Cybersecurity FAQ

The practice of protecting computers, networks, and data from theft or damage, ensuring safety and privacy online.

Because anyone using a smartphone, computer, or online account can be a target. Good habits protect individuals and entire communities.

Viruses attach to files, worms spread automatically, trojans disguise as legitimate software, and ransomware locks or encrypts your files for payment.

A firewall blocks unwanted traffic and allows only safe, approved connections between your device and the internet.

Yes. Modern tools detect unknown threats, block phishing, and prevent malicious downloads in real time.

Watch for urgent language, spelling mistakes, unknown links, or sender addresses that don’t match real organizations.

Immediately disconnect from the internet, change your passwords, scan your device, and enable two-factor authentication.

Malware that encrypts your data and demands payment to unlock it. Don’t pay — contact authorities or cybersecurity professionals instead.

No — paying doesn’t guarantee data return and encourages more attacks. Attempt recovery from backups and report it.

Yes. Malicious apps and links can infect smartphones too. Only install from trusted stores and keep software updated.

Teach them not to share personal info, use privacy settings, enable parental controls, and keep talk about safe online behavior open.

Never reuse passwords, monitor credit reports, watch for suspicious mail, and secure personal data on all accounts.

Some apps request microphone access. Review app permissions regularly and disable unnecessary background listening.

Change default passwords, disable remote access if not needed, and update firmware from the manufacturer’s official site.

Avoid posting full birthdates, addresses, financial details, and images revealing locations or private documents.

Phishing, weak passwords, outdated software, and lack of data backups cause most incidents.

Run short monthly awareness sessions with simulated phishing exercises and encourage reporting suspicious messages.

Back up data daily, keep multiple copies (offline and cloud), and verify restoration regularly.

Insurance covering costs from cyberattacks, data leaks, or business interruptions. It complements but doesn’t replace security practices.

Follow least-privilege access, store necessary data only, and comply with local frameworks like GDPR, CCPA, or PDPA.

It requires two or more verifications — something you know (password), have (phone), or are (fingerprint).

It ensures only the sender and receiver can read a message; even service providers can’t access the content.

A model where no user or device is trusted by default. Every access request must be verified continuously.

An unknown software flaw that hackers exploit before developers can fix it. Rapid patching and monitoring reduce risk.

Authorized hackers test systems for weaknesses; bug bounties reward responsible reporting instead of exploitation.

General Data Protection Regulation — European law that protects personal data and holds organizations accountable.

No. Regions differ, but most aim to safeguard personal data and require consent for collection and sharing.

Use national resources such as FBI IC3, Europol, or local police/CERT authorities.

Follow CISA Secure Our World, Stay Safe Online, and reliable cyber awareness newsletters.

No single one is perfect — choose reputable software, keep it updated, and combine it with good online habits.