With cyberattacks constantly increasing and evolving daily, there are an increasing number of cybersecurity terms you need to know to ensure you keep safe in the digital age.
While the following glossary is not comprehensive, it does contain 29 fundamental cybersecurity terms and their definitions to help you better understand the concepts and best practices that make up the discipline of cybersecurity.
- 29 Essential Cybersecurity Terms
- 1. Antivirus
- 2. Authentication
- 3. Bot/Botnet
- 4. Bring Your Own Device (BYOD)
- 5. Clickbait
- 6. Cloud Security
- 7. Data Breach
- 8. Day-Zero Exploit
- 9. Distributed Denial of Service (DDoS)
- 10. Encryption
- 11. Endpoint Protection (EPP)
- 12. Evil Twin
- 13. Malware
- 14. Man-in-the-Middle
- 15. Penetration Testing
- 16. Phishing
- 17. Ransomware
- 18. Rootkit
- 19. Secure Access Service Edge (SASE)
- 20. Scareware
- 21. Social Engineering
- 22. Spoofing
- 23. Spyware
- 24. Trojan Horse
- 25. Virus
- 26. Virtual Private Network (VPN)
- 27. White/Black/Grey Hat Hacker
- 28. Worm
- 29. Zero Trust
- Further Technology Articles
29 Essential Cybersecurity Terms
Antivirus is software designed to detect, stop, and remove viruses. Once the antivirus software is installed on a device, it runs automatically in the background and provides real-time virus protection.
Next-generation antivirus software (NGAV) can protect trojan horses, worms, and spyware, plus it may have additional features such as URL filtering and customisable firewall rules.
Authentication is the process of confirming the identity of an entity (a user or automated system) attempting to connect to and use a computer system.
Authentication ensures that users have appropriate access to the systems or files through password, fingerprint, and retina scan checks that are often combined with multifactor authentication.
A botnet is a network of virus or malware-infected computers that use their combined processing power to perform functions without the device owner’s knowledge. Botnet attacks often include cryptojacking, large-scale spam email distribution, and Distributed Denial of Service (DDoS) attacks.
4. Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD) is an organisation’s policy that permits staff to use personal devices for work. Employees use their devices to connect to their employer’s network and access the systems they need to do their jobs, including sensitive or confidential data.
BYOD devices include tablets, smartphones, laptops, personal computers, or USB drives. A BYOD policy offers employees the freedom to use the devices to aid in performing day-to-day tasks. This saves employers money; however, they do have to manage their BYOD policy and security carefully.
Clickbait is a text, email or link on social media designed to entice users to follow the link and then read, view, or listen to the linked online content, which is usually malware.
The content is typically sensationalised or deceptive. There’s usually a teaser that exploits the “curiosity gap,” providing enough information to make readers curious enough to click on the linked content.
Clickbait headlines use dishonest enticements that do not reflect the content delivered. The term “bait” is an analogy with fishing, where the bait is an enticement to the reader.
6. Cloud Security
Cloud security is a subset of cybersecurity focused on securing cloud computing systems and keeping data private and safe across online-based infrastructures, platforms, and applications.
Cloud service providers and clients work together to secure these systems. Cloud providers host services on servers fortified with security methods that store client data privately and safely.
7. Data Breach
A data breach results when a hacker successfully breaks into a system, gains control of its network, and exposes its data, usually personal data such as credit card details, bank account numbers, and medical records.
8. Day-Zero Exploit
A day-zero exploit is a cyberattack that targets software vulnerabilities either unknown to the software vendors or has just been announced. The attacker spots the vulnerability before the relevant security patches have been applied to all affected systems.
These attacks often succeed because defences still need to be set. The most typical targets are website server software, device firewall protection and device operating systems.
9. Distributed Denial of Service (DDoS)
Distributed Denial of Service is a popular black hat tool. Hackers use multiple hosts and users to bombard a website with requests to the extent that it locks the system and temporarily forces it to shut down.
Encryption is the process of scrambling data, so it’s unreadable, which prevents theft. Encrypted data can only be unscrambled and accessed with the correct trusted decrypting key.
11. Endpoint Protection (EPP)
Endpoint protection is systems or software packages for the network security of endpoint devices. EPP focuses on network endpoints, which are individual devices like workstations and mobile devices from which the user accesses a network.
12. Evil Twin
An evil twin attack works by tricking unsuspecting users into connecting to a phoney Wi-Fi access point that mimics a legitimate network (usually free public Wi-Fi in a coffee shop, hotel or airport.
Once a user connects, hackers can access everything from the user’s network traffic to login credentials. This attack is especially dangerous because it is nearly impossible to identify.
The term malware describes various malicious software types that carry a software payload to infect or damage a system. Ransomware, viruses, worms, spyware and trojans are all forms of malware payload and are often delivered as spam emails.
The man-in-the-middle attack occurs when a cybercriminal intercepts (and decrypts) a data transaction between a user device and an end-server, such as online banking. This type of attack is usually performed on an evil twin Wi-Fi network.
15. Penetration Testing
Penetration testing involves (usually legitimate) testers a company hires to test the security of its current network infrastructure, including firewalls, servers and websites. They search for those vulnerabilities they can exploit to compromise the application, data, or the app’s environmental resources.
Phishing is where a hacker poses as a legitimate business, such as a credit card company, bank, charity, or internet provider. The point is to fool the victim into providing sensitive personal information or tricking them into clicking a link or attachment that delivers malware. Some phishing schemes are well done; others are sloppy and can be spotted easily.
Ransomware is malicious software spread by malware that hijacks the user’s system and encrypts their files, denying the user access until they send money to unlock them. It essentially kidnaps the user’s computer and holds it for ransom.
A rootkit enables cybercriminals to control your computer from a remote location. Rootkits are damaging because they are challenging to detect, which makes it possible for the malware to live on your computer for a long time.
19. Secure Access Service Edge (SASE)
Secure Access Service Edge (SASE) is a network architecture framework that brings cloud-native security technologies delivered as services (listed below) from the cloud and can be managed from a central location.
- Secure Web Gateway (SWG)
- Cloud Access Security Broker (CASB)
- Zero Trust Network Access (ZTNA)
- Firewall as a Service (FWaaS)
Scareware is a cyberattack that frightens people into visiting infected or spoofed websites or downloading malicious software. A scareware infection often appears as pop-up ads on a user’s computer or in the form of spam email attacks.
A scareware attack launches through pop-ups onscreen, falsely warning users that their computer has been infected with a virus and then offering a solution. This type of social engineering tactic frightens people into paying for software to fix the “problem.” However, that software is malware programmed to steal the user’s personal data.
21. Social Engineering
Social engineering is a technique that manipulates and deceives people into providing private, sensitive information. Once a hacker understands what motivates the person, they can retrieve what they’re looking for, usually financial data and passwords.
Spoofing occurs when a hacker changes their IP address or email address so that it appears to come from a trusted source. A cybercriminal will spoof their email address, phone number, display name, text message, or URL to hide their true identity and location.
Spyware is a type of malware that permits hackers to spy on users and their computer activities. For example, if a smartphone is infected with spyware, a hacker can read the user’s text messages, redirect phone calls, and even track the user’s location.
24. Trojan Horse
A Trojan horse is a form of malware that looks innocent. In actuality, it is a malicious program that allows the hacker into a user’s system through a back door, giving them control of the user’s computer.
A virus is a malware type that alters, corrupts, or destroys information. Then, it moves on to other systems, usually when the user unknowingly sends an email or copies a file.
26. Virtual Private Network (VPN)
A VPN is a way of connecting computers and devices to transmit data over an untrusted network (such as the public internet) within a private and secure encrypted tunnel.
27. White/Black/Grey Hat Hacker
In reference to hackers, the term “hats” indicates the hacker’s intention. White hat refers to a hacker who breaches a network to obtain sensitive information with the owner’s consent, which makes it legal. This method tests infrastructure vulnerabilities.
Black hat refers to hackers who illegally break into a network to steal information and later use it to harm the owner or the users. And finally, a grey hat hacker lies somewhere in between.
A computer worm is a subset of Trojan horse malware. It self-replicates without human activation and breaches a system. Typically, a worm spreads across the local LAN or Wi-Fi network infecting other devices.
29. Zero Trust
Zero Trust requires all users (both in or outside the organisation’s network) to be authenticated and authorised before being granted access.
Users are continuously validated for security configuration and posture to maintain access to applications and data. Zero Trust assumes there is no traditional network edge. Thus, networks can be local, within the cloud, or hybrid.
As the number of cyber threats increases and the cybersecurity to mitigate the risk continues to evolve, so will the terminology. Having a good understanding of basic cybersecurity terms should be on everyone’s to-do list in the modern age of cybercrime.
If you would like to discuss your network security requirements in more detail with one of our cybersecurity professionals, please don’t hesitate to get in touch.