It has been brought to my attention that many people are interested in learning more about cyber security, but lack the knowledge of the basic lexicon of the average professional. Read this article to learn some cyber security definitions for common phrases, abbreviations, and acronyms you’ll come across.
Cyber security definitions for common Acronyms
BYOD: This stands for bring your own device. It is for organizations that allow their employees to use their own laptops, smartphones, tablets, and other digital items to do their work. It can also apply to events and meetings which encourage people to bring devices to do live work during the event.
While BYOD is a cyber security term that more people are becoming familiar with, it is not a cyber security risk that is really being understood. Read a recent article on BYOD security on this blog for more.
DLP: This stands for data loss prevention. This is used to talk about the last point of defence before a cyber security breach. Security teams will develop software and strategies to defend this point to protect the most valuable company data.
EPP: This stands for endpoint protection platforms. It is a single piece of software which combines a personal firewall, antivirus, anti-spyware, app control, and behavioural blocking. It is to be used on the endpoint of every cyber security plan: the laptop, smartphone, and tablet of users.
WEP: This stands for Wired Equivalent Privacy. It is a part of the 802.11 IEEE standards of security protocols for encrypting information with the goal of denying unauthorized access to WiFi networks. It has serious flaws and has been replaced by WPA (WiFi protected access) and WPA2 (an enhanced version of WPA) protocols recently. If you’re on WEP, it’s well past time to upgrade.
Cyber security definitions for common jargon term
Cloud Security: Most people have a grasp of this basic term, but not many look at the difference between private cloud security and public cloud security. Private cloud security is handled entirely in-house by a local IT team employed by the company. It is used just like a corporate VPN, but with data storage.
A Public Cloud security solution uses a third party. VyprVPN and their Dump Truck storage is an example as they store encrypted data for you on their server.
Cyber security compliance: These are standards which are defined by companies themselves. No two companies will have the exact same cyber security compliance standards.
All too often, companies create the bare minimum of compliance standards. Many companies are seriously lacking the proper protocols for staff, see the ongoing hacking of companies for proof. Learn more about cyber security and how it impacts your work if you do not want the finger of blame pointed your way one day.
Keyloggers: Want to hear something scary? These are programs which track your every keystroke. They were once designed to help people track their workflow and restore things they lost, but they have since become abused hacking tools that gather passwords and usernames.
Spyware: This is a piece of software which installs itself on your computer, records how you use your computer, and then sends that information to another computer or network. It will run in the background so you won’t know it’s there.
Blended Threats: These are hacks which combine multiple attack points. They can be a worm, a Trojan horse, and a keylogger all at once. While they can be difficult to defend against, having more than one security tool in use at a time can prevent them.
Phishing: This may be the oldest of all the spamming methods of obtaining information illegally. It is a style of hacking which lures people into clicking on malicious links, or opening malware programs and attachments. It usually happens via email, but any place you can place a link.
Sub-terms under phishing are whaling – where high-profile users are targeted. And spear phishing where highly specialized messages are sent to specific people. An example for both are in the Black Hat movie where they get the password for the NSA “Black Widow” program. To be fair, that’s more whaling than it is spear phishing IMO.
Ransomware: This is a type of malware that requires you to pay money to get back files which have been encrypted. The malware seizes files on your computer and encrypts them so that you can no longer access them. The most recent high-profile example happened in Australia last year.
Online privacy: The old assumption was that when you logged onto your computer, and went online, what you were doing was your business. This is really, totally, 100% not the case. Everyone from advertisers, to your favorite social media websites, to the NSA is tracking what you are doing online.
This is one of those cyber security definitions where you can differ on what it means to you. Put basically, online privacy is meant for sensitive information. This can include credit card data, banking information, passwords, and other personally identifiable pieces of data. You can expand on that definition of online privacy to also include as much of your dat as you feel comfortable with.
Feature image Maksim Kabakou / Shutterstock.