PLTW Cybersecurity ยท Unit 1 ยท Activity 1.1.1 โ€” Deep Dive

The Cybersecurity Lifecycle, Your Digital Footprint, and a Code You Hold Yourself To

๐Ÿ”‘Quick framing before you dive in: this activity is PLTW-only content and lightly AP-adjacent โ€” not AP exam material to memorize. If you're studying for the AP Cybersecurity exam specifically, the social engineering vocabulary you actually need lives in Activity 1.1.3. This page is the conceptual foundation everything else builds on.
PLTW FoundationConcept

What Is Cybersecurity, Really?

At its simplest, cybersecurity is the practice of protecting devices, networks, and data from unauthorized access, damage, or theft. It affects literally everyone who touches a connected device โ€” which today is nearly everyone. Individuals, schools, hospitals, banks, and governments all depend on the same basic principle: information has value, and that value makes it a target.

Cybersecurity isn't just a technical field, either. It's also an ethical one โ€” professionals in this space are trusted with sensitive information, and that trust comes with responsibility. That's the thread connecting the two halves of this activity: understanding what you're protecting, and agreeing on how you'll behave while protecting it.

PLTW FoundationEchoes AP 2.1 (not assessed)Concept

The Cybersecurity Lifecycle

Businesses and individuals both use some version of the same five-stage cycle to manage security: Identify the assets worth protecting, Protect them, Detect when something's wrong, Respond with a plan, and Recover back to normal. It's a loop, not a straight line โ€” you cycle back through it as new assets appear and new threats emerge.

๐Ÿ”„ The Cybersecurity Lifecycle โ€” click each stage
Figure out what needs protecting. For a business, that's assets like data, devices, and infrastructure. For you personally, it's your digital footprint โ€” every device, app, and account that holds information about you.
๐Ÿ’กIf this sounds a little like how AP Cybersecurity later talks about attack phases and defense, that's not a coincidence โ€” both are describing the same underlying reality: security is a continuous process, not a one-time fix. That said, this specific five-stage framing isn't AP-assessed vocabulary. Don't spend exam-prep time memorizing "Identify/Protect/Detect/Respond/Recover" โ€” spend that time on 1.1.3 instead.
PLTW FoundationConcept

Mapping Your Digital Footprint

Your digital footprint is the sum of every trace you leave behind while using connected devices โ€” deliberate posts, sure, but also location data, app permissions, browsing history, and metadata you never see. Most people have never actually mapped it out, which means most people don't really know how much is out there.

A useful inventory covers three layers:

1. Devices
Phone, laptop, tablet, game console, smart watch
2. Apps & Sites
Social media, school portal, streaming, messaging
3. Personal Info
Photos, location, contacts, birthday, school name
โœ๏ธTry this yourself: pick one device you use daily and list every app on it that asks for a permission โ€” camera, location, contacts, microphone. For each one, ask whether the app actually needs that permission to function. You'll usually find at least one that doesn't.
PLTW FoundationConcept

Why Cybersecurity Needs a Code of Conduct

A code of conduct is a written standard for how people are expected to behave โ€” and in cybersecurity, it matters more than in most fields, because practitioners routinely have access to information that could cause real harm if mishandled. A good code addresses three overlapping standards:

StandardWhat it covers
ProfessionalDoing your job competently and respecting boundaries โ€” not accessing data you don't need to see
EthicalDoing right even when no one's watching, and even when it's not explicitly required
LegalFollowing the actual laws governing data, privacy, and unauthorized access

Real codes of ethics in the field

You don't have to invent this from scratch โ€” real cybersecurity organizations publish their own codes of ethics publicly. (ISC)ยฒ, which certifies security professionals worldwide, asks members to protect society, act honorably, provide diligent service, and advance the profession. ISACA and SANS publish similar commitments. Comparing a few of these side by side is a good way to see which principles show up again and again โ€” those are usually the ones worth building into your own classroom code.

โœ๏ธWhen your class drafts its own code, test it against a simple question for each rule: "If everyone in this room followed this exact rule, would the room actually be safer?" If the answer is unclear, the rule probably needs to be more specific.
โ† Back to Activity 1.1.1Next: Activity 1.1.2 โ†’Password Protection and Authentication.
Built with v0