"Cybersecurity For Dummies" covers a lot of topics on security, like a solid encyclopedia and from the beginning the author mentioned DDoS attacks, botnets and even cryptocurrency miners. That's where my mom will close the book. Probably "Dummies" series come with hydrant of information on the topic and I can't complain. Curious to know if people buy this book after they've got online into troubles. Malware or some privacy issues. I am not sure if my mom will be able to use this book in practice or understand anything beyond theory. Should a book on security be more practical? Should an author lead a reader towards the goal or its up to that reader to research and decide what to do to stay safe online. Is it enough to say "use a difficult password" instead of leading the way to help and point out where their password could be changed?
✅ Set a strong, unique password. Where is that?
Account → Settings and Privacy → Settings → Security and Login
* Practical example. Changing password in Facebook app. Even this isn't enought without a picture and next steps.
Here is a saved table of contents mostly for myself to remind how many topics might be covered and need to avoid overwhelming a reader.
Table of contents
Part 1: Getting Started with Cybersecurity
Chapter 1: What Exactly Is Cybersecurity?
- Cybersecurity Means Different Things to Different Folks
- Cybersecurity Is a Constantly Moving Target
- Looking at the Risks That Cybersecurity Mitigates
Chapter 2: Getting to Know Common Cyberattacks
- Attacks
- That Inflict Damage
- Impersonation Interception
- Data Theft
- Malware
- Poisoned Web Service Attacks
- Network Infrastructure Poisoning
- Malvertising
- Exploiting Maintenance Difficulties
- Advanced Attacks
Chapter 3: Bad Guys and Accidental Bad Guys: The Folks You Must Defend Against
- Bad Guys and Good Guys Are Relative Terms
- Bad Guys Up to No Good
- Cyberattackers and Their Colored Hats
- Monetizing Their Actions
- Dealing with Nonmalicious Threats
- Defending against These Attackers
- Addressing Risks through Various Methods
Part 2: Improving Your Own Personal Security
Chapter 4: Evaluating Your Current Cybersecurity Posture
- Identifying Ways You May Be Less than Secure
- Identifying Risks
- Protecting against Risks
- Evaluating Your Current Security Measures
- Privacy 101
- Banking Online Safely
- Safely Using Smart Devices
Chapter 5: Enhancing Physical Security
Understanding Why Physical Security Matters
Taking Inventory
Locating Your Vulnerable Data
Creating and Executing a Physical Security Plan
Implementing Physical Security
Security for Mobile Devices
Realizing That Insiders Pose the Greatest Risks
Part 3: Protecting Yourself from Yourself
Chapter 6: Securing Your Accounts
- Realizing That You’re a Target
- Securing Your External Accounts
- Securing Data Associated with User Accounts
- Securing Data with Parties That You’ve Interacted With
- Securing Data at Parties That You Haven’t Interacted With
Chapter 7: Passwords
- Passwords: The Primary Form of Authentication
- Avoiding Simplistic Passwords
- Password Considerations
- Creating Memorable, Strong Passwords
- Knowing When to Change Your Password
- Changing Passwords after a Breach
- Providing Passwords to Humans
- Storing Passwords
- Transmitting Passwords
- Discovering Alternatives to Passwords
Chapter 8: Preventing Social Engineering
- Don’t Trust Technology More than You Would People
- Types of Social Engineering Attacks
- Six Principles Social Engineers Exploit
- Don’t Overshare on Social Media
- Leaking Data by Sharing Information as Part of Viral Trends
- Identifying Fake Social Media Connections
- Using Bogus Information
- Using Security Software
- General Cyberhygiene Can Help Prevent Social Engineering
Part 4: Cybersecurity for Businesses and Organizations
Chapter 9: Securing Your Small Business
- Making Sure Someone Is in Charge
- Watching Out for Employees
- Considering Cyber Insurance
- Complying with Regulations and Compliance
- Handling Internet Access
- Managing Power Issues
Chapter 10: Cybersecurity and Big Businesses
- Utilizing Technological Complexity
- Managing Custom Systems
- Continuity Planning and Disaster Recovery
- Looking at Regulations
- Deeper Pockets — and Insured
- Considering Employees, Consultants, and Partners
- Looking at the Chief Information Security Officer’s Role
Part 5: Handling a Security Incident (This Is a When, Not an If)
Chapter 11: Identifying a Security Breach
- Identifying Overt Breaches
- Detecting Covert Breaches
Chapter 12: Recovering from a Security Breach
- An Ounce of Prevention Is Worth Many Tons of Response
- Stay Calm and Act Now with Wisdom
- Bring in a Pro Recovering from a Breach without a Pro’s Help
- Reinstall Damaged Software
- Dealing with Stolen Information
- Recovering When Your Data Is Compromised at a Third Party
Part 6: Backing Up and Recovery
Chapter 13: Backing Up
- Backing Up Is a Must
- Looking at the Different Types of Backups
- Exploring Backup Tools
- Knowing Where to Back Up
- Knowing Where Not to Store Backups
- Encrypting Backups
- Figuring Out How Often You Should Backup
- Disposing of Backups
- Testing Backups
- Conducting Cryptocurrency Backups
- Backing Up Passwords
- Creating a Boot Disk
Chapter 14: Resetting Your Device
- Exploring Two Types of Resets
- Rebuild Your Device after a Hard Reset
Chapter 15: Restoring from Backups
- You Will Need to Restore
- Wait! Do Not Restore Yet!
- Restoring from Full Backups of Systems
- Restoring from Incremental Backups
- Dealing with Deletions
- Excluding Files and Folders
- Understanding Archives
- Restoring Using Backup Tools
- Returning Backups to Their Proper Locations
- Restoring to Non-Original Locations
- Never Leave Your Backups Connected
- Restoring from Encrypted Backups
- Testing Backups
- Restoring Cryptocurrency
- Booting from a Boot Disk
Part 7: Looking toward the Future
Chapter 16: Pursuing a Cybersecurity Career
- Professional Roles in Cybersecurity
- Exploring Career Paths
- Starting Out in Information Security
- Exploring Popular Certifications
- Overcoming a Criminal Record
- Looking at Other Professions with a Cybersecurity Focus
Chapter 17: Emerging Technologies Bring New Threats
- Relying on the Internet of Things
- Using Cryptocurrencies and Blockchain
- Optimizing Artificial Intelligence
- Experiencing Virtual Reality
- Transforming Experiences with Augmented Reality
Part 8: The Part of Tens
Chapter 18: Ten Ways You Can Improve Your Cybersecurity without Spending a Fortune
- Understand That You Are a Target
- Use Security Software
- Encrypt Sensitive Information
- Back Up Often
- Do Not Share Passwords and Other Login Credentials
- Use Proper Authentication
- Use Social Media Wisely
- Segregate Internet Access
- Use Public Wi-Fi Safely
- Hire a Pro
Chapter 19: Ten Lessons from Major Cybersecurity Breaches
- Marriott
- Target
- Sony Pictures
- Office of Personnel Management
- Anthem
Chapter 20: Ten Ways to Safely Use Public Wi-Fi
- Use Your Cellphone as a Mobile Hotspot
- Turn Off Wi-Fi Connectivity When You’re Not Using Wi-Fi
- Don’t Perform Sensitive Tasks over Public Wi-Fi
- Don’t Reset Passwords When Using Public Wi-Fi
- Use a VPN Service
- Use Tor
- Use Encryption
- Turn Off Sharing
- Have Information Security Software on Any Devices Connected to - Public Wi-Fi Networks
- Understand the Difference between True Public Wi-Fi and Shared - Wi-Fi
While many books have been written over the past couple decades on a wide variety of cybersecurity-related topics, most of them don’t provide the general population with the information needed to properly protect themselves.
Many cybersecurity books are directed toward highly technical audiences and tend to overwhelm noncomputer scientists with extraneous information, creating severe challenges for readers seeking to translate the knowledge that they acquire from books into practical actions. On the flip side, various self-published introduction-to-cybersecurity books suffer from all sorts of serious deficiencies, including, in some cases, having been written by non-experts and presenting significant amounts of misinformation. Anyone interested in cybersecurity often shouldn’t trust these materials. Likewise, many security tip sheets and the like simply relay oft-repeated clichés and outdated advice, sometimes causing people who follow the recommendations contained within such works to worsen their cybersecurity postures rather than improve them. Furthermore, the nearly constant repetition of various cybersecurity advice by media personalities after news stories about breaches (“Don’t forget to reset all your passwords!”), coupled with the lack of consequences to most people after they do not comply with such directives, has led to cybersecurity fatigue — a condition in which folks simply don’t act when they actually need to because they have heard the “boy cry wolf” one too many times.
I wrote Cybersecurity For Dummies to provide people who do not work as cybersecurity professionals with a foundational book that can teach them what they need to know about cybersecurity and explain why they need to know it. This book offers you practical, clear, and straightforward advice that you can easily translate into actions that can help keep you and your children, parents, and small businesses cybersecure.