Cyber Security FAQs

Find out more about our key Cyber Security topics and course with our in depth FAQs.

Cyber Security Legislation

  • What is a cyber security attack?

    A cyber security attack is an attempt by a hacker to steal valuable and sensitive information, disrupt the operations of a website or illegally infiltrate a device which is connected to the internet.

  • What are the NIS Regulations 2018?

    The Network and Information Systems Regulations (NIS Regulations) provide legal measures aimed at boosting the level of security of network and information systems for the provision of essential services and digital services.

  • How do I report cyber crime?

    In cases of suspected cyber-crime, you can report the incident or incidents to ActionFraud, the UK government’s cyber-crime reporting unit. To do so, visit their website at

  • What are ISO 27001 requirements?

    There are a range of ISO 27001 requirements – the two most important involved conducting a risk assessment and scoping the ISMS. You can find more information here.

  • Why is ISO 27001 important?

    The ISO 27001 certificate is important for businesses because it demonstrates that the holder has taken the necessary steps to minimise exposure to cybercrime and to limit any potential damage. It also indicates to clients that the business’ data is contained on secure ICT systems.

  • What are the 4 types of cyber attacks?

    There are a number of ways a cyber criminal can attack your devices and your files – some of these are as follows:

    • Phishing attacks – hackers attempt to trick a victim into following a link or downloading an infected file.
    • Ransomware – a malicious kind of software which denies access to files until a ransom is paid to the hacker.
    • DDoS attacks – a DDoS attack overwhelms a site with access requests, shutting the site down for a significant amount of time.
    • Computer viruses – a program or piece of code that changes the operating processes of a computer.
  • What are the 5 internal controls?

    The five internal controls in the COSO framework are:

    1. Control Environment
    2. Risk Assessment
    3. Control Activities
    4. Information and communication
    5. Monitoring
  • What are the biggest cyber threats?

    There is some debate on what cyber threats are the most dangerous to companies. However, there are four separate kinds which are regularly considered to be some of the most problematic. These include:

    • Phishing attacks – hackers attempt to trick a victim into following a link or downloading an infected file
    • Ransomware – a malicious kind of software which denies access to files until a ransom is paid to the hacker
    • DDoS attacks – a DDoS attack overwhelms a site with access requests, shutting the site down for a significant amount of time
    • Computer viruses – a program or piece of code that changes the operating processes of a computer
  • What are the components of cyber law?

    With cyber law being something of a young side of international law, there are many components to the field. Many of these are detailed by the individual nations in which the cyber crime is committed.

  • What are the disadvantages of cyber crime?

    Cyber crime can cause all manner of problems for most companies. Cyber criminals, having infiltrated a business’ infrastructure, can gain access to company data, client information and financial details. Cyber crime can also shut down a website, leading to periods of inactivity which can reduce incoming business.

Cyber Security Practices

  • How can I protect my online privacy?

    Online privacy is vital for safely browsing the internet. Here are some ways you can protect yourself and your privacy online:

    1. Regularly update your passwords, using a combination of letters, numbers and special characters
    2. Install anti-virus software with browser protection
    3. Use different passwords for different accounts
    4. On entering personal information, be sure to check the website uses HTTPS encryption. This is indicated by HTTPS appearing at the start of your URL
  • How can you protect yourself from online threats?

    There are numerous ways to protect yourself from online threats. Here are just a few:

    1. Set different and difficult to guess passwords for every account, ideally using a mixture of numbers, special characters and upper and lower case letters
    2. Install anti-virus software on all of your hardware and equipment
    3. Regularly review the privacy settings on your social media accounts
    4. Stay updated on scams and security breaches in technology
    5. Keep backups of your important documents and personal files
  • How do I practice safe browsing?

    To practice safe browsing, the following rules should be observed:

    1. Pick hard to guess passwords and regularly update them
    2. Install anti-virus software with browser protection
    3. When entering personal information, ensure that the website uses HTTPS. You can find out if HTTPS is being used if there is a padlock icon in the browser URL
    4. Don’t use the same password for multiple accounts
    5. Try not to use public or free-to-use WIFI networks
  • What are some safe browsing techniques?

    Safe browsing is one of the most important aspects of cyber security. The following techniques are key factors in safe browsing:

    1. Set up a firewall
    2. Install antivirus software
    3. Update passwords regularly, using a combination of letters, special characters and numbers
    4. Be careful when following links in emails
    5. Don’t use the same passwords for multiple accounts
  • What is a cyber security breach?

    A cyber security breach is an incident where sensitive or protected data is viewed, transmitted or stolen by a party who is unauthorised.

  • What is a Cyber Security course?

    A cyber security course teaches its learners the important factors that make up the fields of cyber security and data protection. It includes topics on data breaches, cyber attacks and cyber crime in general.

  • What is the difference between information security and cyber security?

    While information security and cyber security regularly cross paths, they are in fact different entities. Information security deals with the protection of sensitive, private and confidential information from data breaches of any type. Cyber security by contrast, secures ICT systems from exterior attacks.

  • What is the main purpose of cyber security?

    Cyber security’s role is to protect the integrity of computing systems which make up a business’ IT network. It prevents unauthorised access to data and sensitive information.

  • What are the 3 principles of information security?

    Information security’s three guiding principles take the following form:

    1. Confidentiality – how private and secret the information is
    2. Integrity – how accurate and error-free the information is
    3. Availability – how available and disruption-free the information is

Cyber Security at work

  • How is cyber security used?

    Cyber security is used to prevent hackers and scammers from infiltrating the computers and personal files of victims. It can take the form of various preventative measures, including anti-virus software and user care.

  • What are security policy requirements?

    Every security policy is different depending on the nature of the business. Some common requirements include policy for:

    • Password use
    • Email use
    • Social media and internet use
    • Control of customer data
    • Classification of data
    • Handling of security breaches
    • Computer security and encryption
  • What are the benefits of cyber security?

    There are a variety of benefits to good cyber security. They include:

    • Protection for your business activities
    • Higher customer confidence
    • Fewer web outages which could damage your business
    • Better productivity on virus-free computers
    • Secure customer and client data
  • What are the benefits of ISO 27001?

    The benefits of ISO 27001 are varied and numerous, but the main one surrounds customer and client trust. An ISO 27001 certificate indicates to prospective clients that the holding business is trustworthy and that its storage of customer data is secure. It also shows that the business has swift and robust countermeasures to potential data breaches.

  • What are the types of cyber security threats?

    There are a number of different cyber security threats, each with their own preventative methods. These include phishing attacks, ransomware, DDoS attacks and computer viruses.

  • What are the benefits of having a strong information security policy?

    The fundamental advantage to having a strong information security policy is that it protects information integral to your business and your clients. Additional benefits include more protection in the face of cyber attacks, higher understanding of security threats, and added trust for the client.

  • What certifications are needed for cyber security?

    There are various certifications which can be used for cyber security. For individuals, each certificate demonstrates an intimate knowledge of various important aspects in the field such as ethical hacking and security managing. For businesses, the ISO 27001 is the standard specification which demonstrates a company’s dedication to tried and tested cyber security.

  • What counts as a data breach?

    A data breach is an incident when confidential and protected data has been accessed or stole by unauthorized figures. The information can be of any kind including financial, personal or for business purposes.

  • What does Cyber Crime mean?

    Cyber crime is the term used to describe use of illegal methods to carry out criminal activities online on the internet.

  • What are the three types of security?

    Security controls are separated into three different categories – these categories are preventative, detective and responsive.

General Cyber Security

  • Can I sue for data protection breach?

    In the event of a data protection breach, you can pursue legal action against the company that held your data. Contact a legal professional for more information.

  • How can I learn cyber security for free?

    There is a selection of free cyber security courses available online, but levels in the quality and validity of the information on these free courses can vary.

  • Is Network Security the same as cyber security?

    Network security and cyber security are different aspects of digital security. Cyber security normally refers to protective measures around devices connected to the internet. Network security refers to the act of protecting files and folders in devices which make up part of a local network.

  • What are the 3 domains of information security?

    The three domains of information security are as follows:

    1. Confidentiality – how private and secret the information is
    2. Integrity – how accurate and error-free the information is
    3. Availability – how available and disruption-free the information is
  • What are the elements of cyber security?

    The elements of cyber security can be split into various sections:

    • Application security
    • Information security
    • Network security
    • Disaster planning
    • Operational security
    • End-user education
  • What are the three types of countermeasures?

    The three types of countermeasures are:

    1. Hi-Tech – technological and electronic countermeasures such as alarm systems
    2. Lo-Tech – Physical and analogue countermeasures such as padlocks
    3. No-Tech – Human responses such as risk assessments
  • What are the three types of security policies?

    Three types of security policy are in place to ensure computer safety in working environments - they are the following:

    • Organisational security policy – this policy is the master policy for the security processes for the company.
    • System-specific policy – the system-specific policy is designed for specific pieces of hardware or software
    • Issue-specific policy – the issue-specific policy is set in place for set functions which are complex enough or important enough to require their own processes.
  • What are the types of security breaches?

    There are a series of security breaches which can be created by hackers, they can be categorised as: virus/malware, phishing and DDoS attacks.

  • Who Discovered number theory?

    Number theory was discovered by French mathematician Pierre de Fermat.

  • Who invented VPN?

    It is generally agreed that the framework that led to the invention OF VPN was first designed by Microsoft employee Gurdeep Singh Pall in 1996.

Can't find what you're looking for? Drop us a line to see if we can help

If you’re having difficulty purchasing our products online, logging in or using our courses or software then we are here to help. We aim to respond to all support enquiries within one working day.

Get in touch
Contact Our Experts