Defend Against Cyber Threats

Learning Objectives

After completing this unit, you’ll be able to:

  • Define cyber hygiene.
  • Establish your own cyber hygiene practices.
  • Explain how cyber safety works within communities.
  • Describe careers in cybersecurity.

The Principles of Cyber Safety

In this module so far, we’ve discussed the importance of cybersecurity for organizations and individuals. We’ve also talked about common types of cyberattacks on individuals and their potential consequences. Now it’s time to discuss what you can actually do to keep yourself—and those around you—safe from these kinds of attacks.

Cyber hygiene refers to habitual practices that keep your information safe and protected against cyberattacks. Like brushing your teeth in the morning and at night, cyber hygiene is fundamental to data and system health and resilience over time. You might feel that such small, individual measures don’t have much impact on cybersecurity in the world, but when we all practice cyber hygiene, the results can be powerful.

In a nutshell, cyber hygiene is all about limiting your attack surface. Your attack surface consists of all of the ways an intruder can gain unauthorized access to your information or systems. When it comes to the digital landscape, attack surfaces typically boil down to hardware, software, and humans.

Hardware includes devices and access points, such as Wi-Fi networks and Bluetooth connections, while software includes applications and programs that you run on these devices. Humans in this context include anyone in your life who might have access to you digitally—think friends, family members, colleagues, or fellow students.

When thinking about your attack surface, identify all the ways that malicious actors could possibly gain access to your data. Then pinpoint protections or security measures that can limit or safeguard these entry points. We talk about cyber hygiene more at length in the Digital Asset Security module, but for now, here are some hygienic practices you can start implementing today to limit your attack surface on a regular basis.

Up your password game. This is one of the most important steps you can take to protect your data! Given the fact that we use passwords and usernames to access all kinds of online accounts, including email, social media profiles, medical databases, and online banking systems, it’s vital to ensure you’re following best practices.

  • Create strong and unique passwords. Strong passwords are lengthy and have multiple different characters. They don’t contain common words, sequential or repeated characters, or personally identifying information. Use a unique password for every account you own.
  • Store passwords securely. Use a password manager, an online tool that stores and recalls passwords for you securely, to keep track of all your passwords. Password managers can also help you create unique passwords for each individual account.
  • Use multi-factor authentication (MFA). MFA is a security enhancement that requires you to present multiple authentication methods when logging in to an account, such as providing a password first and then a PIN number. You can set up MFA on many kinds of accounts, including email.

Think before you post. Before posting a message on Twitter or a video on Instagram, think about the content that you’re putting out there—and who can see it. Is it sensitive information? Could a malicious actor use it for harm? Remember that even if you have high privacy settings on the social networks you use, anything can be screenshotted. This principle also applies to communications sent through other channels, including email, text, and other media platforms.

Browse the web wisely. Make sure to visit secure sites, especially when inputting sensitive information. A secure website has https:// in the address window, preceded by a padlock icon, and sites ending in .gov or .edu are the safest. Some may even have security badges to demonstrate safety. Be careful when enabling cookies, files that save browsing information about you, such as passwords and usernames, when you visit a site.

Patch and upgrade devices. Patching a device involves updating, improving, or otherwise fixing a program or system to minimize security vulnerabilities or other bugs. Most of us are familiar with those pesky reminders to update applications on your computer or cell phone. Don't ignore such reminders, as they often resolve vulnerabilities in the software you use. Ensure all your devices are up-to-date by patching them regularly and frequently checking for system updates.

Inventory your digital devices. Write a list of all of your digital devices and the security mechanisms in place for all, and update this list anytime you acquire a new device or make changes to those security mechanisms. You might note, for example, that you have a cell phone, laptop, and tablet, each protected by a unique passcode or password.

Guard against viruses. There are many ways to protect your data from malware attacks, including using antivirus programs that may already be on your computer or investing in antivirus software for additional support. Backing up your computer regularly, relying on strong passwords, and using popup blockers and firewalls can also keep your files and computer’s operating system secure.

Use caution with email. Don’t click any links or download any attachments in suspicious emails, as these could lead to phishing attacks. Make sure to mark suspect emails that fall into your inbox as spam, and avoid entering personal information in a pop-up screen. You can even install a phishing filter on your web browser and email application to keep your email safe.

Back things up. This is critical for safeguarding your data from malware attacks, and even physical theft of your devices and information. We recommend backing up your data in at least three distinct places, and to conduct weekly backups. This might sound time-intensive, but don’t worry! You can set up automatic backups, which backup and store data routinely across your devices.

Talk about cybersecurity. Spread the word about your own best practices! Remember, the more we talk about cybersecurity, the more likely we all are to be informed and protected. Quiz your friends on their own digital footprints and encourage family members to make cybersecurity top of mind.

Qiara holds a laptop with a heart monitor display.

Let’s spend some time with Qiara to learn more about what these cyber hygiene habits look like in action. Qiara is excited to establish a cyber hygiene practice that can ensure she’s keeping daily tabs on personal security. She starts by inventorying all of her digital devices and the extent of her attack surface.

Both of these give her valuable insight into ways that she can improve her cybersecurity, including creating stronger passwords and storing them securely. Qiara signs up for a password manager and generates new and unique passwords for each of her accounts. She’s particularly excited about this password manager, because now she doesn’t have to remember all of her passwords in order to stay secure.

She also enables multi-factor authentication on each of her email and social media accounts and heads to the nearest tech store to invest in a backup hard drive. She plans on using this hard drive to keep her student work secure, in addition to the two backup solutions she already has in place. Lastly, Qiara resolves to strike up conversations about cybersecurity with her friends and family so that they can start implementing cyber hygiene practices.

Cyber Safety Is the Future

Individuals and organizations aren’t the only ones implementing cyber safety measures. Cyber safety also functions at the community level, in ways that are easy to overlook. Many places—including Seattle and New York in the US—have launched or proposed initiatives, policies, and acts designed to protect the privacy of residents’ data, and they’ve done so for a reason. Cybersecurity professionals are hard at work to protect voting rights, ensuring that hackers cannot tamper with voting systems during elections. We depend on public transit systems, electricity grids, and building operations in our daily lives, and cyberattacks to such infrastructure could have serious consequences.

In fact, as cybercrime increases, cybersecurity is a growing field in need of talented professionals that can defend against cyber threats. There are many available careers for those interested in keeping information out of the wrong hands, including analysts, engineers, security trainers, managers, and IT auditors. And that’s just the tip of the iceberg when it comes to professional possibilities in cybersecurity. You could even explore cryptography, the practice of writing the kind of code that can hide valuable data from hackers’ eyes. To learn more about different cybersecurity roles, visit the Cybersecurity Learning Hub.

You may be wondering what kinds of skills you need to pursue a career path in cybersecurity. For most roles, it’s important to have fluency in programming, technical platforms, various hacking techniques, and computer forensics. It’s also important to have a passion for (and attention) to detail and a talent for problem-solving. Remember that many cybersecurity professionals deliberately break into networks to find vulnerabilities in order to help organizations create more secure systems and infrastructure.

You may find other focus areas in university-level cybersecurity curriculum, which include:

  • Computer programming
  • Operating systems
  • Algorithms
  • Cryptography and blockchain
  • Network fundamentals, including host and network security
  • Systems analysis and design
  • Data and information systems protection
  • Vulnerability detection
  • Development of digital hygiene policies

We dive into a number of these skills here on Trailhead, so be sure to check out our modules on Network Security Basics, Security Testing and Evaluation, Vulnerability Assessment, and Application Security Basics to name a few.

Qiara sitting under three thought bubbles each representing cybersecurity careers

Knowledge Check

You now have a foundational understanding of what it means to keep your data and the data of those around you safe and secure. To put your new understanding into practice, try this interactive quiz. The quiz below is not scored—it’s just an easy way to test your understanding. To use it, read the question and then click the answer you think is correct. Click Submit, and you get feedback telling you whether the answer you chose is correct or incorrect, and why.

Great work! You are now empowered with cybersecurity knowledge and awareness and have learned about defending yourself against cyber threats. Go forth and continue to secure your digital footprint!


Keep learning for
Sign up for an account to continue.
What’s in it for you?
  • Get personalized recommendations for your career goals
  • Practice your skills with hands-on challenges and quizzes
  • Track and share your progress with employers
  • Connect to mentorship and career opportunities