Cyber in Plain English
Cyber for Insurance Professionals: Start Here
A plain‑English orientation for insurance professionals who want to understand cybersecurity without the jargon.
1. Cybersecurity & Privacy Risk Designations
Your guide to the cybersecurity and privacy credentials that actually matter. This page consistently shows 10+ minutes of average engagement — a strong signal that insurance professionals find it valuable.
Explore the designations page →
2. Cybersecurity & Information Security Sector Overview
A plain‑English map of the cyber landscape — roles, responsibilities, and how they intersect with insurance. Visitors spend 17+ minutes here on average, making it one of the deepest‑engagement pages on IDL.
Explore the cyber sector page →
Cyber in Plain English Series
Cyber in Plain English is a comprehensive, insurance‑focused learning series designed to explain cyber concepts the way underwriters, brokers, claims professionals, and risk managers actually think.
This page serves as the complete index of all published chapters — more than 100 posts covering frameworks, controls, attack techniques, fraud patterns, cloud security, identity attacks, ransomware, and more. Every chapter is written to help insurance professionals understand:
- What each control actually does
- How attackers bypass it
- Which failures drive real‑world claims
- How to evaluate cyber maturity
- How to interpret cyber applications and questionnaires
This index is updated continuously as new chapters are published.
Why this matters
Cyber risk is one of the fastest‑evolving exposures in the industry. Insurance professionals are increasingly expected to understand how attackers operate, how controls reduce (or fail to reduce) risk, how to evaluate cyber posture, and how technical failures translate into losses.
Cyber in Plain English gives you a structured, insurance‑aligned path to build cyber literacy one concept at a time.
A familiar reference point
If you’ve ever watched a movie where the “invisible” digital activity turns out to be the real threat — Blackhat, Sneakers, The Bourne Ultimatum, The Matrix — you already understand the core idea behind cyber visibility.
Cyber isn’t magic. It’s about seeing what’s happening behind the scenes.
How to use this index
Start with the foundational concepts, then explore the sections that matter most to your role — underwriting, claims, broking, risk management, or security program evaluation. This page is the official Cyber in Plain English index, containing every chapter in the series.
Series Index
A. Foundations & Frameworks
B. Detection, Monitoring & Response
C. MITRE ATT&CK Lifecycle
D. Identity & Access Attacks
E. Social Engineering & Fraud
- 35. Phishing
- 36. Phishing vs. Spear Phishing vs. Whaling
- 37. Smishing
- 38. Vishing
- 39. QR Code Phishing (Quishing)
- 40. Incident Response Basics
- 41. Deepfake Video Attacks
- 42. Business Email Compromise
- 43. Vendor Email Compromise
- 44. Invoice Fraud
- 45. Payment Diversion
- 46. Payroll Diversion
- 47. Money Mule Account
- 48. Pretexting
- 48A. Account Takeover (ATO)
- 49. Synthetic Identity Fraud
- 50. Account Takeover Playbooks
- 51. ATO vs. BEC
F. Cloud & SaaS Security
G. Vulnerability & Patch Management
H. Malware & Ransomware
I. Supply Chain & Third‑Party Risk
J. Additional Controls & Concepts
- 71. Network Segmentation
- 72. Least Privilege
- 73. Backups & Recovery
- 74. Data Encryption
- 75. Privileged Access Management (PAM)
- 76. Brute Force Attacks
- 77. Credential Stuffing
- 78. Password Spraying
- 79. Man-in-the-Middle Attacks
- 80. DNS Spoofing
- 81. Typosquatting
- 82. Domain Impersonation
- 83. Email Spoofing
- 84. SPF, DKIM, and DMARC
- 85. Social Engineering
- 86. Clickjacking
- 87. Formjacking
- 88. Firewall
- 89. IOC, TTP, and CVE
- 90. Browser in the Browser (BitB)
- 91. Privilege Escalation (Advanced)
- 92. Lateral Movement (Advanced)
- 93. Vulnerability Management
- 94. The Big Picture
- 93. Vulnerability Management
- 94. The Big Picture
- 95. Final Takeaways for Insurance Professionals
