Glossary: Cybersecurity Terms & Definitions

Antivirus Software:

A program that monitors a computer or network to detect malicious code and prevent additional malware incidents or breaches.

Black Hat Hacker:

A “bad” hacker who works with malicious intent to infiltrate a system to steal or destroy data.

Blue Team:

During a penetration test of a business’ security system, the blue team is responsible for establishing the security measures to keep the red team (the attackers) out.

CCPA:

The California Consumer Privacy Act is a law that details how a business can handle a person’s private information. This includes the person’s right to know which information is being collected and how it is being used, the right to delete personal information, the right to opt-out of the sale of information, and the right to non-discrimination for exercising these rights.

Cloud:

Storage and processing through the internet from remote computing facilities.

Compliance:

The ability to meet requirements set by laws, regulations, or industry standards like HIPAA or the CCPA.

Compliance Officer (CO):

A cybersecurity team member who has knowledge of specific industry regulations, how they apply to your business, and what your company needs to do to stay compliant with them.

Data Breach:

A data breach occurs when a cybercriminal infiltrates a business and steals information.

Endpoint:

Any individual device (phones, tablets, computers, etc.) that is connected to a business’ network.

Endpoint Protection:

Devices like computers, tablets, and phones are consistently connected to your network and can be easy access points for cybercriminals. Endpoint protection focuses on securing these individual devices.

Firewall:

A firewall filters out potentially malicious traffic from the internet before it can reach your system.

Identity and Access Management (IAM) [Synonym: Access Control]:

The power to grant or deny specific requests or attempts to obtain or access information or to physically enter a facility. This is done by developing secure passwords (and secure password storage) and managing who has access to what.

Insider Threat:

A cyber risk to businesses where the malicious actor is somebody—employees, ex-employees, third party partners, etc.—who uses their authorized access to wittingly or unwittingly cause harm.

Keyloggers:

This type of malware tracks keystrokes to gain information like passwords, login credentials, financial information, and more.

Lateral Movement:

After a bad actor infiltrates a business’ system, lateral movement refers to their ability to now move into different areas of the network.

Malware:

Software with malicious intent designed to compromise a system by performing an unauthorized function or process. Malware comes in many different forms, including ransomware, spyware, viruses, adware, and more.

MSSP:

A managed security services provider is a team of cybersecurity experts using the latest strategies and technologies to keep businesses safe from modern threats.

Multi-Factor Authentication (MFA):

This is a password security method which uses biometrics, third party applications, or additional devices, to give businesses an added layer of login security.

Network Monitoring:

A cybersecurity strategy where a business’ network is monitored by security teams to identify threats quickly.

Network Segmentation:

This strategy helps businesses stay secure by segmenting and isolating different parts of a business to reduce lateral movement in the event of an attack. Essentially, if someone infiltrates a system, they wouldn’t have access to everything, just what’s stored in that segment.

Phishing:

A form of digital scamming designed to deceive individuals into voluntarily providing sensitive information like Social Security numbers, credit card information, login credentials, and more. Phishing scams are an extremely common attack in which an attacker attempts to trick you into clicking a link sent in an email, text message, or online message that is disguised as coming from a trusted source (a bank, coworker, insurance provider, or family member, for example).

Ransomware:

This type of malware steals and encrypts a business’ data, keeping them from accessing it until specific terms—typically a monetary payment—are met.

Recovery:

Post-incident activities to restore essential services and operations.

Red Team:

During a test of a business’ cybersecurity system, a red team is made up of ethical hackers who use real techniques to try and identify vulnerabilities.

Security Operations Center (SOC):

The home of a cybersecurity team, a SOC contains all the people and technology an MSSP needs to keep businesses protected.

Spyware:

This type of malware gains access to a system and, rather than unleashing malicious code, it remains hidden, collecting data over time.

Threat Intelligence:

To understand how cybercriminals work, threat intelligence continuously gathers data to identify trends, motives, and attack behaviors to learn how to stop them.

Trojan Horse:

This type of malware is disguised as a legitimate program to gain access into a system.

Virtual Chief Information Security Officer (vCISO):

The main point of contact of your cybersecurity team, a vCISO will provide you with personalized expert advice and consultation to help make crucial cybersecurity decisions. vCISO's are always up to date on the latest trends in the industry and will lead a team of DOT experts in implementing your cybersecurity plan.

VPN:

Short for Virtual Private Network, a VPN is a method of connecting computers and devices to a private network, replacing a user’s IP address with the VPN’s IP address. This allows for anonymity while on the internet.

Web Application Firewall (WAF):

A type of firewall designed to protect businesses by filtering traffic between a web application and the internet.

Zero-Day Exploit:

A cyberattack deployed to exploit an unknown security flaw in a piece of software to gain access into a business’ network.