In the modern world, cybersecurity is a huge concern for businesses and individuals alike. This blog post will provide readers with definitions of some key terms that are used in the field of cybersecurity so they’ll be able to better understand how to protect themselves online. With these definitions, you’ll know what it means when someone mentions malware or spam messages and you can take steps to prevent becoming an unwitting victim.
Assets
Any items belonging to or held by the business, with some value (including information, in all forms and computer systems).
Attack
An attempt to gain unauthorized access to business or personal information, computer systems, or networks for (usually) criminal purposes. A successful attack may result in a security breach, or it may be generically classified as an “incident.”
Authentication
A security practice is implemented (usually through software controls) to confirm the identity of an individual before granting them access to business services, computers, or information.
Backup
The process of copying files to a secondary storage solution, so that those copies will be available if needed for a later restoration (e.g., following a computer crash).
Breach
A security breach is a gap in security that arises through negligence or deliberate attack. It may be counter to policy or the law, and it is often exploited to foster further harmful or criminal action.
Cyber
Relating to computers, software, communications systems, and services used to access and interact with the Internet.
Encryption
Converting information into a code that can only be read by authorized persons who have been provided with the necessary (and usually unique) “key” and special software so that they can reverse the process (e.g., decryption) and use the information.
Firewall
A firewall is a type of security barrier placed between network environments. It may be a dedicated device or a composite of several components and techniques. Only authorized traffic, as defined by the local security policy, is allowed to pass.
HTTPS
Hypertext Transfer Protocol Secure.
Identity Theft
Copying another person’s personal identification information (such as their name and Social Insurance Number) and then impersonating that person to perpetrate fraud or other criminal activity.
Malware
Malicious software created and distributed to cause harm. The most common instance of malware is a “virus.”
Patch
An update to or repair for any form of software that is applied without replacing the entire original program. Many pieces are provided by software developers to address identified security vulnerabilities.
OS
Operating System.
OTP
One-Time Password.
Password
A secret word or combination of characters is used for authentication of the person that holds it.
Phishing
A specific kind of spam targeting one or more particular people while pretending to be a legitimate message, with the intent of defrauding the recipient(s).
POS
Point of Sale.
Risk
Exposure to an adverse outcome if a threat is realized.
Safeguard
A security process, physical mechanism, or technical tool intended to counter specific threats. Sometimes also referred to as a control.
Server
A computer on a network that acts as a shared resource for other network-attached processors (storing and “serving” data and applications).
Spam
Email that has been sent without the permission or request of you or the employee it has been sent to.
Threat
Any potential event or action (deliberate or accidental) that represents a danger to the security of the business.
URL
Uniform Resource Locator.
Vulnerability
A weakness in software, hardware, physical security, or human practices that can be exploited to further a security attack.
VPN
Virtual Private Network.
Wi-Fi
A local area network (LAN) uses radio signals to transmit and receive data over distances of a few hundred feet.