The cyber security industry is filled with hard-to-understand and complex technical terms. From phishing and whaling to the Internet of Things and the Dark Web, we’ve put together a Cyber Security Jargon Buster to help make a little more sense of the otherwise tricky terminology.
Cyber Security Jargon Buster
Anti-virus
Software designed to detect and remove computer viruses.
Cyberattack
Any type of activity that manipulates or destroys a computer, network, device or the information contained within them. The term ‘cyberattack’ is a blanket term covering everything from a hacked website to a spam email landing in your inbox.
Compliance
Specific security standards and frameworks demonstrating that an organisation is following best practices in order to protect its data and users from a cyberattack or breach.
Dark web
Part of the internet that can only be accessed using specific software, configuration or authorisation. The dark web is used for selling illegal and black market products – including personal and business information and data files acquired by hackers. Dark Web Monitoring is the most effective method of detecting stolen or compromised credentials.
Device spoofing
Device spoofing occurs when a hacker impersonates a device or user on a network in order to bypass access controls and steal data or spread a virus.
External cyber threats
When an external source attempts to gain access to a network or device with malicious intent by exploiting vulnerabilities in the network’s defence. For example, hackers may look to manipulate out-of-date and unpatched security systems to access information within a network.
Firewall
A secure network security system that establishes a barrier between the internal and external network. It monitors incoming and outgoing traffic based on security rules.
Hacker
An individual who maliciously gains access to information stored within an account, device or network.
Incident response
A plan or action of response to a cyber security breach or attack. Incident response is required to quickly manage and mitigate damage, as well as recover and restore services following an incident.
Internal cyber threats
Threats posed to an organisation by its employees, who may intentionally or accidentally compromise security – for example, by downloading malicious files or sharing security information that leads to a breach. User awareness training is crucial to educating staff who are unaware of the risks.
Internet of Things (IoT)
The IoT is the interconnection between everyday objects via the internet, enabling them to share and receive data from one another.
Malware
Software used to facilitate unauthorised access and cause damage or disruption to a system. This is usually downloaded to a computer through a malicious website or unsafe link.
Managed Security Service Provider (MSSP)
A third-party provider of managed cyber security services designed to reduce risk and protect against security breaches, whilst managing compliance with regulatory standards.
Multi-factor authentication (MFA)
A security authentication method requiring two or more steps to successfully access an account or device. Typically, these elements are knowledge, inherence and possession.
Penetration testing (Pentest)
Penetration testing is a specialist form of assessment designed to identify vulnerabilities and security weaknesses within a network that cybercriminals could exploit. It can also be used to test an organisation’s security policy compliance, employee awareness and response time.
Phishing
Phishing involves sending a hoax email impersonating a reputable company or person in order to get individuals to offer their personal information, such as bank details or passwords.
Ransomware
Malicious software used by hackers to lock a computer’s content and demand a ransom to regain access.
Security Operations Centre (SOC)
A team or unit of specialist information security experts that manage an organisation’s cyber security strategy and defence. Air Sec’s SOC-as-a-Service delivers next-generation threat detection and incident response to safeguard from the latest threats.
Virtual Chief Information Security Officer (vCISO)
A vCISO is an external cyber security expert who takes on the role of Chief Information Officer within an organisation to develop and manage its strategy, budget and regulatory compliance.
Virus
Software that contains a malicious program or code designed to alter the way a computer operates. Aptly named, a virus will spread from computer to computer quickly, corrupting or destroying data.
Protecting your business from cybercrime
If you found our Cyber Security Jargon Buster helpful, check out our other cyber security articles.
In today’s world, companies need to ensure they are taking appropriate precautions against the threats of cybercrime. Air Sec, our dedicated cyber security division, delivers next-generation managed cyber security and incident response services, safeguarding from the very latest threats and ensuring regulatory compliance.
