Part 1

Cybersecurity is an immense and complex field, yet it has become one of the most critical and important areas of information technology (IT). In 2020, data showed that the average cost of a data breach for a US company was $8.19 million USD. But the fun doesn’t stop there; the resulting financial damages cost, on average, an extra 11.45. million USD per security incident. Globally, the total cost of cybercrime to the economy is currently $400 billion USD per year—and rising.

Before we can successfully defend our organization from attack, we need to understand the fundamentals of security—and nothing is more important (or fundamental) than thinking like an attacker and understanding how their most common attacks work.

Part 1 of this book will get us thinking like the bad guys—understanding their motivations, how they operate, and how their most common (and successful) attacks work.

Chapter 3 introduces different types of hackers and their motivation; chapter 4 builds on this by getting into the details of the most common attacks, including often-overlooked physical attacks. Chapter 5 looks at a firm favorite with attackers: social engineering.

Chapter 6 then looks at the other side of the coin: what attackers do once they are inside your organization and how to spot and deal with inside attackers. Finally, chapter 7 wraps up part 1 by looking at where attackers go to sell and trade their illicit data hauls: the Dark Web.