Cybersecurity spans people, process, and technology to manage risk: prevent incidents where possible, detect them quickly, and recover with minimal harm.
Key terms
- Threat — actor or event that could cause harm (criminal, insider, ransomware)
- Vulnerability — weakness that can be exploited (bug, misconfig)
- Risk — likelihood × impact of a threat exploiting a vulnerability
- Control — safeguard (MFA, WAF, code review)
Roles
Security engineers, SOC analysts, GRC/compliance, and every developer implementing controls in application code and infrastructure config.
Important interview questions and answers
- Q: Vulnerability vs threat?
A: Threat is who/what attacks; vulnerability is the hole they use. - Q: Risk formula intuition?
A: Combine probability of exploit with business impact to prioritize fixes.
Self-check
- Define vulnerability and threat.
- Why do developers matter in cybersecurity?
Tip: Risk = likelihood × impact—use it to prioritize fixes in sprint planning.
Interview prep
- Vulnerability?
Weakness that can be exploited.
- Control?
Safeguard reducing risk.