IT Security & Cybersecurity Glossary
Antivirus software provides defense against known malware threats. Often subscription-based, AV software is continuously updated as new threats become known. Anti-virus products can also help with the removal of malware.
A blockchain is an electronic record of transactions. Bitcoin and other cryptocurrencies use blockchain technology to record transactions.
Some websites store information on your computer or smartphone. These small files-called cookies-contain the website address and an ID that identifies you as a returning user. Cookies may also contain other information about your prior use of the site. This could include the links you clicked on, items you put in a shopping cart, and which pages you visited. Cookies can help improve your experience by allowing sites to tailor content to you. But cookies are controversial. The storage of personal information is a concern for many who don’t want their personal browsing habits stored.
Cyber Physical Attack
An attack that seeks to gain access to a physical asset of some sort. With more of our everyday devices connected to the Internet-from refrigerators to cars, cyber-physical attacks are getting increased attention. Real world examples include attacks on construction equipment, cargo ships, and medical laboratories.
A general term referring broadly to the processes, controls, and technologies that reduce the risk of attacks on computer systems and other devices.
A Distributed Denial of Service attack is a malicious attempt to prevent the normal flow of data to a server or other device by overwhelming that device with traffic. The attacks utilize a series of compromised computers (called Bots) organized into a network (botnets) that the perpetrator uses to flood the targeted device with traffic, thereby denying normal service to that device.
An “endpoint” is device such as a PC, laptop, or smart phone. Endpoint security refers to the practices and technologies used to secure these network entry points.
A firewall is a security device that monitors traffic in and out of a network. Firewalls are like traffic cops that make decisions about what traffic to allow based on a set of rules. A firewall might have a rule that limits traffic based on geography for example.
Hackers / Hacking
A hacker is a person who seeks to gain unauthorized access to a system or data. Generally speaking hackers are seeking to profit from their actions though ‘ethical hackers’ attempt to hack into a system in order to provide feedback on security flaws that could be an entry point for a malicious hacker.
Malware is software specifically designed to harm, disrupt or gain unauthorized access to data or systems.
A managed antivirus solution is one where a third party is managing the deployment of utilization of antivirus tools and solutions, subscriptions and configurations.
Multi-Factor Authentication (MFA)
MFA is a type of access control technology that requires multiple forms of authentication before a system can be accessed. Typically in addition to a login ID and password, the user will need to supply a one-time code that can be received on a smart phone, via e-mail or a dedicated device. Implementing MFA is an effective way to guard against the loss of a password through a data breach as the password alone is not sufficient for gaining access.
A patch is a fix to an operating system or other software. Operating system patches are often associated with reducing security vulnerabilities.
Patch management is the process of systematically vetting and applying operating system patches with the goal of keeping systems current and reducing vulnerabilities.
Phishing is a type of e-mail based security threat used to attempt to gain unauthorized access to a system or data. Phishing e-mail messages are made to look real and seek to get the recipient to click on a link that can result in malware being downloaded onto the device. Phishing attempts are the most common entry point for malware which is why a strong security awareness education program should be an important part of an overall security program.
A type of malicious attack that encrypts files on an infected device or network, preventing them from being accessed until a ransom is paid.
Recovery Point Objective (RPO)
RPO is the maximum amount of data that an organization would be willing to lose or reenter after an attack or other system failure.
Recovery Time Objective (RTO)
RTO is the maximum amount of time that an organization would be willing to be without access to it’s data and systems after a security breach or other failure.
A risk assessment is an analysis of the current cybersecurity posture of an organization. The assessment will identify areas of vulnerability and provide guidance on how to reduce security risks.
SPAM is a type of unsolicited and often unwanted e-mail message. SPAM can come from legitimate sources seeking to earn your business. But SPAM can also come from malicious actors who pose a threat to your systems and data. SPAM filtering systems are good at catching and containing most but not all SPAM messages.
A highly targeted form of phishing, spear-phishing targets specific users within an organization. Spear phishing messages are often detailed and purport to come from other known people within an organization and so can seem more credible.
Another form of malicious software, the goal of spyware is to obtain information about you and then to use that information or transfer it to a third party without your knowledge or consent.
SSL Certificate (Secure Sockets Layer)
An SSL certificate provides a way to authenticate the identity of the owner of website. It also encrypts traffic to and from the website giving users more confidence that a site can be trusted. Secure sites are displayed in your browser with a padlock icon in the address bar and are designated by the https:// identifier as opposed to http://.
Unified Threat Management (UTM)
UTM is a term that refers to solutions that provide multiple layers of security from within a single device on the network.
A computer virus is a type of malicious malware designed to harm or provide unauthorized access to data or systems.