Essential Tips & Cybersecurity Principles

Dispelling the Myth of Boring Cyber

Debunk the myth that cybersafety is boring by highlighting its real-world consequences. By emphasizing the long-term impacts of breaches and addressing misconceptions, journalists can inform and engage the public. Asking questions about the vulnerability of public sector organizations, the real harm of breaches, and ensuring accountability can help prevent desensitization and normalization of high-impact cyber incidents.

woman looking at ipad at cybersafety resource dispelling the myth of boring cyber


Target the myth of “boring” cyber and its real-world consequences. Cybersecurity is critical and engaging. Downplaying breaches can desensitize the public and normalize high-impact losses.

Key Points

cybersafety consequences icon

Real-World Consequences

Cybersecurity breaches have long term consequences. The Toronto Public Library breach that affected over 100 branches compromised personal data including banking information and security questions, leading to employee vulnerability.

cybersecurity misconceptions laptop icon


The security report for the Toronto Public Library breach hints that security is tedious and unnecessary until a breach occurs. This narrative normalizes the severity of cyber breaches. In reality, no investment in security leads to these events.

cybersecurity investigation icon

Public Sector Vulnerability

Public sector organizations often have a low level of cybersecurity preparedness, making them vulnerable to attacks. The cycle continues as they are seen as vulnerable, which fuels attacks on culturally important institutions like libraries.

Essential Questions

Use these essential questions as a guide to write articles on cybersecurity that are well-informed, balanced, and trustworthy. By keeping these principles in mind, journalists can produce balanced, credible stories that resonate with and inform their audience.

Help readers recognize flawed arguments, and any misconceptions that cybersecurity measures hinder intellectual freedom and openness. From analyzing the breach report itself, identify the nature of the breach, timeline of events and the type of data compromised. Look for sections that discuss lessons learned or common vulnerabilities that are highlighted across multiple reports.

Bring in similar case studies of major breaches to understand the scope of the real-world consequences for individuals and organizations. Focus on the financial losses, personal data compromise, and emotional distress this may cause. Conduct interviews with individuals affected by data breaches for firsthand accounts of the impact. Also highlight practical steps the readers can take, such as regular password changes, use of multi-factor authentication, and vigilance against phishing attacks.

Identify the organizations and individuals responsible for the breach. This could include IT departments, third-party vendors, or specific executives. Research and review legal actions and penalties imposed on organizations following breaches.

For identity data, review if sensitive data was passed through a secure and encrypted channel. Research whether sensitive information was given to trusted parties when absolutely necessary.

Courses for everyone

Register for our Cybersafety Academy

Welcome to the KnowledgeFlow Cybersafety Academy! Designed with all skill levels in mind, our academy offers a wide range of courses on topics like data privacy, secure online communication and how to spot scams. With simple, easy-to-understand content and practical applications, our platform creates a welcoming learning community. Gain the confidence to navigate the digital world safely and securely.