Articles
Long‑form, structured explanations of digital protection concepts.
Articles are published deliberately as foundational references — calm, practical, and vendor‑neutral.
— A. Northam
Foundations
Core models and terminology that shape the rest of the reference library.
-
What Is Digital Security?
A clear framework for identity, data protection, threat categories, and risk thinking. -
Cybersecurity vs Information Security: What’s the Difference?
Definitions, overlap, and when each term is more accurate in practice. -
The CIA Triad Explained: Confidentiality, Integrity, and Availability
A foundational model that clarifies protection goals and trade‑offs.
Identity & Access
How organizations authenticate users, authorize access, and govern identity.
-
Identity and Access Management (IAM) Explained
Authentication, authorization, least privilege, and identity governance fundamentals. -
Multi‑Factor Authentication (MFA) Explained
Why MFA strengthens identity security and reduces unauthorized access risk. -
Password Security Explained
Why reuse is risky and how strong authentication practices reduce exposure. -
Brute Force Attacks Explained
How password guessing attacks work and how layered authentication reduces risk.
Threats & Attack Types
Common threat categories explained at a conceptual level.
-
Phishing Explained
How phishing works, common types, and how layered security reduces risk. -
Spoofing Explained
How digital impersonation works and how identity controls reduce risk. -
Ransomware Explained
What ransomware is, why it disrupts operations, and how layered controls reduce impact. -
DDoS Attacks Explained
What DDoS is, why it disrupts availability, and how resilient architectures reduce risk.
Encryption & Data Protection
How encryption protects data at rest and in transit.
-
What Is Encryption? A Clear, Practical Explanation
Encryption basics, keys, at‑rest vs in‑transit, and common misconceptions.
Security Controls & Architecture
How controls work together to reduce risk and increase resilience.
-
Security Controls Explained: Prevent, Detect, Recover
How controls reduce risk and why balanced prevention, detection, and recovery matter. -
Security Controls: A Structured Taxonomy
How preventive, detective, corrective, administrative, and technical controls fit together. -
Defense in Depth Explained
Why layered security controls reduce risk and increase resilience. -
Zero Trust Explained
Principles, identity‑first access, and why the term is often misunderstood.
Risk, Response & Operations
How organizations manage risk, respond to incidents, and maintain resilience.
-
Risk Management Explained
How organizations identify, assess, and reduce digital security risk. -
Vulnerability Management Explained
How organizations identify, prioritize, and remediate security weaknesses over time. -
Security Monitoring & Logging Explained
How organizations collect, analyze, and respond to security‑relevant system events. -
Incident Response Explained
How organizations detect, contain, investigate, and recover from security incidents. -
Business Continuity vs Disaster Recovery Explained
What BC and DR mean, how they differ, and how they work together to reduce downtime and risk. -
Security Governance Explained
How oversight, policies, accountability, and risk alignment shape effective security programs.