Most of us have heard about viruses, hacking, the dark web, identity theft and phishing. But the lesser used cybersecurity terms form an entirely new language, that's completely foreign for most browsers.
Here's a glossary of some general terms used in the online security industry, to enable clear communication and a common understanding of cybersecurity definitions.
Access
The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions
Access Control
The process of granting or denying specific requests for or attempts to obtain and use information and related information processing services
Active Attack
An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources, its data, or its operations
Air Gap
To physically separate or isolate a system from other systems or networks
Alert
A notification that a specific attack has been detected or directed at an organisation’s information systems
Allowlist
A list of entities that are considered trustworthy and are granted access or privileges
Antispyware Software
A program that specialises in detecting and blocking or removing forms of spyware
Antivirus Software
A program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents – sometimes by removing or neutralising the malicious code
Attack
The intentional act of attempting to bypass one or more security services or controls of an information system, to gain unauthorised access to system services, resources, or information, or an attempt to compromise system integrity
Authentication
The process of verifying the identity, source and integrity of an entity (user, process, device or data)
Authorisation
A process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resource
Backup
Creating a duplicate copy of data onto a separate physical storage device or online / cloud storage solution, as an insurance against digital loss
Blacklist / Blocklist
A security mechanism prohibiting the execution of those programs on a known malicious or undesired list of software, resulting in a list of specific files known to be malicious or otherwise are unwanted (called the blacklist or blocklist)
Bot
A computer connected to the internet that has been surreptitiously / secretly compromised with malicious logic to perform activities under remote the command and control of a remote administrator (also a member of a larger collection of compromised computers known as a botnet)
Browser Hijacking
The process of changing the default homepage or search engine in a web browser by a malicious program without permission
Bug
An unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device
Cipher
Cryptographic algorithm
Ciphertext
Data or information in its encrypted form
Cloud Computing
A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction
Computer Network Defence
The actions taken to defend against unauthorised activity within computer networks
Cookie
A small text file which is placed on the device when visiting a website, allowing the site to track visitor details and store preferences – designed to be helpful and increase the website speed (also useful for advertisers who can match the ads to browser interest)
Cyberbullying
Cyberbullying is the use of electronic means, primarily messaging and social media platforms, to bully and harass a victim
Cyber Ecosystem
The interconnected information infrastructure of interactions among persons, processes, data, and information and communications technologies, along with the environment and conditions that influence those interactions
Cybersecurity
The activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and / or defended against damage, unauthorised use or modification, or exploitation
Cyberthreat Intelligence
The collecting, processing, organising, and analysing data into actionable information that relates to capabilities, opportunities, actions, and intent of adversaries in the cyber domain to meet a specific requirement determined by and informing decision-makers
Dark Web
The dark web is encrypted parts of the internet that are not indexed by search engines, most notoriously used by all types of criminals, including paedophiles, illicit human and contraband traffickers, and cybercriminals, to communicate and share information without being detected or identified by law enforcement
Data Breach
The unauthorised movement or disclosure of sensitive information to a party, usually outside the organisation, that is not authorised to have or see the information
Data Loss
The result of unintentionally or accidentally deleting data, forgetting where it is stored, or exposure to an unauthorised party
Data Mining
The process or techniques used to analyse large sets of existing information to discover previously unrevealed patterns or correlations
Deep Web
Similar concept to the dark web, but not hidden – web content not indexed by traditional search engines, and preferred by certain groups for its increased privacy levels
Digital Certificate
A means by which to prove identity or provide authentication commonly by means of a trusted third-party entity known as a certificate authority – the public key of a subject signed by the private key of a certificate authority with clarifying text information such as issuer, subject identity, date of creation, date of expiration, algorithms, serial number and thumbprint
Event / Incident
An observable occurrence in an information system or network – sometimes provides indication that an incident is occurring or at least raise the suspicion that an incident may be occurring
Firewall
A hardware / software device or a software program that limits network traffic according to a set of rules of what access is and is not allowed or authorised
Hacker
An unauthorised user who attempts to or gains access to an information system
Identity Fraud
A form of identity theft in which a transaction, typically financial, is performed using the stolen identity of another individual – due to the attacker impersonating someone else
Internet Service Provider (ISP)
The organisation that provides connectivity to the internet for individuals or companies – sometimes offering additional services above that of just connectivity, such as e-mail, web hosting and domain registration
Local Area Network (LAN)
An interconnection of devices (network) that is contained within a limited geographic area (typically a single building) – typically for which all of the network cables or interconnection media is owned and controlled by the organisation, unlike a Wide Area Network (WAN) where the interconnection media is owned by a third party
Malware / Malicious Code
Program code (software, firmware, and scripts) intended to perform an unauthorised function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system
Parental Controls
Parental Controls are features which may be included in digital television services, computer and video games, mobile devices and software that allow parents to restrict the access of content to their children
Passive Attack
An actual assault perpetrated by an intentional threat source that attempts to learn or make use of information from a system, but does not attempt to alter the system, its resources, its data, or its operations
Password
A string of characters (letters, numbers, and other symbols) used to authenticate an identity or to verify access authorisation
Patch
An update or change or an operating system or application – often used to repair flaws or bugs in deployed code, as well as introduce new features and capabilities
Penetration Testing
An evaluation methodology whereby assessors search for vulnerabilities and attempt to circumvent the security features of a network and / or information system
Phishing
Digitally deceiving individuals into providing sensitive information
Privacy
The assurance that the confidentiality of, and access to, certain information about an entity is protected
Ransomware
Malicious programs designed to extort money from victims by blocking access to the computer or encrypting stored data – offering to restore the system / data in return for payment
Recovery / Restitution
The activities after a breach event, to restore essential services and operations in the short and medium term and fully restore all capabilities in the longer term
Risk
The potential for an unwanted or adverse outcome resulting from an incident, event, or occurrence, as determined by the likelihood that a particular threat will exploit a particular vulnerability, with the associated consequences
Risk Analysis / Assessment
The appraisal of the risks facing an entity, asset, system, or network, organisational operations, or individuals, which collects information and assigns values to risks for the purpose of informing priorities, developing or comparing courses of action, and informing decision making and includes determining the extent to which adverse circumstances or events could result in harmful consequences
Risk Management
The process of identifying, analysing, assessing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken – incudes conducting a risk assessment, implementing strategies to mitigate risks, continuous monitoring of risk over time, and documenting the overall risk management program
Scareware
Scareware is malware that uses scare tactics, often in the form of pop-ups that falsely warn users they have been infected with a virus, to trick users into visiting malware containing websites
Security Policy
A rule or set of rules that govern the acceptable use of an organisation's information and services to a level of acceptable risk and the means for protecting the organisation's information assets
Software Assurance
The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software functions in the intended manner
Spam
The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages
Spoofing
Faking the sending address of a transmission to gain illegal (unauthorised) entry into a secure system – including the deliberate inducement of a user or resource to take incorrect action (impersonating, masquerading, piggybacking, and mimicking are forms of spoofing)
Spyware
Software that is secretly or surreptitiously installed into an information system without the knowledge of the system user or owner
System Integrity
The attribute of an information system when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorised manipulation of the system
Threat
A circumstance or event that has or indicates the potential to exploit vulnerabilities and to adversely impact (create adverse consequences for) organisational operations, organisational assets (including information and information systems), individuals, or other organisations
Threat Analysis
The detailed evaluation of the characteristics of individual threats – identifying and assessing the capabilities and activities of cyber criminals, produces findings to help initialise or support counterintelligence investigations or activities
Trojan Horse
A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorisations of a system entity that invokes the program
Two-Factor Authentication
The means of proving identity using two authentication factors – passwords and PINS (type 1), smart cards and OTPs (type 2), or fingerprints and retina scans (type 3)
Unauthorised Access
Any access that violates the system / device owner’s security policy
Virus
A computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer
Virtual Private Network (VPN)
A communication link between systems or networks that is typically encrypted in order to provide a secured, private, isolate pathway of communications
Vulnerability
A characteristic or specific weakness that renders an organisation or asset (such as information or an information system) open to exploitation by a given threat or susceptible to a given hazard
Whitehat / Blackhat
Terms to differentiate between "good and bad hackers" in the world of cybercrime – blackhats being hackers with criminal intentions and whitehats being hackers who use their skills and talents for good and work to keep data safe from other hackers by finding system vulnerabilities that can be fixed
Wi-Fi
A means to support network communication using radio waves rather than cables
Worm
A self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself
Zombie
A term related to the malicious concept of a botnet – used to refer to the system that is host to the malware agent of the botnet or to the malware agent itself