Cybersecurity

Cybersecurity

By John Bandler

Cybersecurity is about protecting and securing oneself and one's organization against cybercrime, and about protecting digital assets.

Cybersecurity is a subset of information security, as depicted in this Venn diagram.

For practical purposes, individuals and organizations should think of cybersecurity and information security together. (It doesn't make sense to try tackle them separately).

In my books I define cybersecurity like this:

Cybersecurity: Cyber + security. The process of securing digital information (and information assets while we are at it) and protecting from cybercrime. In practical terms, think of it being the same as information security. The objectives of cybersecurity are confidentiality, integrity, and availability (CIA) of digital assets.

From my book Cyberlaw (2025) p. 478 (glossary) (adapted from my 2024 book on Policies and Procedures).

Cybersecurity is about people and the decisions they make. It starts with people (and their knowledge and awareness). People make decisions about their technology, their cybersecurity, and more. Learn about cybersecurity to protect yourself, your family, and your organization. With knowledge comes better decision making on the many issues surrounding cybersecurity.

I have extensive resources on cybersecurity on this cite, and have covered it thoroughly in my existing books, and will revisit it with an updated treatment in my forthcoming book on Cybersecurity (2026 I hope). Links and more resources at the bottom.

Start with my Four Pillars of Cybersecurity

A helpful way to start thinking about organizing cybersecurity for the home or business is with my Four Pillars of Cybersecurity.

1. Build Knowledge and Awareness
2. Secure computer Devices
3. Secure Data
4. Secure Networks (and Internet Usage)

Repeat and continually improve.

I have more about Bandler's Four Pillars of Cybersecurity in a dedicated article (link at bottom).

My three main goals of cybersecurity

We should think of my three main goals of cybersecurity: (1) protect from cybercrime, (2) comply with legal requirements, (3) accomplish the mission better by improving efficiency and management of information systems.

Protecting from cybercrime means thinking about my Three Priority Cybercrime Threats: Data breach, Ransomware, and Email Based Funds Transfer Frauds.

The three objectives of information security

There are three objectives (goals) of information security, which you can remember with the initialism of "CIA". Protect the confidentiality, integrity, and availability of information assets.

• Confidentiality means keeping unauthorized users from accessing the systems or data.
• Integrity means that only authorized users can make changes.
• Availability means that authorized users can access their systems and data when needed.

The three types of controls for information security

In order to achieve the three objectives, organizations (and individuals) should apply appropriate controls, also known as safeguards. You can remember these with the initialism of “PAT”, which stands for physical, administrative, and technical controls.

• Physical controls restrict physical access in one way or another.
• Administrative controls include rules, policies, and training.
• Technical controls are electronic protections, such as a firewall, antivirus, or monitoring software.

Laws for cybersecurity

There are laws on cybersecurity, and I cover that in my book on Cyberlaw, and related articles on this website. Here's my three word summary that will get you started: "Have reasonable cybersecurity."

Here's some more words to live by: "Be reasonable and diligent. Don’t be negligent or sloppy."

Every organization needs a cybersecurity program

No organization can afford to ignore cybersecurity, so they need to build and maintain their cybersecurity program. I have built resources on this (see links below).

Is there more to know about cybersecurity?

Yes, there is a lot to cover on cybersecurity. That's why I wrote a book on it in 2017, and am writing another, and have a lot of articles and videos on the topic.

More learning

To learn more about cybersecurity, consider these:

• Video: What is Cybersecurity (in 17 minutes) (also embedded below)
• Cybersecurity Tips from John Bandler
• Bandler's Four Pillars of Security
• Overview of Bandler's DIY cybersecurity program
  • Build Bandler's cybersecurity program yourself
• Cybersecurity things to know
• Cybersecurity and Cybercrime Prevention (course outline)
• Cybersecurity for attorneys (course outline)
• Cybersecurity and Cybercrime Prevention (course outline)
• Cybersecurity course at Udemy
• Key terms definitions
  • Information security
  • Information asset
  • Cybersecurity program
• Within my books
  • Cyberlaw book (2024), Chapter 17: Introduction to Cybersecurity and Cybercrime Prevention
    • Chapter resource page, https://johnbandler.com/cyberlawbook-resources-ch17/
  • Cybercrime Investigations (2020 book), Chapter 4, Introduction to Information Security and Cybersecurity
  • Policies and Procedures Book (includes cybersecurity policy work)
  • Cybersecurity for the Home and Office: The Lawyer's Guide to Taking Charge of Your Own Information Security (2017 book), entire book, including Chapter 4, Basic Information Security Principles
  • Cybersecurity Book (coming someday)
• See the Bandler Cybersecurity Program DIY program video course either on YouTube or Udemy
  • See my free YouTube course (four videos, no registration required)
  • See my free Udemy course (five videos with downloadable handout)
• See all of the Bandler Cybersecurity Program DIY webpages here (videos embedded at bottom of each page)
  • 1. Overview of Bandler's DIY cybersecurity program
  • 2. Bandler's cybersecurity program (what it is)
  • 3. Build Bandler's cybersecurity program yourself (This page)
  • 4. Maintain and improve your implementation of Bandler's cybersecurity program yourself

This page is hosted at https://johnbandler.com/cybersecurity. Copyright John Bandler, all rights reserved.

Page posted 2/2/2023. Updated 12/05/2025