Cyber Pop-up Glossary
Access Control
- Involves managing permissions, authentication, and authorization to regulate system or network access.
Advanced Persistent Threat (APT)
- A prolonged and targeted cyberattack in which an unauthorized user gains access to a network or system with the intention of remaining undetected while stealing data or causing harm.
Antivirus (AV)
- Software that is designed to detect, prevent, and remove malware, such as viruses, worms, and Trojans, from computer systems.
Authentication
- Verification of the identity of a user, system, or device. This is done with passwords, biometrics, or multi-factor authentication.
Blockchain
- A decentralized and distributed ledger technology that ensures the integrity and security of transactions through cryptographic principles.
Botnet
- A network of compromised computers (bots) controlled by a single entity (botmaster) to carry out various cyberattacks, often without the users' knowledge.
Cyber Debt
- A contemporary term used to describe the accumulated risks and vulnerabilities in an organization's cybersecurity infrastructure that result from delayed or insufficient investment in security measures.
Cyber Posture
- The strength and resilience of an organization's defense against cyber attacks, including its ability to detect, prevent, respond to, and recover from cyber threats. Cyber Posture includes security measures, policies, technologies, and practices that an organization has in place to protect their digital assets, networks, and data.
Cybersecurity
- The art of protecting computer systems, networks, and data from theft, damage, unauthorized access, and criminal use.
Cybersecurity Frameworks
- Structured guidelines and best practices (e.g., NIST, ISO/IEC 27001) to help organizations develop, implement, and manage effective cybersecurity programs.
Deep Web vs. Dark Web
- The deep web includes all parts of the internet not indexed by search engines, while the dark web is a small portion of the deep web intentionally hidden and often associated with illicit activities.
Denial of Service (DoS) Attack
- An attack intended to disrupt a system, network, or website with an overwhelming number of traffic or requests.
Digital Forensics
- The process of collecting, analyzing, and preserving electronic evidence to investigate and respond to cybercrime incidents.
Encryption
- The process of converting data into a secure format to prevent unauthorized access. Decryption is the reverse process, turning encrypted data back into its original form.
Endpoint Security
- Security measures designed to protect individual devices (endpoints) such as computers, laptops, and mobile devices from cyber threats.
Firewall
- A network security device or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
HIPAA
- Health Insurance Portability and Accountability Act. HIPAA establishes national standards for the protection and confidential handling of protected health information (PHI) by healthcare providers, health plans, and healthcare clearinghouses. The law includes provisions related to the privacy and security of health information, as well as the electronic exchange of health data. HIPAA is crucial for safeguarding the privacy and security of patients' personal health information in the healthcare industry.
ISO 27001
- ISO 27001, or ISO/IEC 27001:2013 is an international standard that outlines the requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). The standard provides a systematic approach to managing sensitive company information, ensuring its confidentiality, integrity, and availability.
Incident Response
- The process of managing and mitigating the impact of a cybersecurity incident, including analyzing, containing, eradicating, recovering, and learning from the event.
Internet of Things (IoT)
- The network of interconnected devices and objects embedded with sensors and software that can communicate and exchange data.
Malware
- Short for malicious software, malware refers to any software specifically designed to harm or exploit computers, networks, or users. Examples include viruses, worms, and ransomware.
Multi-Factor Authentication (MFA)
- A security process that requires users to provide multiple forms of identification before granting access to a system or application, enhancing security beyond just passwords.
PCI
- Payment Card Industry (PCI) refers to the standards and regulations established by the Payment Card Industry Security Standards Council (PCI SSC) to ensure the secure handling of credit card information during transactions. Compliance with PCI standards is mandatory for businesses that handle payment card transactions to safeguard sensitive financial information and maintain trust with customers.
Patch Management
- The process of regularly updating and applying patches to software, systems, and applications to fix vulnerabilities and enhance security.
Penetration Testing
- A simulated cyberattack on a system, network, or application to identify vulnerabilities and weaknesses that could be exploited by real attackers.
Phishing
- A social engineering attack where cybercriminals use deceptive emails, messages, or websites to trick individuals into divulging sensitive information, such as usernames and passwords.
Ransomware
- Malicious software that encrypts a user's files and demands payment (usually in cryptocurrency) for their release. It is a type of extortion attack.
Red Team vs. Blue Team
- Red teams play the role of the cyberattackers in order to test and improve defenses. The blue team defends against attacks and responds to both simulated or real attacks.
Risk Assessment
- Scoping, risk identification, risk analysis, and the evaluation of potential risks and vulnerabilities within an organization's information technology (IT) infrastructure. A cybersecurity risk assessment helps an organization understand the threats and potential impact on their assets, such as data, systems, and networks.
SOC 2
- SOC 2 stands for Service Organization Control 2. It is a framework developed by the American Institute of Certified Public Accountants (AICPA) to assess the security, availability, processing integrity, confidentiality, and privacy of service organizations' systems and the data they handle.
Security Awareness Training
- Educational programs to inform and train employees about cybersecurity best practices, policies, and potential threats.
Security Operations Center (SOC)
- An in-house or outsourced team that is responsible for monitoring, analyzing, and responding to cybersecurity incidents in real-time.
Security Policy
- A set of guidelines and rules established by an organization to define and enforce security standards and practices.
Social Engineering
- Manipulative techniques used by cyber criminals to deceive individuals in order to gain control and steal financial or personal information.
Threat Intelligence
- Information about potential cybersecurity threats, including indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs) used by attackers.
Vulnerability
- Weaknesses in software, systems, or networks that cyber attackers could exploit to compromise the confidentiality, integrity, or availability of an organization's or individual's data.
Zero-Day Exploit
- A cyberattack that exploits an unknown vulnerability in software or hardware before the vendor releases a patch or fix.
vCISO, or Virtual Chief Information Security Officer
- An outsourced or remote cybersecurity professional who assumes the responsibilities of a Chief Information Security Officer (CISO) on a part-time or contractual basis. The vCISO provides strategic leadership and guidance in developing and implementing an organization's cybersecurity strategy, policies, and practices.
