identity or access accounts to your network (like they did to the janitor) to gain access to your bank accounts, ask for loans, use your credit, or sell it on the dark web to the highest bidder. Hackers use various techniques and tactics, such as social engineering, to obtain valuable information from your circle of friends, social media, or just overhearing a conversation at a local coffee shop. The ‘classified documents’ can be information on your clients, blueprints to that new product you have been working on, private information like photos, social security numbers, and bank statements... I can go on, but I think you get the picture. As a side note, I have no idea if the hackers are tall, handsome, or athletic; for all I know, they might be tiny little people living under your house, but I love James Bond movies and thought the analogy would be spot on.

Questions I hear from most of my customers include why did this happen? Why didn’t our team notice this happening? Is the impact real, or is this just security companies creating fear to sell more products and services? How can we prevent this from happening to us?

These are all valid questions; I probably forgot a few more that we could discuss in more detail as we go along in the following few chapters. We’ll do our best to cover them along the way.

While reading this ebook, we’ll discuss why this is important for all of us and the impact on you or your organization. It might get bumpy with a few terms; however, I’ll include a glossary for reference, and we’ll do our best to provide enough real-life examples of actions, processes, tools, and possible effects.

Before the security community jumps all over me, I want to clarify that this book intends to Simplify a very complex topic to educate the general public and decision-makers. I purposely omitted many technical details like DDOS attacks, NAT, scripting tools, vectors of attack, and a few others as these are very technical and require a more profound understanding of technical terms. Let us Keep Cyber Security Simple!

Chapter 1: What is Cybersecurity & Why Should You Care

Cybersecurity safeguards computer systems, networks, and digital assets from theft, damage, or unauthorized access through technology policies and processes designed to secure sensitive