Introduction to cyber security: stay safe online | 1

Introduction to cyber security: stay safe online

2.2 How to keep up to date

Figure 8
Long description
Attackers are constantly finding new vulnerabilities and ways of attacking computer systems.
Therefore, it is important to keep yourself informed and up to date with threats that are relevant to
your situation.
There are many sources of news about cyber security. Many of them are extremely technical and
are designed for security specialists to communicate their findings with one another, for software
developers to improve their programs or academic publications. There are also plenty of free
resources, written by journalists, security professionals and enthusiastic amateurs, where you can
learn more even if you are new to the field. The Cyber Streetwise website is a good example of
this type of online resource.
The links provided below are a selection of others that are available. You are not expected to look at
all of them in detail.

News sites
 Introduction to cyber security: stay safe online | 2

The best places to get started are the major media outlets, most of whom employ technology
journalists. These sites will give you readable information intended for as wide an audience as
possible. Many of them are updated several times a day, but they will only consider ‘newsworthy’
events such as a major hack or virus outbreak, and some will only cover news in a particular country
– so you may need to look at a variety of sites:
• BBC News Technology
• Guardian Online Technology
• The Telegraph Internet security
• Bloomberg Cyber security

Technology sites
Many sites devoted to technology will cover aspects of security on a regular basis. Most of the sites
below cover other topics, so you might need to use their search functions to find relevant
information.
• Wired – Threat level
• Computer Weekly
• The Hacker News
• Info-Security magazine

Information security companies

There are a large number of companies selling security software to home users and to businesses.
Almost all of them maintain regularly updated websites explaining new and emerging security threats
and how they can be overcome.
Much of this information is technical and aimed at administrators responsible for large computer
systems, but the introductory material is often quite easily understood. These sites can be the best
to use when a new security issue is identified.
• Sophos labs
• Microsoft
• Apple

Blogs
• Krebs On Security Brian Krebs is an American journalist and investigative reporter. He is best
known for his coverage of profit-seeking cybercriminals. His interest grew after a computer worm
locked him out of his own computer in 2001.
• Graham Cluley is an award-winning security blogger, researcher and public speaker. He has
been working in the computer security industry since the early 1990s, having been employed by
companies such as Sophos, McAfee and Dr Solomon’s.
• Bruce Schneier is an internationally renowned security technologist who writes a monthly
newsletter, called ‘Crypt-o-gram’. He provides commentary and insights into critical security issues
of the day. The content of this blog can be accessed in multiple forms, including a podcast and an
email newsletter.
• Troy Hunt provides analyses of different system breaches and useful hints on how to avoid being
attacked.
 Introduction to cyber security: stay safe online | 3

Activity 3 Knowing your enemies

Allow about 20 minutes
Carry out some research about different cyber security threats and the types of groups who pose the
threat.
Using the information sources above find out about:
• a threat to your information, computers and other devices that arise from malware
• a threat to your communications (such as spam and denial of service (DoS) or distributed denial of
service (DDoS) attacks, often launched using botnets).
For each threat, try to identify the type of individuals or organisations that are posing the threat.
Which of the following types would best describe them?
• Cybercriminal: those carrying out cyber attacks for personal financial gain.
• Spies: those engaged in espionage activities on behalf of either commercial organisations or
national governments.
• Hacktivists: those who carry out cyber attacks as a form of protest against organisations or
governments.
• Insider attacker: disgruntled or dishonest staff who attack their organisation’s computer systems.
If you identify a different type of attacker, how would you describe it?
Spend 10–15 minutes researching, then spend five minutes noting down your findings in the space
below.

2.3 Staying informed

Figure 9
 Introduction to cyber security: stay safe online | 4

Long description
Hopefully, you now have some ideas of how to stay up to date with the latest developments in cyber
security.
Before continuing to the final part of the week, take some time to plan some concrete steps you will
take to keep yourself more informed.