Cybersecurity terms can seem confusing and too technical. Listed below are some of the most common terms that we use in our day to day language.
The means and mechanisms of managing access to and use of resources by users
The process of proving an individual is a claimed identity
Recording the events and activities of a system and its users. The recorded events are compared against security policy and behavioral baselines to evaluate compliance and/or discover violations.
The efforts to design, implement, and maintain security for an organization's network, which is connected to the internet. It is a combination of logical/technical, physical, and personnel-focused countermeasures, safeguards, and security controls.
The occurrence of disclosure of confidential information, access to confidential information, destruction of data assets or abbusive use of a private IT environment. Generally, a data breach results in internal data being made accessible to external entities without authorization.
A security tool, which may be a hardware or software solution that is used to filter network traffic.
Malware (malicious software)
Any code written for the specific purpose of causing harm, disclosing information or otherwise violating the security or stability of a system
The management activity related to researching, testing, approving and installing updates and patches to computer systems, which includes firmware, operating systems and applications.
A means of security evaluation where automated tools and manual exploitations are performed by security and attack experts.
A social engineering attack that attempts to collect information from victims. Phishing attacks can take place over e-mail, text messages, through social networks or via smart phone apps.
A form of malware that holds a victim's data hostage on their computer typically through robust encryption. This is followed by a demand for payment in the form of Bitcoin (an untraceable digital currency) in order to release control of the captured data back to the user.
The process of evaluating the state of risk of an organization. Risk assessment is often initiated through taking an inventory of all assets, assigning each asset a value, and then considering any potential threats against each asset.
The process of performing a risk assessment and evaluating the responses to risk in order to mitigate or otherwise handle the indentified risks.
An attack focusing on people rather than technology. This type of attack is psychological and aims to either gain access to information or to a logical or physical environment. A social engineering attack may be used to gain access to a facility by tricking a worker into assisting by holding the door when making a delivery, gaining access into a network by tricking a user into revealing their account credentials to the false technical support staff or gaining copies of data files by encouraging a worker to cut-and-paste confidential materials into an e-mail or social networking post.
A form of social engineering attack that is targeted to victims who have an existing digital relationship with an online entity such as a bank or retail website. A spear phishing message is often an e-mail although there are also text message and VoIP spear phishing attacks as well, which looks exactly like a legitimate communication from a trusted entity.
The means of proving identity using two authentication factors usually considered stronger than any single factor authentication. A form of multi-factor authentication. Valid factors for authentication include Type 1: Something you know such as passwords and PINs; Type 2: Something you have such as smart cards or OTP (One Time Password) devices; and Type 3: Someone you are such as fingerprints or retina scans (aka biometrics).
A means of authentication commonly employed on websites as an improvement over single factor authentication but not as robust as two-factor authentication. This form of authentication requires the visitor provide their username (i.e. claim an identity) and password (i.e. the single factor authentication) before performing an additional step. The additional step could be receiving a text message with a code, then typing that code back into the website for confirmation.
Any weakness in an asset or security protection which would allow for a threat to cause harm. It may be a flaw in coding, a mistake in configuration, a limitation of scope or capability, an error in architecture, design, or logic or a clever abuse of valid systems and their functions.
A way or path that someone could take that could result in access to a system