Cybersecurity can seem intimidating, especially when you’re not already familiar with security and IT. There are so many threats and a lot of terms you need to know in order to understand the countermeasures that can help keep your data safe from attackers. What is an attack surface, after all? And what’s a rootkit? Non-technical employees and decision-makers might find their eyes glazing over when cybersecurity terms start getting thrown around.
That said, it’s critical that even employees who don’t work directly with security understand cybersecurity and cybersecurity terms. Security is everyone’s job. According to Ponemon, the average cost of a data breach is $3.86 million. Your organization can also suffer reputational loss and damage to your brand as a result of a breach.
Security does not need to be so confusing. To help you and your non-technical team members better understand security, below is a list of 57 cybersecurity terms you should know in 2021.
Account hijacking – A form of identity theft. When a user’s account is stolen by a bad actor and used to perform malicious actions, that account has been hijacked.
Adware – Software that downloads on a device and automatically displays or downloads advertising when a user is offline.
Advanced Persistent Threats (APTs) – A network intrusion during which a cybercriminal remains quietly in a system, undetected, as they steal data.
Antivirus – Antivirus software refers to any computer program used to prevent, detect, and remove malware. You might think it’s meant to prevent viruses, but malware is more prevalent than viruses these days. Back when antivirus software was developed, however, viruses were a major threat, which is why it’s called “antivirus” and not always “anti-malware.”
Attack surface - Your attack surface is the sum of every possible point where an attacker can enter your work or systems. You can also think of it as the total number of all your cyber vulnerabilities. In cybersecurity, the goal is to make the attack surface as small as possible.
Attack vector – A specific method used by a cybercriminal to infiltrate a system.
Authenticator – Any method of proving who you are to a computer system or software. The most commonly used authenticator is a password, but it can also be a face scan, a fingerprint, or another method of proof.
Backdoor- A vulnerability that allows an unauthorized individual to access a protected part of your network, bypassing your cybersecurity measures. You may not realize you have backdoors.
Backup – A copy of data that allows a user to easily recover lost or locked files.
Blacklist – A list of email addresses known to send spam or other risky messages. A blacklist can help your organization filter out bad messages and phishing emails before employees even see them.
Bot – A program that automatically performs a simple repetitive task. Not all bots are bad, but some are used maliciously.
Brute force attack – An attack method that occurs when a bad actor uses software that runs through all possible combinations to crack a password.
Catfishing – A social engineering attack that occurs when a bad actor uses a social network to create an account with a fake identity to deceive a target.
Cracker – A person who attacks a specific computer system with the intent to do harm.
Cryptojacking – When a criminal uses a user’s computing power without authorization to mine cryptocurrency.
Closed source – Proprietary technology; its source code is hidden. You cannot distribute or modify its code without violating copyright law. Most commercial software is closed source.
Cloud – The cloud, or cloud computing, refers to the on-demand availability of computer system resources, like data storage or computing power, which happens off-site. The cloud allows users to access files from any place and on any device and is usually hosted by a vendor, such as Amazon or Google.
Credential harvesting - The act of virtually attacking an organization to illegally obtain employees' login information.
Critical infrastructure - Your critical cyberinfrastructure is the computing assets that are essential for your organization to function.
Data Loss Prevention (DLP) – Any security measures related to detecting and preventing data loss.
Data encryption – The act of encoding data so no that no one can read or access it without a decryption key.
Data protection – A set of practices and processes intended to protect private information from getting into the wrong hands.
DDoS (denial-of-service attack) – An attack method that overwhelms a site or server with malicious traffic, rendering it unusable.
DevSecOps — A combination of the words “development,” “security,” and “operations,” DevSecOps is an approach to software development that takes security into account from the beginning of the development process and to the end of a product’s life cycle.
Exploit – The act of taking advantage of a vulnerability in a network.
Extended enterprise - If your enterprise is your organization, the extended enterprise is the organization and all your third parties, such as vendors and suppliers, as well as customers. Anyone outside your organization who has access to your data and networks is a member of your extended enterprise.
Firewall – A network security control that keeps unauthorized traffic out of restricted areas of your network.
Group authenticator – An authentication method used to allow access to specific data or functions that may be shared by all members of a particular group.
Hacker - Anyone who breaks into a computer system using attacks or by exploiting vulnerabilities. Not all hackers are bad; some work for companies to test defenses and discover vulnerabilities. Others breach systems for malicious purposes.
Honeypot – A technique used to distract hackers by offering up a false target, such as a computer or data.
IP Address – An address identifying the connection between a computer and its network provider.
Identity check – A set of actions using one or more authenticators designed to verify a user’s identity.
Insider threat – A threat to the company’s data that originates inside the organization, such as an employee.
Keylogger – Software that monitors and captures a user’s keystrokes on a keyboard. This sort of software can be used maliciously to steal credentials and sensitive data.
Malware – Short for “malicious software,” that’s exactly what malware is: code designed to harm computers and systems. Malware comes in several destructive flavors: some steal information, some delete it, some spy, and some can destroy a system.
Open Source – Free technology with public source code, which can be shared and modified. Mozilla Firefox and WordPress, for example, are examples of open-source software.
Patch – A regular system update released by developers to fix bugs and other software vulnerabilities.
Password sniffing – A method of stealing usernames and passwords by using software to observe and record network traffic.
Phishing – A social engineering attack in which a bad actor impersonates a trustworthy entity in order to obtain information. Phishing often happens via email, but can also happen through other messaging services.
Personally identifiable information (PII) — PII or personal information is any data that can identify a specific individual, such as name, date of birth, social security number, or financial information. Criminals often seek to steal this sort of sensitive information.
Ransomware – Malware that encrypts data so the victim can’t access it. To obtain a decryption key, the victim must pay a ransom.
Ransomcloud – Ransomware designed to encrypt cloud emails and attachments.
ReCAPTCHA – A system used by Google, which uses a form of Turing test to establish if a user is a human or a robot.
Rootkit – A group of malware designed to gain access to a computer or network, and which usually masks its existence.
Security score — A security or rating rates an organization on their security controls and cybersecurity posture, taking into account risks and vulnerabilities. SecurityScorecard’s ratings, for example, use publicly available data to rate a company’s cybersecurity posture.
Segmentation - The process of separating a network into different protected segments, so that if a criminal gains access to one area of the network, they cannot access the entire network.
Shadow IT— Any IT systems, software, or devices being used in an organization without the authorization of the IT department.
Social engineering – An attack on the people of an organization rather than on the technology. Social engineering attacks are scams intended to trick people into giving out sensitive information.
Spyware – Malware inserted into a system to collect information about a product, an organization, or a person.
Third-party - An individual or organization that is not part of your enterprise but who provides vital services. Third parties include contractors, vendors, partners, and suppliers. Third parties often have access to some part of your cyberinfrastructure.
Threat - A malicious attack intended to cause harm to a computer, software, or network.
Trojan – Malicious code that looks like a legitimate file, program, or application.
Virtual Private Network (VPN) – Any technology that can encapsulate and transmit network data, typically Internet Protocol data, over another network. VPNs let users access network resources that might not be available on the public internet.
Virus – A program that can infect and harm a file, a system, or a network, often attached to a harmlessly looking file or app. Some viruses can replicate themselves.
Vulnerability: A vulnerability is a weakness in an information technology infrastructure that makes it susceptible to cyber attacks.
Worm – Self-replicating malware that spreads from an infected device through a network.
Get Blogs In Your Inbox
Receive weekly releases of new blogs from SecurityScorecard delivered right to your email.