Important cyber security keywords that you need to know
Cyber security is quickly becoming a vital topic of which every business and employee needs to be aware. From phishing emails to identity theft, it can happen to any business at any time. However, cyber security buzzwords can be confusing, especially if you don’t understand the different terms used. To give you a head start in becoming more cyber safe, we have listed below the most common cyber security keywords and their definitions, helping you and your business gain a deeper understanding.
Common cyber security terms
Cyber security refers to the processes and methods of defending your network and devices from data breaches and other cyber attacks.
Here are some common cyber security terms used that you should familiarise yourself with:
- Bad actor. A hacker, hacktivist, foreign intelligence, employee (current or ex), industrial competitor, or cyber criminal who has bad intent.
- Feature. This is an intended function or item of functionality that can be misused by an attacker to breach a system. Features may improve the user’s experience, help diagnose problems or improve management but can also be used by an attacker.
- Perimeter. The exposed elements of your network, computers, software, and systems.
- Attack surface. This includes the perimeter as well as real-world targets such as your offices, users, and users' home devices. Any area that can have pressure or be attacked.
- Vector. The attack vector is the method of delivery or route taken to exploit a vulnerability and hit the attack surface. Typically resulting in a breach and access within the perimeter.
- Dwell time. This is the amount of time a breach goes unnoticed within the perimeter. In 2019 in EMEA this was 54 days, imagine the damage that could be done within that time frame.
Common cyber threats
There is a wide range of ways a bad actor could obtain your confidential data. Below we list some of the most common methods that you need to be aware of:
- Breach. The successful intrusion within your perimeter by an actor.
- Phishing. Involves sending a large group of people urgent emails that pressure them for sensitive information or access.
- Ransomware. A type of malware where the attacker encrypts or locks away sensitive data and threatens to deny access or publish it until a fee is paid.
- Spear Phishing. Is sending emails to targeted individuals that could contain an attachment with malicious software or a link that downloads malicious software.
- DDOS. Distributed denial of service attacks involves flooding servers or internet-connected devices with information to overwhelm them.
- Flaw. An unintended vulnerability. These can be the result of implementation and can go undetected for a prolonged period and are often difficult to remedy.
- Water holing. Typically a fake website or compromised legitimate website is used to exploit visiting users.
- Supply Subversion. Attacking equipment or software during manufacture or delivery.
- Bot Net. Networks of unwittingly hacked computer devices are used for all types of attacks like DDOS (Distributed Denial of Service).
- Scanning. Methodically attacking wide swathes of the internet at random.
- Vulnerability. The flaw, feature, or item is exploited to achieve the bad actor’s goal(s).
Cyber security tactics to get you started
To help navigate the growing cyber threat surface you need to understand the different ways that you can secure your business.
- Employee and User. A computer or system that has been carefully designed to minimise the vulnerabilities of cyber attacks. Unfortunately, these security efforts can be easily undone. Users are a significant source of vulnerabilities, they make mistakes like using easy-to-guess passwords, leaving their device unattended, and exploiteor be pressured into divulging information, installing software, or taking other bad actions.
- Endpoint Security. Protects entry points of end-user devices such as laptops, mobile phones, or desktops, from being breached and exploited by a bad actor.
- Password Management. A set of rules and processes that need to be followed to manage and store passwords securely and prevent a data breach.
- Dark Net Monitoring. The processes of checking and making sure that no personal or confidential information is accessible online or is sold on the dark web.
- Data Backup. A copy of your files and important information is stored in a secondary location in case of equipment failure or corruption.
- Firewall. A security system that monitors all incoming and outgoing network traffic and can filter it.
- Intrusion Prevention. Source and implement the right software for your business, to detect and protect against unwanted intrusions. Preventing possible cyber attacks.
- Proactive Threat Hunting. A fundamental cyber security practice. A Process of searching through your network detecting any suspicious activity and responding to cyber threats.
Did you find these cyber security terms helpful?
The keywords we listed above will ensure that you are in the know about the cyber dangers your business faces each day. Unfortunately, the list of cyber security threats is forever growing. But, being aware and having a clear understanding of cyber terminology is the first step in ensuring that you and your business are up to speed on security.
There is no one size fits all strategy in keeping your business safe. Each one is unique in the way it operates and functions. Without a bespoke solution, you run the risk of data theft, downtime, or even damage to your reputation, but we can remove that headache for you.
Our team of experts will provide you with tailored security solutions that will give you peace of mind. Consult with us today and find out how we can support your business with managed cyber security services that align with your distinctive business needs.