2FA / Two Factor Authentication
2FA or MFA (Multi Factor Authentication) is a system for using information to access a resource – usually based on something you know (a PIN or password), something you have (a phone or device) and something you are (biometrics, such as Face ID or a fingerprint).
APT / Advanced Persistent Threat
Advanced Persistent Threat is a sustained attack on a network that often remains undetected, and often uses advanced techniques.
Bots / Botnet
A managed group of applications or devices (from endpoints to IoT devices) that have been compromised and controlled, and is deployed for malicious purposes (such as a DDoS attack).
Breach
Unauthorised access to a system, network or application.
BYOD / Bring Your Own Device
A policy whereby employees access company resources or applications using their own personal devices which are not managed, secured or owned by their employer.
CISO / Chief Information Security Officer
This is the most common title for a senior executive in an organisation who is responsible for the cybersecurity strategy, and protecting the network, assets and users from a cyber-attack.
Credentials
Key personal information used to validate identity to access resources (often used with MFA).
Data at rest
Information that’s held in storage (such as hard disks or archives) and not continually accessed (such as a web application).
DDoS / Distributed Denial of Service
A widespread attack, often using a large number of bots or compromised devices, to attack a target (such as a network or website) to take it down or prevent it working correctly or being accessed.
Encryption
A method used to secure data, using maths, to make it inaccessible unless you have the secret key to access it.
Firewall
A gateway device, usually in front of a network, that controls the data and traffic going in and out of the network to prevent unauthorised use.
Hacker
Someone who accesses a resource (from a network to an application to a device) without permission - this can be unauthorised from someone attempting to steal data or cause damage, or legitimate (such as testing defences or identifying security flaws).
Honeypot
A decoy used by a security defence team to lure an attacker, to either identify them, study their activities or deflect attention from a bigger target.
IoT / Internet of Things
Any internet enabled/connected smart device, from CCTV to smart speakers to automated warehouses.
Malware
Malicious software that resides on a device or network, and includes different variations such as worms, viruses, adware, etc.
Patching
Patching is a core of cybersecurity, applying the latest updates from ISVs/vendors to application, devices and Operating Systems to resolve and fix known vulnerabilities
Penetration Testing
Pen Testing is an activity, usually by external teams, to test cyber defences as part of a regular audit.
Phishing
Fake/malicious emails (often sent out using social engineering) that attracts users to click a link or respond to requests, to drive them to provide confidential information or visit a compromised website.
Ransomware
Ransomware, or most commonly crypto-ransomware, is where data or a system is encrypted and only made accessible by a secure key, to deny access until a specified ransom is paid.
Red/Blue Teams
Red and Blue Teams are internal teams, running simulated exercises to test defences by role-playing as attackers (red) against a defending team (blue).
SOC / Security Operations Centre
Typically something only run in-house at larger companies, a SOC is a resource of cybersecurity specialists (including analysts) who use multiple data sources and threat intelligence to co-ordinate and manage cyber strategy and defences.
Social engineering
A technique of manipulating people to enable access to their data or devices, using non-technical tactics (such as competitions on websites, to in-person persuasion, fake identities on social media, etc.)
Spear Phishing
A more advanced and targeted phishing attack (also known as whaling), such as an attack on senior executives or government officials.
SQL Injection
An attack on a web application by inserting malicious code into entry fields, and so gaining access to the data.
Trojans
One of the most common types of malware, a Trojan (named after Greek mythology) is disguised as legitimate software, waiting to attack or deploy.
VPN / Virtual Private Network
Secure software that’s used to connect devices to a corporate network when working remotely.
XSS / Cross Site Scripting
This is a tactic used by bad actors to inject a script or code in a webpage, to compromise it and then target website visitors
Zero Day
A brand new vulnerability that hasn’t been discovered or patched by the software vendor, and can be exploited by new malware.
