Author: Trix Cyrus
🔹 Try My Waymap Pentesting Tool
🔹 Follow TrixSec GitHub
🔹 Join TrixSec Telegram
So... What Even Is Cybersecurity?
Let me guess. You have heard the word "cybersecurity" thrown around a hundred times. Maybe in the news after some company got hacked. Maybe your friend mentioned it while trying to sound smart. Maybe you just think hackers are cool (they are, by the way).
But nobody actually sat you down and explained what it means. Like, really explained it.
So let's fix that. Right now.
Cybersecurity is just the practice of protecting computers, networks, and data from people who want to mess with them.
That's it. That's the core idea. Everything else builds on top of this.
When someone says they "work in cybersecurity," they could be doing a bunch of different things. They might be defending a company's systems. They might be testing those systems by trying to break in (legally). They might be investigating a breach after it happens. There are so many roles, and we will get into all of that later in this series.
But for now, just remember this: cybersecurity = protecting digital stuff from bad actors.
Why Should You Even Care?
Here is the thing. Cybersecurity is not just for "tech people." It affects literally everyone who uses the internet. And that is... everyone.
Think about it:
- Your Instagram account? That is a target.
- Your email? Definitely a target.
- Your bank account? Big target.
- That random website where you signed up with the same password you use everywhere? Yeah... we need to talk about that later.
Every single day, hackers are out there finding new ways to steal data, break into systems, and cause chaos. Some do it for money. Some do it for fun. Some do it because they got hired to find weaknesses before the bad guys do (those are the good hackers, and that is literally a career path).
The point is: whether you want to defend, attack (ethically), or just not get hacked yourself, understanding cybersecurity is a superpower in today's world.
The CIA Triad (No, Not That CIA)
Okay, here is your first real concept. Every cybersecurity professional knows this one, and now you will too.
It is called the CIA Triad. And no, we are not talking about the Central Intelligence Agency. We are talking about three principles that everything in cybersecurity revolves around:
🔒 Confidentiality
Only the right people should see the data.
Imagine you send a private message to your friend. Confidentiality means nobody else can read that message. Not a hacker. Not your ISP. Not some random dude sniffing WiFi at a coffee shop.
When confidentiality gets broken, private stuff gets leaked. Think about data breaches where millions of passwords or credit card numbers get dumped online. That is a confidentiality failure.
Real world example: You log into your bank account. The connection is encrypted (that little lock icon in your browser). That encryption is there to keep your login details confidential so nobody can intercept them while they travel across the internet.
🛡️ Integrity
The data should not be tampered with.
Let's say you send your friend a message that says "Meet me at 5pm." Integrity means nobody can change that message to say "Meet me at 3am at a shady alley" while it is being delivered.
Integrity is about trust. Can you trust that the data you received is the same data that was sent? Can you trust that nobody modified a file, changed a transaction amount, or altered medical records?
Real world example: When you download software, sometimes the website shows a "checksum" or "hash." That is a way for you to verify that the file you downloaded has not been tampered with. If the hash matches, the integrity is intact.
✅ Availability
The systems and data should be accessible when you need them.
What good is your data if you cannot access it? Availability means the systems are up, running, and ready to serve.
When a hacker takes down a website with a flood of fake traffic (called a DDoS attack), they are attacking availability. The data is still there. It has not been stolen or changed. But nobody can reach it. And that is a problem.
Real world example: Ever tried to buy concert tickets and the website crashed because too many people hit it at once? That is an availability issue. Now imagine someone did that on purpose to a hospital's system. Scary, right?
Putting It Together
Every single security decision, every tool, every policy... it comes back to these three things. Is this protecting confidentiality? Is this ensuring integrity? Is this keeping things available?
You will see the CIA Triad pop up again and again throughout this series. It is the foundation of everything.
Attackers vs. Defenders: The Two Sides
Cybersecurity has two main sides, and honestly, both are fascinating.
🔴 The Attackers (Red Team / Offensive Security)
These are the people who try to break into systems. Now, before you picture someone in a dark hoodie in a basement (though, let's be real, hoodies are comfortable), understand that there are different types of attackers:
Black Hat Hackers — The actual bad guys. They break into systems without permission. They steal data, deploy ransomware, scam people. This is illegal. Do not be this person.
White Hat Hackers — The good guys. They do the same things a black hat does, BUT they have permission. Companies literally pay them to try to break in and find weaknesses. This is called penetration testing or ethical hacking. This is a legit career, and it pays really well.
Grey Hat Hackers — Somewhere in between. They might find a vulnerability without permission but report it instead of exploiting it. Still legally questionable, but their intentions are usually not malicious.
🔵 The Defenders (Blue Team / Defensive Security)
These are the people who build the walls, monitor the alarms, and respond when something goes wrong. They:
- Set up firewalls and security tools
- Monitor networks for suspicious activity
- Respond to incidents when a breach happens
- Write security policies and guidelines
- Make sure systems are patched and up to date
🟣 And Then There is Purple
Some people do both. They attack AND defend. This is called Purple Teaming, and it is becoming super popular because understanding both sides makes you way more effective.
The point here is: cybersecurity is not just "hacking." It is a whole ecosystem with tons of different roles. Whether you like breaking things or building things, there is a place for you.
Common Myths That Need to Die
Let's kill some misconceptions right now before we go any further:
"You need to be a genius to do cybersecurity"
Nope. You need curiosity and patience. That is literally it. Everything else can be learned. Some of the best hackers started with zero technical knowledge. They just did not stop asking "but how does this actually work?"
"Hacking is all about typing fast in a terminal"
Hollywood lied to you. Most of hacking is research, reading, and thinking. The actual "typing commands" part is like 10% of the work. The other 90% is understanding how things work and finding where they break.
"You need a degree"
Plenty of people in cybersecurity are self-taught. Certifications, hands-on practice, and real-world skills matter way more than a piece of paper from a university. (We will talk about certifications and learning paths in the bonus articles.)
"It is too late to start"
This field is growing so fast that there are literally not enough people to fill all the open positions. The industry needs more people. Whether you are 16 or 46, it is not too late.
Key Terms You Will Hear a Lot
Let's get you comfortable with some words that will show up constantly:
| Term | What It Actually Means |
|---|---|
| Vulnerability | A weakness in a system that can be exploited |
| Exploit | The method or code used to take advantage of a vulnerability |
| Payload | The thing that actually does the damage after an exploit works |
| Patch | A fix or update that removes a vulnerability |
| Firewall | A gatekeeper that controls what traffic can enter or leave a network |
| Encryption | Scrambling data so only authorized people can read it |
| Phishing | Tricking someone into giving up sensitive info (usually via fake emails or websites) |
| Malware | Malicious software. Viruses, trojans, ransomware... all malware |
| Pentesting | Short for penetration testing. Legally trying to hack a system to find flaws |
| OSINT | Open Source Intelligence. Gathering info from publicly available sources |
Do not worry about memorizing all of these right now. They will make way more sense as we use them in context throughout the series.
Where This Series Is Taking You
Here is the deal. This series is going to take you from "I do not even know what a terminal is" all the way to understanding how real attacks work.
We are going to cover:
The Foundation (Parts 1 to 5) — The stuff you are learning right now. How the internet works, how to set up your own hacking lab, Linux basics, and more.
Reconnaissance (Parts 6 to 13) — The art of gathering information about a target before you even think about attacking. This is where hackers spend most of their time, and it is honestly the most interesting phase.
Exploitation (Parts 14 to 20) — Understanding how vulnerabilities are found and used. SQL injection, XSS, Metasploit, and beyond.
Bonus Content (Parts 21 to 22) — Where to practice legally, certifications, and your roadmap from here.
By the end of this series, you will have a solid understanding of how attackers think, how defenders protect, and where you fit into all of this.
No fluff. No gatekeeping. Just real knowledge, explained like a friend is sitting next to you.
Quick Recap
Let's wrap up what we covered today:
✅ Cybersecurity is about protecting digital systems and data from unauthorized access, modification, or destruction.
✅ The CIA Triad (Confidentiality, Integrity, Availability) is the foundation of all security decisions.
✅ There are different types of hackers: black hat (bad), white hat (good), and grey hat (in between).
✅ The field has both offensive (red team) and defensive (blue team) roles, plus people who do both (purple team).
✅ You do not need to be a genius, have a degree, or type fast to get into this field. You just need curiosity.
What is Next?
In Part 2: The Hacker Mindset, we are going to talk about how hackers actually think. What makes them tick? Why is curiosity the most dangerous weapon in cybersecurity? And what even is ethical hacking as a career?
Trust me, you do not want to miss that one. It is going to change the way you look at every app, every website, and every system around you.
See you there. 👋
~TrixSec
Top comments (0)