English Cybersecurity - Cybersecurity in Plain English

Identity, Access & Authentication Authentication protocols (LDAP, Kerberos, SAML, OAuth2) Identity and Access Management (IAM) Least privilege, role-based access control (RBAC) Federation and Single Sign-On (SSO)

Network Security – Deeper Dive Deeper look at ports, protocols, and services Intro to Wireshark for packet analysis Firewalls: rule sets, NAT, and deep packet inspection IDS/IPS vs. SIEM tools – what they do and how they differ

Vulnerabilities, Exploits & Patch Management CVE, CVSS, and vulnerability scoring Exploit techniques (buffer overflows, privilege escalation) Patch management process in enterprise environments Virtual patching & compensating controls

Threat Actor Evolution Threat Actor Types: Script kiddies, criminal organizations, hacktivists, insiders Nation-state actors (APT groups) – motivations and tactics Case studies of evolving threats: From basic phishing → sophisticated spear phishing From simple ransomware → double extortion models Emerging threat vectors: Deepfakes for social engineering Supply chain attacks (e.g., SolarWinds) AI-powered malware and automation Cyber Kill Chain Framework (Lockheed Martin model) 7 stages of an attack: Reconnaissance Weaponization Delivery Exploitation Installation Command & Control (C2) Actions on Objectives How defenders can “break the chain” at each stage MITRE ATT&CK Overview What is ATT&CK and why it’s useful Tactics vs. Techniques vs. Procedures (TTPs) Brief demo (or screenshots) of MITRE ATT&CK Navigator How blue teams use it for threat detection Mapping common attacks to ATT&CK

Incident Response and Reporting Recognizing signs of compromise Steps in incident response (identify, contain, eradicate, recover) Role of users in reporting Legal and compliance considerations

Security in the Workplace Acceptable Use Policies (AUP), InfoSec Program and sub policies Device management (BYOD vs. corporate devices) Physical security (access control, secure areas) Security awareness culture

Data Protection and Privacy Encryption (at rest/in transit) Backups and data recovery Secure file sharing and disposal Privacy regulations (GDPR, HIPAA, etc.)

Basic networking: IP, DNS, ports, protocols Firewalls and intrusion detection/prevention (IDS/IPS) Network segmentation and zero trust principles VPNs and secure remote access

In this week’s episode, we discuss: Strong passwords and multi-factor authentication (MFA) Safe browsing and email hygiene Software updates and patch management Endpoint protection (AV/EDR)

In this episode we kick things off with some Cybersecurity 101 topics like the CIA triad, threats, malware types, and social engineering.