Share
Author
In this article
Cyber security is a growing field, and its relevance to businesses, individuals and society as a whole is increasing fast. And the technical vocabulary and concepts involved are expanding too.
If you want to navigate this complex landscape, whether you’re a business owner, IT professional or just a regular internet user you need to understand the terminology, acronyms and jargon that fill the cyber security space.
This blog is your go-to guide, outlining and defining the basic cyber security terms everyone with an interest or stake in the field should know.
Why Cyber Security Terminology Matters
Understanding cyber security terminology is important no matter what your role or profession. For industry experts it’s about being able to communicate and implement cyber security effectively.
But this isn’t just for the pros. As our lives get more digitised, a basic understanding of cyber security can be super useful for everyone. As we surf the web, we need to be aware of the threats and how we can protect ourselves from them.
Remember cyber threats don’t stand still, they evolve and get more sophisticated over time. Keeping up with the latest terminology and trends in cyber security is a necessity not a luxury.
Think of it like keeping up with current affairs – it’s about being aware, informed and safe in our digital world. Whether you’re a tech expert or a casual internet user, understanding the basics of cyber security is essential.
Let’s get started and break down some of these key cyber security terms.
Core Areas Of Cyber Security
In this section we’ll explore these core areas of cyber security, defining and explaining what they mean in our digital world.
Network Security
Network security means the practices and policies to monitor, prevent and mitigate unauthorized access to computer networks. It’s a fundamental part of cyber security, to protect the integrity, confidentiality and availability of data within a network infrastructure.
Information Security
Information security, also known as infosec, means the processes and methodologies to protect electronic data. The focus is on the confidentiality, integrity and availability (CIA triad) of data.
Application Security
Application security means making apps more secure by identifying, correcting and prevention measures against security vulnerabilities. This includes proactive steps to ensure the robustness of an application against threats through various methods such as regular updates, patches and protective measures to safeguard against potential vulnerabilities.
Endpoint Security
Endpoint security means a strategy where network security is approached from the viewpoint of devices that may offer access to a network rather than protecting the network itself.
Data Security
Data security means protecting electronic information from data breaches or corruption and from unauthorized access.
Identity and Access Management (IAM)
Identity and Access Management (IAM) is a structured IT system used by enterprises to manage and streamline digital identities to ensure secure and efficient user access control.
Cloud Security
Cloud security means the strategies and technology to protect data and infrastructure in cloud environments.
Disaster Recovery / Business Continuity Plan
Disaster recovery and business continuity planning are the processes through which organisations plan for and recover from cyber-attacks.
Cyber Awareness Training
Cyber Awareness Training means educating employees about cyber threats, cyber vulnerabilities in their roles and teaching them how to mitigate these risks.
IoT Security
IoT security is the technology area that deals with connected devices and networks in the internet of things (IoT).
Cryptography
In cyber security, cryptography is used to protect data from theft or alteration and to verify the identity of users. It protects all types of data, whether in transit over networks or at rest in databases.
Techniques like symmetric or asymmetric encryption, digital signatures and hashing are part of cryptography’s toolkit.
Basic Cyber Security Terms
These terms are the foundation to the key areas, methods, threats and defences in cyber security. They describe the general types of attacks, basic defence mechanisms, common practices and essential components of a secure system.
Understanding these basic terms is the first step to becoming cyber-literate and being able to navigate and protect yourself in the digital world.
Antivirus software
Software that detects, kills or removes malware, viruses, trojans and worms.
Authentication
Verifying the identity of a user, device or system.
Back door
A secret or hidden entry point in a computer system. Allows individuals to bypass security or protocols, access data or control of the system, often undetected.
Black hat
A black hat is someone who hacks for personal or financial gain.
Cloud computing
Cloud computing offers storage, databases, servers, software and networking over the internet. High-end computing for everyone at an affordable price.
Cloud security
Controls, policies and technologies to protect data, infrastructure and applications in the cloud.
Hacked computers
A hacked computer is a device that has malware and can be controlled remotely by a cybercriminal.
Network
A set of connected devices that can talk to each other and share resources.
Cyber attack
A deliberate and malicious attempt by individuals or organisations to breach the information system of another entity, often resulting in unauthorised access, data loss or system damage.
Cyber crooks
Individuals or groups that use technology to commit illegal activities, steal sensitive data, disrupt digital life or manipulate systems for financial gain.
Cyber spying
Digital methods to access, steal or destroy an entity’s sensitive data or intellectual property. State-sponsored threat actors, organised crime groups or corporate spies use cyber spying to gain a competitive, political or military advantage, often involving sophisticated methods to breach cyber security without detection.
Cyber robustness
The ability of a system or organisation to continue to deliver core operations and intended results despite cyber events or security incidents.
Cyber war
Using computers and networks for war. Cyber-attacks, spying and sabotage of national security, critical infrastructure or other strategic assets.
Data breach
An incident where unauthorised individuals steal or access information from a system, often resulting in exposure of confidential data, identity theft or financial loss.
Data integrity
The accuracy and consistency of data in databases or other storage systems. Essential for reliable analysis, decision making and trust in digital systems.
Digital signature
A mathematical way to verify the authenticity of digital messages or documents, so the recipient knows who sent it and the content is intact.
Encryption
Converting data into an unreadable format to protect it from unauthorised access. Only those with the right decryption key can convert it back to its original readable format.
Enterprise systems
Big software packages that manage complex business processes across departments. They increase efficiency, data flow and informed decision making within an organisation.
Firewall
A network security system that monitors and controls network traffic based on rules. It’s a barrier between trusted and untrusted networks, preventing unauthorised access and threats.
Grey hat
A Grey Hat is a cyber security enthusiast who finds and exploits system vulnerabilities, often without official permission but without malicious intent, unlike black hat hackers.
Honeypot
A honeypot is a decoy system used in cyber security to attract, detect or study attempted unauthorized access, to understand attack methods and develop defences.
HTTPS (Hyper Text Transfer Protocol Secure)
HTTPS is the secure version of HTTP, where communications are encrypted by SSL or Transport Layer Security. Used for secure communication over the internet.
Identity theft
Impersonating someone else, often for financial gain or to avoid legal consequences, using someone else’s personal information.
Internet of Things (IoT)
Billions of devices, from fridges to cars, connected to the internet, sharing data and automating tasks to make life easier.
IP address
A unique identifier for devices in a network so data can be sent to the right place, like a mailing address.
Keylogger
A tool that records every keystroke on a computer keyboard. Cybercriminals use it to capture passwords, credit card numbers and other sensitive info.
Malicious code
Harmful computer code or script that creates system vulnerabilities, allowing unauthorized access, breaches, data theft or file damage.
Malware
Malicious software. Programs or files that harm users. Viruses, ransomware, spyware and more that threaten data and system performance.
Multi-factor authentication
Requires multiple verification steps from different categories to validate a user’s identity, making it harder for unauthorized access.
Network traffic
The amount of data moving across a network at any given time. Network traffic is a key indicator of network performance.
Operating system
The software that manages hardware, software resources and offers services to applications, the interface between the user and the computer hardware.
Password
A string of characters that authenticates a user or grants access to a resource. The first line of defence against unauthorized access.
Penetration test
A simulated cyber-attack to test a system. Finds vulnerabilities that could be exploited in a real attack.
Phishing
An online scam where a legitimate company’s email tricks recipients into revealing sensitive info like login credentials or credit card numbers. Phishing awareness training is key.
Private network
A network using private IP address space (RFC 1918 IPv4 and RFC 4193 IPv6). Not directly accessible from the internet, an extra layer of security.
Quarantine
In cyber security, quarantine means isolating a file suspected of being infected with a virus to prevent it from spreading to other files and systems.
Ransomware
Malware that restricts access to a system and demands a ransom to restore access. Can encrypt user files, locking them until the victim pays the cybercriminal.
Remote end user support
Methods and practices of cyber security professionals to help users fix issues with their devices or applications remotely, usually with RDP.
Remote hosted server
A server hosted and maintained by a third party, usually in a data centre, that can be accessed remotely.
Risk analysis
Identifying potential cyber security issues that could impact business initiatives or projects negatively. Helps organisations anticipate and mitigate risks.
Security awareness training
Educational approach to cyber security focused on building employee awareness to organisational information and practical cyber behaviour to avoid compromising data.
Security policy
A document that outlines the rules, laws and practices for accessing a computer network within an organisation, guidelines for user behaviour to maintain security.
Security threat
A potential danger that can harm or compromise the data and integrity of a whole system or network.
Sensitive data
Information that needs to be protected from unauthorized access. Could be personal information like social security numbers or business information like trade secrets.
Social engineering
Non-technical, manipulative tactics cybercriminals use to trick people into revealing confidential information, like passwords. Often associated with identity theft and phishing attacks.
Software Patch
A piece of code to fix vulnerabilities, bugs or performance issues in existing software. Essential from a cyber security perspective to address existing vulnerabilities.
Spyware
Malware installed on your computer without your knowledge to collect information about you and your internet activities.
Two-Factor Authentication (2FA)
2FA is a security process that requires users to provide two different forms of identification to verify themselves, adding an extra layer of security to user verification.
Unauthorised users
Users who do not have permission to access certain data or information systems.
Virtual Private Network (VPN)
Two-step authentication. Requires users to provide two different authentication factors to verify themselves. Adds an extra layer of security and makes it harder for potential intruders to gain access.
Vulnerability
In cyber security, a vulnerability is a system weakness that can be exploited by a threat actor to do something unauthorized or access the system.
Web server
Server software or hardware that serves content to the World Wide Web, handles web page requests from users and delivers the response.
White hat
A White Hat hacker, also known as an ethical hacker, is a cyber security expert who uses their skills to find and fix system vulnerabilities, thus improving security. They have permission from system owners, unlike black or grey hat hackers.
Worm
A type of malware that copies itself from computer to computer. It can replicate itself without human interaction and doesn’t need to attach itself to a software program to cause damage.
Wi-Fi
Wireless networking protocol that allows devices to communicate without direct cable connection. It’s important to secure Wi-Fi networks to prevent unauthorized access, eavesdropping or malicious actions from cyber attackers. Encryption standards like WPA2 or WPA3 are used to secure Wi-Fi.
Advanced Cyber Security Terms
These terms are usually understood with higher level of study or professional experience in cyber security. They are used by IT professionals, cyber security specialists and other experts in the field to describe complex situations, sophisticated attacks or high-level security strategies.
But since we live in a digital world and cyber threats are getting more sophisticated, it’s becoming more important for anyone who uses digital services to understand these advanced concepts.
Advanced Persistent Threat (APT)
An Advanced Persistent Threat is a stealthy threat actor that gains unauthorized access to a network and remains undetected for a long time.
Blockchain
Blockchain is a decentralized and distributed digital ledger that records transactions across multiple devices. Its design resists data modification, making it secure against tampering and fraud. This inherent encryption and verification of all transaction blocks makes blockchain systems more secure.
Botnet
A botnet is a network of private computers, often infected with malware without the owners’ knowledge, controlled as a group by cybercriminals. These connected devices, or ‘bots’, can be used en masse to perform large scale cyber-attacks, like DDoS attacks, spam campaigns or cryptocurrency mining.
Brute force attack
This type of cyber-attack uses trial and error methods to crack encrypted data like passwords or Data Encryption Standard keys, by brute force rather than using specific technical methods.
Hash
A hash is a cyber security function that takes input data (like a password) and turns it into a fixed size string of characters. It’s unique and one way, so data integrity and authenticity is ensured by creating a different output for every unique input.
Key
A key is a piece of information used in encryption and decryption to secure communication in systems. It determines the output of the encryption algorithm, so data in transit is more secure.
Cryptography
Cryptography is the process of making information unreadable. Only those with the secret key can decipher (or decrypt) the message into plain text.
XSS
Cross-site scripting (XSS) is a web application vulnerability that allows attackers to inject client-side scripts into web pages viewed by other users.
Darknet
The darknet is the part of the internet that’s not indexed by search engines and can only be accessed by using specific software, configurations or have authorization.
DDoS
A DDoS attack is when multiple compromised computers flood a target system with traffic, making it unavailable to its users.
E2EE
End-to-End Encryption is when only the communicating users can read the messages.
Endpoint AV
Endpoint AV is software that detects and prevents malware from infecting endpoint devices.
Fuzzing
Fuzzing is a testing technique that involves feeding large amounts of random data, “fuzz,” into a system to find security holes and vulnerabilities. It helps identify potential exploits in a system.
IRP
Incident response policy is the plan of action when a security breach or cyber-attack is detected or reported.
IDS
Intrusion Detection System is a cyber security tool that alerts when potential malicious activity or policy breaches are detected in the network. It’s a watchdog that monitors network traffic and behaviour patterns to detect threats early.
IP Spoofing
IP address spoofing is a technique used to gain unauthorized access to computers, where an attacker sends messages to a computer with an IP address indicating that the message is coming from a trusted host.
MITM
Man-in-the-Middle attack is when an attacker intercepts, relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
Non repudiation
Non-repudiation in cyber security means a method to ensure that a party involved in a communication cannot deny the authenticity of their signature on a document or the sending of a message. It verifies data integrity and authenticity.
PKI
Public Key Infrastructure is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption that secures data transfer in a network.
Rootkit
A rootkit is a collection of software, usually malicious software, that allows access to a computer or part of its software that is not allowed.
Secure coding
Writing software in a way that prevents security vulnerabilities. Following coding standards and guidelines to make the system safer, reduce vulnerabilities and mitigate threats.
SSL
Secure Sockets Layer is a security technology to establish an encrypted link between a web server and a browser. All data passed between the web server and browser is private.
Security architecture
Security architecture is the design, implementation and testing of a system or network’s security. It’s a strategic framework for defences to ensure data and resource integrity, confidentiality and availability.
Session hijacking
Session hijacking or cookie hijacking is exploiting a valid session to gain unauthorized access to information or services in a system.
SIEM
Security Information and Event Management is a set of tools and services that gives a holistic view of an organisation’s security. SIEM tools analyse security alerts from applications and network hardware in real-time.
Spear phishing
Spear phishing is an email targeted at a specific person or department in an organisation that appears to be from a trusted source. It’s actually cybercriminals trying to steal confidential or personal information.
Threat hunting
Proactive security process of searching and identifying threats that evade existing security solutions. Allows an organisation to mitigate threats before they can cause harm.
Trojan horse
A Trojan horse or Trojan is any malicious program that misleads users of its true intent.Virtualisation
Virtualisation in security means creating virtual versions of physical systems to isolate cyber environments. This makes security by containing threats within the virtual system and preventing them from spreading to the network.
Zero-day vulnerability
A vulnerability exploited by cybercriminals before it’s discovered and patched, allowing unauthorized access, data breaches or other cyber damage. Since it’s exploited on the ‘zeroth’ day of its awareness, it’s called a Zero-Day Vulnerability.
Cyber Security Roles and Job Titles
These roles range from strategic and managerial to hands-on technical, all contributing to the strength and resilience of cyber security infrastructures. In this section we will look at some of the key roles in cyber security, what they do, what they do and why they are important for IT infrastructure.
Cyber Security Analyst
A Cyber Security Analyst plans and implements security measures to protect systems, networks and data. They prevent data loss and service disruption.
Cyber Security Consultant
A Cyber Security Consultant helps businesses by reviewing, analysing and improving the security they have in place. They may also train employees to prevent future breaches.
Cyber Security Engineer
A Cyber Security Engineer develops, tests and implements secure network solutions to defend against advanced threats.
Cyber Security Manager
A Cyber Security Manager oversees and coordinates all activities related to an organisation’s cyber security program.
Chief Information Security Officer (CISO):
As a high-level IT executive, the CISO develops and implements the information security strategy, often working alongside or subordinate to the VCIO. This involves creating protocols and policies to protect enterprise systems, communications and assets from internal and external threats.
Forensic Computer Analyst
A Forensic Computer Analyst reviews computer-based information for legal evidence. They may be involved in investigations such as intellectual property, identity theft, industrial espionage and fraud.
Information Security Analyst
Plans and implements security actions to protect an organisation’s digital networks and systems. They play a critical role in protecting business information from cyber threats.
Information Security Manager
Oversees the security operations of an organisation and manages IT security professionals. They ensure the maintenance of a robust and efficient security framework.
IT Security Consultant
An IT Security Consultant is a professional who provides advice and guidance to help businesses protect their information assets, computer systems and networks.
Network Security Engineer
A Network Security Engineer is a key member of any large (and many mid-sized) business’ team who designs, implements, maintains, troubleshoots and upgrades computer and network security.
Penetration Tester
Also known as Ethical Hackers, Penetration Testers find and exploit security weaknesses in web applications, networks and systems. They test an organisation’s digital defences.
Security Architect
Designs and implements an organisation’s network and computer security. They build security systems and protocols to stop cyber threats.
Security Operations Center (SOC) Analyst
Working as part of a team, a SOC Analyst detects, investigates and responds to incidents
Vulnerability Assessor
This person assesses to identify, quantify and prioritise vulnerabilities in a system. They help to harden the system.
Security Software Developer
This role involves developing security software and integrating security into applications during design and development. They build secure software systems.
Incident Responder – Response Team Member
An Incident Responder is a person who handles the situation when a security or data breach occurs, minimises damage and recovery time.
Security Auditor
A Security Auditor is a person who performs a detailed inspection and analysis of an organisation’s IT infrastructure to ensure compliance to security standards and regulations.
Security Systems Administrator
A Security Systems Administrator is a person who manages an organisation’s IT systems and networks, implements security and fixes technical issues.
Ethical Hacker
Also known as white hat hacker, an Ethical Hacker uses their cybersecurity skills to find and fix security vulnerabilities. They are part of an organisation’s defence team.
Cryptographer
A Cryptographer is a specialist in cryptography; they develop and implement decryption techniques to get encrypted data back to its original form readable by authorised users. They spend most of their time testing systems for vulnerabilities and creating secure ways to fix the weaknesses they find.
The Last Byte: Understanding Cyber Security Terms & Concepts Matters
Understanding cyber security terminology is important whether you’re a professional in the field, a business owner or an individual user. Familiarity with these terms allows you to navigate the digital world and modern business better and recognise cyber security threats when you will surely encounter them.
The many roles and job titles in cyber security speaks to how complex and diverse this field is. From Cryptographers who create algorithms to protect sensitive information to Ethical Hackers who proactively find vulnerabilities in systems, professionals like the TechBrain cyber security team work hard to keep our data and digital assets safe.
Remember this is just a starting point. Each of these terms and roles opens up a whole world of understanding and we encourage you to dig deeper into those that interest you. Cyber security is a big and dynamic field and there’s always more to learn.
Stay curious, keep learning and remember – a more secure digital world starts with you!
