What Is This Site About?

Why Are We Called “Cyber Security Insider Secrets”?

The name Cyber Security Insider Secrets may cause you to think I’m going to get really technical. I’m not. In fact, I’m going to avoid being technical as much as possible.

I will be focusing on what is important for you to know. The purpose is not to share esoteric information that doesn’t really make a difference to you. But there is too much information that you need to know that the “insiders” know but the public doesn’t.

What are these “Secrets”?

These are not secrets because nobody is allowed to discuss them. They’re not secrets because they are hard to understand. Mostly, they are secrets because no one is communicating them to the general public. Or, if they are being communicated, they may not be talked about in a way that the public can easily understand them or can put them to use.

There are also a number of common beliefs about security that are only partially true. And there are some myths. These are held by many technical people and are also communicated to the general public. Over time, I will be shedding some light on these misunderstandings and shattering some myths.

Why “Insider”?

Some of this important information is largely limited to those who 1) have extensive training and experience in security and 2) who also have a mindset about security that is largely lacking in the larger technology community. That mindset normally comes from involvement in a community with a specialization in security, usually limited to those who are involved in the management of security for large companies (I include those addressing security for the public sector and/or government).

Having that mindset simplifies security questions and can help you sleep better even though you just heard about the latest security scare on the news. This mindset is part of what I will teach.

A number of the things I will be revealing are not even well-known among those who consider themselves up-to-date on technology. Many of the people who run IT for companies (the ones who set up and fix the computer systems, and provide help for the people who use them) don’t even know some of this stuff. Don’t misunderstand. I consider most of those people competent (although I’ve met far too many that I would consider to fall short of that qualification). That lack of knowledge about these things is largely because they haven’t specialized in security.

I want to emphasize something. It is NOT my goal to turn you into a technology guru. My goal is for you to know the things you need to know to be safe. And I want you to understand some things that will not only help keep you safe but that will enable you to be less anxious the next time you hear about a security problem on the news.

This outcome will not happen overnight. But if you “tune in” regularly, you will find that, in time, you will know more than 95% (probably more than 99%) of the general population. In fact, in many cases, you will probably know more than the IT people do when it comes to keeping yourself and your information safe. And you will be able to do that without having to strain your brain studying. You will be able to do that without becoming a “techie.” At least, that is my goal.

There are some things the technical people will still know that you won’t. Those are the more technical things. Those things are especially important when it comes to keeping a large company safe. But, you can get tremendous protection from the things I intend to teach you, without becoming a technical expert.

(If you wonder why I am qualified to teach this, see the Who? page.)

To summarize and recap:

This site is to bring information to the general public that the public is not getting. It includes information that is often limited to security specialists, not because it has to be but because that information often just doesn’t reach either the public or even the larger technology community. In addition, this site will bring some information to the public that they have heard before, but will expand upon that information to make it more usable. It does no good to say “do this” if the person getting that message has no idea how to do it. Or if they don’t know when to do it or why.

This information will be focused on how to keep you and your information safe.

I will attempt to do all this in a way that can be understood by a non-technical person and in a way that enables the recipient to make decisions and to understand security. The focus will be on what is necessary to be safe in today’s environment.