Introduction to Cyber Security

sridhar Madhavansridhar Madhavan
4 min read

What is Cybersecurity?

When most people hear the word “cybersecurity,” their minds jump straight to movie scenes – a hacker in a dark room, typing furiously, breaking into an organization’s systems within seconds, and stealing sensitive data.

But the reality of cybersecurity in the real world is very different. It’s not about magic keyboards or instant hacks. Instead, cybersecurity is a continuous process of protecting systems, networks, and data from unauthorized access, attacks, and damage.

At its core, cybersecurity is all about answering one big question: “How do we keep information safe, accurate, and available when needed?”

This leads us to the three key objectives of cybersecurity, often called the CIA Triad:

1. Confidentiality – Keeping secrets safe

The first goal is confidentiality. This means making sure that only the right people can access sensitive information.

Think about your bank account. You wouldn’t want just anyone to see your balance or transaction history, right? Cybersecurity ensures that your data stays private.

To achieve this, professionals use:

  • Encryption (scrambling data so only authorized people can read it)
  • Firewalls (blocking unwanted traffic)
  • Access controls (making sure only specific users can access specific data)
  • Multi-Factor Authentication (adding extra security steps like OTPs)

Confidentiality is about building walls and locks so unauthorized people can’t peek inside.

2. Integrity – Keeping data accurate

But it’s not enough to keep data private. What if someone changes it? What if an attacker alters medical records or tampers with financial transactions?

This is where integrity comes in. Integrity ensures that data remains correct and trustworthy – no unauthorized changes, whether intentional or accidental.

Cybersecurity uses:

  • Hashing (to detect any changes in data)
  • File permissions (to control who can edit files)
  • Digital signatures (to verify authenticity)

In short, confidentiality keeps data hidden, and integrity keeps data correct.

3. Availability – Keeping systems running

Now imagine your data is private and accurate… but you can’t access it when you need it. That’s a problem too.

The third goal, availability, ensures that systems and data are accessible to authorized users whenever needed.

For example, an online banking system should be available 24/7. If a hacker launches a DDoS attack to take it down, cybersecurity professionals must ensure there are backups and protections in place.

They achieve this using:

  • Redundant systems (backup servers ready to take over)
  • DDoS protection tools
  • Regular maintenance and updates

So confidentiality protects privacy, integrity protects accuracy, and availability protects access. Together they form the foundation of cybersecurity.

Offensive vs Defensive Roles in Cybersecurity

To achieve these goals, organizations need skilled professionals working in two areas:

⚔ Offensive Security – Playing the hacker’s role

Offensive experts think like attackers. They look for vulnerabilities before real hackers do.

  • Penetration Testers (Pentesters): They simulate attacks on systems to find weak spots.

  • Red Teams: Act like adversaries to test how well the organization can detect and respond.

This helps organizations stay one step ahead of cybercriminals.

🛡 Defensive Security – Protecting and responding

Defensive experts focus on detecting and stopping real attacks.

  • Blue Teams: Monitor systems, detect threats, and respond quickly.

  • SOC Analysts: Work in Security Operations Centers to watch for suspicious activity 24/7.

  • Network Security Engineers: Set up firewalls and intrusion detection systems.

They are like digital bodyguards, keeping the organization safe from harm.

So, What is Pentesting Like in the Real World?

Now that we know pentesting (penetration testing) is about finding weaknesses before bad guys do, let’s talk about how it really works in the real world.

Many people imagine it like in movies—where hackers break into systems in minutes, typing crazy commands while green code scrolls down the screen.

But real-world pentesting isn’t like that. It’s not just about “hacking” all day.

In reality, pentesting involves a mix of technical skills, patience, and communication. Here’s what it typically looks like:

Is Pentesting Right for You?

Pentesting is exciting for people who:

  • Love solving puzzles and thinking like an attacker.
  • Enjoy learning how systems work under the hood.
  • Are patient and don’t mind digging deep to find one small vulnerability.
  • Can communicate findings clearly (not just hack, but explain).

But it’s not all Hollywood hacking. It also involves: - Documenting results carefully. - Waiting for scans to complete. - Working with teams and following rules of engagement.

If you enjoy both the technical challenge and explaining your findings to others, pentesting could be a great fit for you.

0
Subscribe to my newsletter

Read articles from sridhar Madhavan directly inside your inbox. Subscribe to the newsletter, and don't miss out.

#cybersecuritypentestingSecurity

Written by

sridhar Madhavan
sridhar Madhavan