In today's hyper-connected world, the phrase "cyber security" is ubiquitous. But for many, it remains a nebulous concept, a realm of cryptic jargon and complex technicalities. To navigate this digital fortress effectively, understanding the language is crucial. This glossary aims to equip you with the basic vocabulary essential for comprehending the ever-evolving landscape of cyber security.
- Weve built a platform to automate incident response and forensics in AWS, Azure and GCP you cangrab a demo here. You can also download free playbooks weve written on how to respond to security incidents in AWS, Azure and GCP.
Foundational Pillars:
Cyber security: The protection of information systems, hardware, software, data, and services from unauthorized access, use, disclosure, disruption, modification, or destruction. (UK Cyber Security Council)
Vulnerability: A weakness in a system that could be exploited by attackers to gain unauthorized access or cause harm. (NCSC)
Threat: A potential event or actor that could exploit a vulnerability and cause harm. (SANS Institute)
Risk: The likelihood of a threat exploiting a vulnerability and causing harm, combined with the impact of that harm. (CISA)
Defense Mechanisms:
Firewall: A system that monitors and controls incoming and outgoing network traffic, based on predetermined security rules. (UK Cyber Security Council)
Antivirus/Anti-malware: Software that detects and removes malicious programs (malware) like viruses, worms, and trojans. (NCSC)
Encryption: The process of transforming data into a format that is only readable with a specific key, protecting confidentiality. (SANS Institute)
Authentication: The process of verifying a user's identity before granting access to a system or resource. (CISA)
Common Threats:
Phishing: A deceptive attempt to steal personal information or credentials, often through emails or links that appear legitimate. (UK Cyber Security Council)
Ransomware: Malicious software that encrypts a victim's data and demands payment for decryption. (NCSC)
Zero-day attack: An exploit for a previously unknown vulnerability, making it difficult to defend against. (SANS Institute)
Denial-of-service (DoS) attack: An attempt to overwhelm a system with traffic, making it unavailable to legitimate users. (CISA)
Additional Terms:
Incident: A security event that may or may not indicate a compromise. (UK Cyber Security Council)
Incident response: The process of identifying, containing, and remediating security incidents. (NCSC)
Penetration testing: Simulating cyberattacks to identify vulnerabilities and improve security posture. (SANS Institute)
Cyber hygiene: Practicing good security habits like strong passwords, regular updates, and secure backups. (CISA)
This glossary provides a starting point for your journey into the dynamic world of cyber security. Remember, staying informed and vigilant is key to defending yourself and your digital assets in the ever-evolving cyber landscape. By understanding the terminology and implementing best practices, we can collectively build a more secure and resilient digital future.