Learn Infosec Quest is my research and teaching project in the field of information security and, according to the umbrella definition, cybersecurity.
My goal is to provide high level overview that contextualizes security for those working and researching within it. Each module is a thoroughly researched answer to a specific problem that also serves to explain the “how to” for prospective professionals in the field.
While most research projects in cybersecurity focus on tools, algorithms, and the mathematical side, my goal is to be an academic in the history, context, and technique. Why does cybercrime exist? Is it possible to stop more cybercriminals from criminal activity, rather than applying under-researched bandaids and protective gear that may inevitably fail if they want your information that bad?
This research does not claim to apply to national security threats - I am primarily focused on users, institutions, and enterprises that don’t have the most powerful computers and most well-researched security professionals at their disposal.
As I have read through books on cybersecurity subjects, I have come to many conclusions that mostly range in the “this field is underesearched” to “the researchers accept results at face value and believe they cannot change them.” This is my hypothesis, Learn Infosec Quest, my proof.
Proposed Modules:
A global history of cybersecurity - not just focused on the U.S. as a victim of cybercriminals. This is clearly a mindset that plagues researchers and is detrimental to cybersecurity’s growth as a field.
An overview of the kinds of VRTs that have always existed and how, even if an exploit is new, these don’t exactly change in methodology (important because you will be unlikely to handle every single VRT and exploit in all your systems, but if you cover the entry points it should not be an issue)
Before ransomware (an explanation, historically, of security threats before ransomware - particularly focused on the how and why)
Phishing as the main threat of the 2020s (and before) - includes a history of phishing, real methods for protecting yourself from it, modern user security awareness training effectiveness research