Important Cyber Security Terms
Cyber security is a rapidly evolving field, and it may seem difficult to find a good place to jump in and learn more about it. It’s important to be familiar with new technologies and attacks even if you are not considering a career in cyber security because they affect everyone. Here, we will try to help you understand some essential cyber security terms that will serve as a solid foothold for you if you decide to dive deeper into the cyber world.
- Data Encryption – Transforming data into an incomprehensible code that can only be reverted into readable data with a secret key or password.
- Virtual Private Network (VPN) – An encrypted tunnel to securely transmit your data across the internet.
- Cloud Computing – Simply put “The Cloud” is a company providing all the physical resources for computing power and storage versus an individual having to build all the infrastructure at their home or office.
- Two-Factor Authentication (2FA) – Protects your accounts by requiring users to provide two forms of verification to verify their identity.
- Personally Identifiable Information (PII) – Information that can be used by a third party to identify a person.
- Risk – Refers to the potential for lost, damaged, or destroyed assets.
- Threat – A malicious attack that attempts to gain unauthorized access to data, damage computer systems, or disrupt digital operations.
- Vulnerability – A weakness in a computer system that can be exploited by attackers to circumvent security measures.
- Exploit – Software, data, or commands that intentionally take advantage of a vulnerability in order to gain unauthorized access to data, damage computer systems, or disrupt digital operations.
- Malware – Malicious software or code designed to harm computer systems. The goal of malware is usually to damage, disable, hijack, or steal data from computer systems.
- Ransomware – A type of malware that prevents or blocks you from accessing your computer data or system, usually through encryption or a lock screen.
- Virus – A type of malware that hides inside of legitimate programs or documents seeking to replicate itself throughout the computer system or network once it’s executed.
- Social Engineering – Attacks centered around manipulating people into revealing private information or performing an action that would compromise themselves or computer systems.
- Phishing – A social engineering tactic where the attacker sends fraudulent emails, phone calls, or text messages to a potential victim while posing as a legitimate entity. The purpose is usually to manipulate the user into revealing private information to the attacker, such as passwords, PII, or credit card information.
- Vishing – A phishing attack where specifically voice messages and phone calls are used as a fraudulent practice to get an individual to reveal personal information.
- Mishing – A phishing attack where specifically text messages are used as a fraudulent practice to get an individual to reveal personal information. A common tactic used is pretending to be someone from a bank.
- Spear Phishing – This is the same as phishing except that it is a targeted campaign to gain access to a specific individual’s accounts or information.
- CIA Triad – The three letters in the CIA triad stand for Confidentiality, Integrity, and Availability. The CIA triad is a model used in the development of security policies in information security.
- Confidentiality – Is achieved by protecting people’s sensitive or private information from unauthorized access.
- Integrity – Data integrity is the perspective of protecting data from being deleted or modified by an unauthorized party.
- Availability – Ensuring that authorized people have access to their data and resources when they need them. This can also reference the idea of backing up data in case the integrity of the data was ever compromised.
- Security, Functionality, Usability Triangle – This is a model used for finding the perfect balance within an information system.
- Security – All of the measures taken to protect a system, application, or device including ensuring only authorized users have access.
- Functionality – Defined as what something was designed to do or services it was expected to provide.
- Usability – Pertains to how easy it is to use, also known as its level of user friendliness.