To kick off National Cyber Security Awareness Month we’re sharing cyber security definitions and terminology that everyone should know. If you want to understand cybersecurity but don’t know what all of the jargon means then this post is for you.
Cloud – a collection of computers with large storage capabilities that remotely store our files and/or services and serve requests to allow us to access this information through the internet from anywhere in the world.
Cyber Attack – an intentional action to exploit computer systems, tech-dependent enterprises, and networks with the intent to harm, damage, or gain confidential information.
Cyber Security – defense against cyber attacks through multiple security layers spread across systems, programs, networks, and people.
Domain – a group of computers, printers, and/or devices that are interconnected and governed as a whole.
Hacker – an expert computer programmer who tries to gain unauthorized access into a network or computer system with intent (can be for good or for bad).
HTTPS vs HTTP – the standards that allow computers to communicate over the internet. HTTPS adds security to the basic communication protocol by creating a secure tunnel between you and the website that you are visiting.
IP Address – an identifiable address for your computer when it communicates over a network.
Secure Wifi – a wireless connection that requires some type of encryption and authentication (usually through a password) before a connection will be established.
Virtual Private Network (VPN) – an extension of a local network via secure protocols allowing users to remain anonymous by encrypting traffic and masking location when using the internet.
Vulnerability – any weakness in your software or hardware that can be exploited.
Cyber Security Attacks
Black Hat Hacker – an unethical hacker who causes damage to computer systems, steals data or money, and generally conducts illegal cyber activities.
Distributed Denial of Service (DDoS) – an attack aiming to make a service such as a website unavailable by overwhelming it with malicious traffic or data from multiple services.
Exploit – a technique used to deliver a form of malicious content. Examples could be an email or social engineering.
Malware – a general term for all forms of malicious software designed to wreak havoc on a computer. Examples could be a virus, worm, or ransomware.
Phishing – an attempt to acquire sensitive information by posing as an organization or person that you know. These attempts usually include a link or attachment which will download malware to your system if you click or open them.
Ransomware – malware that prevents you from accessing files on your computer and requires a payment to unencrypt and return your files.
Spear Phishing – a form of phishing where an attacker targets a specific person of business instead of just targeting everyone.
Virus – malware aimed to corrupt, erase, or modify information on a computer before spreading to others.
Whaling – a form for phishing that targets executives.
Worm – malware that can replicate itself in order to spread to other connected computers and actively hunts out weak systems in the network to exploit.
Zero Day – an attack exploiting a vulnerability that the public, security professionals, and software developers don’t know exist.
Cyber Security Tactics
Backups – a copy of your data, programs, and/or services that is stored in a second location that is, preferably secure and offsite.
Defense – In – Depth – creating multiple layers of security to protect information, resources, and assets from cyber attacks so that if any one security layer fails another layer still blocks the attack.
Encryption – a method of protecting and securing information as it travels from one party to another by taking a file and changing its contents into something unreadable to those without the encryption key.
Firewall – a virtual barrier that protects against both internal and external attacks by checking each interaction and judging if it should be allowed entry to your system or not.
Hardening – providing protection to a computer system at various levels such as host, application, operating system, user, physical levels, and all the other sub-levels in between.
Intrusion Detection System (IDS) – software or a device that monitors network traffic for malicious activity and helps in identifying suspicious activity, log information about the activity, and attempts to report it.
Patching – updating software to a newer version that removes bugs and secures vulnerabilities found in the previous version.
Penetration Testing – testing a computer system, network, or web application to find vulnerabilities that an attacker could exploit.
White Hat Hacker – an ethical hacker who is hired by a company to test a system to find potential vulnerabilities.
Do you feel more comfortable with cyber security now? The purpose of National Cyber Security Awareness Month is to educate everyone about the importance of cyber security and how we all have a vital role to play in it. This mini-dictionary should get you started understanding what goes on in the world of cyber security.
If you want to download a copy of this resource, enter your information below.
And if you want to know the definition of additional terms, think we left out an important one, or want to get in touch with us, send Gray Analytics an email or get in on the discussion on social media!