Many activities in our daily lives are done digitally or depend on the online environment

And this is happening whether we like it or not. It's just much more cost-efficient and effective to have things digitally than on paper. Examples are plenty, including but not limiting to :

  • banking
  • shopping
  • communication
  • learning
  • paying bills

It does make sense too. When thinking about waiting in line to check your bank account balance or even checking the ATM, we find it much more convenient to do it from the comfort of our home and private devices.


The online environment is growing and becoming more complex by the day

From the overview perspective, the sheer complexity of the internet is overwhelming. And it's not stopping here. We literally have billions of internet users, each of them having (on average) multiple devices connected to the internet.

Besides this, there are millions of online services out there that are connected to each-other.

You can login to your "local" bio-products webshop, from your phone, via your social media account and pay using a payment processor which has direct access to your bank account details.

Normally, we just take this for granted as we expect things to "just work" but there are clearly many things happening "in the back" to have things working.

Our information is required for all of these activities and there are many parties processing it

Our information is important and is one of our key assets. There is a need of having it processed online by various parties and we currently do not know how we can facilitate this in a secure way. Given the importance of different types of information, various threats are associated with using it.

different types of information

The internet is big and there's a lot of information. What's the problem ?

We don't all need to comprehend the technical details of the size of the internet. Or how it works. We don't necessary have to, when our goal is to benefit from its usage. That is understandable, as there are specialized people that have to worry about that.

What we need to understand is that our information is an asset. It has a value for us as well as for many other parties.

What we also need to understand is that as well as benefits, there are many threats associated to our information and what we do digitally.

The real problem is that, people have no idea what is the real implication for them online and how to think about it. People, in general, almost never consider their assets and the risks associated with them, in a formal or structured way.

For example, take the following questions.

  • What are my assets and how important are they ?
  • How should I and others handle your information ?
  • What threats are associated with using the internet ?
  • How do I assess the risk of using a certain service ?
  • How can this information bring any damage to me if used by another person ?

You probably agree that they aren't quite easy to answer. Not for you as an average or non-average individual, nor as an InfoSec professional nor even as an enterprise.

Your information and the way you handle it is vital for your security and privacy

Risk, InfoSec and Privacy concepts can be applied in each individuals life and this what tries to accomplish.

Use cases - average internet user scenarios and use cases, detailing how should a context be built and what elements are defining the risk.

Personal - applying risk, infosec and privacy practices in an individuals life. These practices are mostly applied in a business environment, but approaches them in a relevant way for the individual.