This document provides an overview of essential security and risk fundamentals presented by Alison Gianotto. It begins by defining what security and risk management are and are not. Security is described as an ongoing group effort focused on understanding and protecting valuable assets, information, and people through multi-layered defenses. Risk management is outlined as a tool to help make informed decisions, not something that hinders innovation. The document then covers the CIA security triad of confidentiality, integrity, and availability. It concludes by offering immediate actions organizations can take to improve security such as establishing a risk-first approach, automating processes, and developing incident response plans.