With the successive revolutions in personal computing, Internet access, and mobility, the last few decades have seen an unprecedented period of technological growth and accompanying information access. While most of the consequences have been positive, and in many cases truly transformational, there are also some inevitable impacts that we, as technology’s beneficiaries, can generally regard as less desirable. The more widespread need to understand IT security issues is a case in point. Despite an ever-increasing reliance on IT devices and services, users can still regularly suffer from a lack of security literacy. In spite of supporting information and guidance, behaviour frequently falls short of recommended good practice. Steven Furnell and Liam Moore of Plymouth University discuss a series of key security topics with which users should be familiar. They also suggest that a faster uptake of good practices could be achieved by strengthening the default security settings on systems and devices.