Common Cybersecurity Terms

As cybersecurity has come more front and center into our everyday lives, we thought it would be worth explaining some of the more common cybersecurity terms you may hear.

October is Cybersecurity Awareness Month. And as cybersecurity has come more front and center into our everyday lives, we thought it would be worth explaining some of the more common cybersecurity terms you may hear.

As a disclaimer, this isn’t intended to be a complete list of all terms you need to know about cybersecurity – just some of the key ones. In a future blog, we may add to this list.

There are a number of resources which provide comprehensive listings. One such resource is the U.S. Election Assistance Commission. Another is from the University of Michigan which lists 15 of the top cybersecurity terms you should know.

 

Here’s our list of some of the top terms:

  1. Antivirus: Helps to protect a computer against cyber criminals. Antivirus software searches for and removes viruses that have infected a computer. Learn about managed antivirus.

  2. Authentication: How to identify the identity of a user and be certain that he/she can have access to the system or files. Typically, authentication is accomplished through a password, although some of the more sophisticated methods may include a retina or fingerprint scan. You’ll also hear the term “Two-factor authentication” or “Multi-factor authentication” which typically involves another layer of security in accessing the network. That is most often entering a code which the individual receives via email or text – and which is a recommended security measure.

  3. Cloud: A storage system that allows you to access programs and data over the Internet, as opposed to the hard drive on the computer. A key advantage to using the cloud is that if a computer is lost or damaged, your data is retrievable.

  4. Data breach: The (unfortunately) successful efforts of a hacker to gain access to a company’s network, which most often results in theft of valuable information, including financial data such as credit cards, intellectual property, and/or healthcare records. The damage done from a data breach can extend far beyond the financial costs, and include reputational damage. Learn the essential tips to prevent data breaches

  5. DDoS: This stands for Distributed Denial of Service. With multiple hosts and users, a hacker floods a website with emails and requests for services that renders the website unavailable. Think: traffic jam.

  6. Encryption: Coding used to protect information from hackers. Learn how to encrypt your email

  7. Ethical hacker: When we think of hackers, we think of people trying to gain unauthorized access to a network for theft of mischief. There are also hackers who work for companies doing penetration tests, finding out where the weaknesses and vulnerabilities are. The ethical hackers do not create mischief; they perform penetration tests so that mischief can’t be created.

  8. Exploit: This is a term used to describe a means of attacking a computer system, through a series of commands, malicious software, or infected data. Firewall: Technology, software or hardware, that is used to protect the infrastructure and keep unwanted intruders out.

  9. IoT: this stands for “Internet of Things” and refers to commonplace items connected to the internet and capable of collecting and transferring data without human input. IoT includes computers, cameras, household appliances, phones, and so forth.

  10. IP address: IP stands for Internet Protocol. An IP address is a series of numbers assigned to computers, servers, routers and websites. An IP address allows users to find any system or device on the global network with these numbers.

  11. Malware: It’s named for the combination of the words “malicious” and “software.” It’s a wide range of software used to infect and damage a system. Some of the types of malware you may have most likely heard of include ransomware, worms, viruses and Trojan horses. Malware most often enters a system through email where the recipient inadvertently clicks on an infected link. Stop malware in just 3 moves

  12. Penetration testing (also called Pen Test) is a simulated cyberattack on a network to look for vulnerabilities and weaknesses in a system. It is a useful tool because it is a friendly person exposing weaknesses in a system, thereby giving you the opportunity to make corrections before an unfriendly and malicious hacker does.

  13. Phishing: A hacker poses as a friend, or a representative of a business or or organization to convince the recipient to provide personal information, or to click on a link or attachment in an email, and when the recipient does, there is usually malware attached. While phishing attempts have become more sophisticated, there are often telltale signs that the email is not legitimate – including faulty grammar. When in doubt, don’t open! 5 way to spot phishing emails

  14. Ransomware: This is a form of malware that takes over your operating system and encrypts your files and denies access until you pay a ransom. This is another compelling reason to store data in the cloud.

  15. Social engineering: This is a popular means by hackers to access restricted resources. For example, an administrative assistant might receive an email from someone claiming to be the CEO asking the recipient to forward sensitive employee information. Rather than hacking into networks, social engineering attempts to use psychology and manipulation to gain information rather than hacking into the system. When in doubt, verify that the message is legitimate!

  16. Spyware: Spyware is a type of malware that, as the name suggests, is capable of spying on you. With a smartphone, the right spyware can read text messages, and even track down your location.

  17. VPN: A Virtual Private Network is how you can connect a series of computers and devices in a private encrypted network. In a VPN, each user’s individual IP address is replaced by the VPN’s IP address. A VPN in essence provides its own IP address and all of the individual IP addresses within that network are anonymous, making it more difficult for hackers to gain access.

This has been a quick look at some of the common cybersecurity terms. If there is any conclusion you should draw from this article, it’s that it is very important to do everything you can to protect your business or organization and its infrastructure.