PLTW Cybersecurity ยท Unit 1 ยท Activity 1.1.1 โ Deep Dive
At its simplest, cybersecurity is the practice of protecting devices, networks, and data from unauthorized access, damage, or theft. It affects literally everyone who touches a connected device โ which today is nearly everyone. Individuals, schools, hospitals, banks, and governments all depend on the same basic principle: information has value, and that value makes it a target.
Cybersecurity isn't just a technical field, either. It's also an ethical one โ professionals in this space are trusted with sensitive information, and that trust comes with responsibility. That's the thread connecting the two halves of this activity: understanding what you're protecting, and agreeing on how you'll behave while protecting it.
Businesses and individuals both use some version of the same five-stage cycle to manage security: Identify the assets worth protecting, Protect them, Detect when something's wrong, Respond with a plan, and Recover back to normal. It's a loop, not a straight line โ you cycle back through it as new assets appear and new threats emerge.
Your digital footprint is the sum of every trace you leave behind while using connected devices โ deliberate posts, sure, but also location data, app permissions, browsing history, and metadata you never see. Most people have never actually mapped it out, which means most people don't really know how much is out there.
A useful inventory covers three layers:
A code of conduct is a written standard for how people are expected to behave โ and in cybersecurity, it matters more than in most fields, because practitioners routinely have access to information that could cause real harm if mishandled. A good code addresses three overlapping standards:
| Standard | What it covers |
|---|---|
| Professional | Doing your job competently and respecting boundaries โ not accessing data you don't need to see |
| Ethical | Doing right even when no one's watching, and even when it's not explicitly required |
| Legal | Following the actual laws governing data, privacy, and unauthorized access |
You don't have to invent this from scratch โ real cybersecurity organizations publish their own codes of ethics publicly. (ISC)ยฒ, which certifies security professionals worldwide, asks members to protect society, act honorably, provide diligent service, and advance the profession. ISACA and SANS publish similar commitments. Comparing a few of these side by side is a good way to see which principles show up again and again โ those are usually the ones worth building into your own classroom code.