Data brokers AKA information brokers are companies that collect information on individuals and sell it for a profit. Data brokers can collect information by buying it from other companies (such as credit card companies), crawling the internet for public sources of information (such as social media like LinkedIn, Instagram, Facebook etc) and many other legal means. The data brokerage industry generates over $200 billion of revenue yearly and continues to grow annually.

A surveillance alliance is an agreement between multiple countries to share their intelligence with one another. This includes things like the browsing history of any user that is of interest to one of the member countries. Five eyes and Fourteen eyes are two alliances of 5 and 14 countries respectively that agree to share information with one another wherever it is mutually beneficial. They were originally made during the cold war as a means of working together to overcome a common enemy (the soviet union) but still exist today.

Data backups are when you make a copy of your data to be used in the event that the original copy is made unable, lost or destroyed. Having reliable backups is one of the most important controls that a company can have to prevent long term damage following a data breach. If your company suffers a ransomware attack for example, and all of your information is encrypted, if you have good quality backups you may only be at risk of losing 1 weeks worth of data or less, depending on how regularly you backup information.

Cybersecurity has recently gotten a reputation as one of the best technology fields to get into. It’s well advertised that cybersecurity has a shortage of employees globally of about 4 million. This means low unemployment and above average salaries for people that can get into the field. But past performance doesn’t guarantee future performance. If you’re someone new looking to get into the field you want to look at the long-term projections of a career before you make the financial investment to get a degree, certifications or self-study.

64% of small businesses have a website and it’s considered almost essential for any modern business. In many cases the companies are almost exclusively online and make their money through e-commerce, ads and selling services to their viewers. For most businesses having their website hacked would be a huge inconvenience and severely hurt their revenue. With the amount of hacks increasing each year, it’s more important than ever that people have a solid understanding of how to secure their websites.

IS stands for information systems and refers to any system that collects, stores or processes data for the purpose of providing information, knowledge or a product/service. An IS audit is a review of past history. The goal of this review is to gather meaningful evidence and form an objective/independent opinion of a company’s controls. Company’s are required to perform audits for several different reasons and sometimes opt to perform audits voluntarily as a means of checking how well they are fulfilling their goals.

Digital forensics is the overall science of recovery and investigation of material found on all types of digital devices. Computer forensics is a branch of digital forensics that focuses on evidence found on computers and digital storage media such as hard drives or usb drives. Typically these branches are used during investigations that involve cybercrime or regular crimes that have evidence stored on some type of device. With the increased popularity of laptops, smartphones, embedded systems and other internet of things devices, almost all crime involves some type of computer system.

Reconnaissance is the first step of any professional penetration test. In this phase the goal is to gather as much information about the target as possible. This includes technical information about it’s network topology and systems. But it also includes information on employees and the company itself that may be useful in the later stages of the penetration test.