Cybersecurity Awareness Month: 25 Security Terms You Should Be Familiar With

The pandemic has led to an unprecedented shift in how most companies function. Remote and hybrid work has become the norm, while more workloads reside in the cloud instead of on-prem data centers. This has widened the attack surface and opened the less cautious to all sorts of cyber risks. The wave of cyberattacks in the last couple of years has reached a new high. For instance, malware attacks increased by 358% in 2020 and ransomware attacks by 435% compared to the previous year, according to a 2020 study by Deep Instinct. 

Today, most large organizations organize regular workshops, training, and cybersecurity awareness programs for employees to stay resilient. On their part, employees should also take a greater interest in cybersecurity. Learning about the most recurring cyberattacks and cybersecurity solutions is one way to start. With October being Cybersecurity Awareness Month, let’s learn some important cybersecurity terms. 

According to Jason Stirland, CTO at DeltaNet InternationalOpens a new window , “Research from Verizon revealed that 36% of data breaches involved phishing, 11% more than last year and 85% of breaches involved human error. With phishing attacks continuing to escalate, organizations must prioritize training employees on awareness basics, such as how to spot a phishing email. Employees should be able to recognize phishing emails using simple techniques to strengthen the organization’s cybersecurity resilience. This might include checking the email address of the sender, looking out for spelling and grammatical errors within the email, and hovering over suspicious links or attachments. These are all prime methods for detecting a phishing email. 

“Cybersecurity Awareness Month is an ideal time to refresh employees with cybersecurity awareness training. After all, refreshing training ensures employees stay aware of new cybersecurity risks, e.g., this year, credential harvesting and smishing have been popular phishing techniques to watch out for.  Businesses might also wish to test the effectiveness of their cybersecurity awareness training using simulated phishing emails. This technique allows security teams to distinguish if there are any skills gaps and deploy follow-up training where it’s needed most to protect the business.” 

1. Phishing Email Attacks

Phishing is a widely used term in cybersecurity that describes an attempt to manipulate users into sharing personal or other credentials. These credentials can be used to hijack the victim’s social media or banking accounts. When attackers use emails as the medium for these attacks, they are called phishing email attacks. These emails are deftly crafted so that they look genuine and pique the interest of the target. The objective is to get victims to believe that the email has been sent by a genuine person or an organization to get them to click on the malicious links or attachments and plant malware on their system.

See More: What Is a Phishing Email Attack? Definition, Identification, and Prevention Best Practices

2. Spear Phishing

A subset of phishing, spear phishing attacks are a lot more sophisticated, organized, and dangerous. Before carrying out these attacks, threat actors use social engineering to identify corporate insiders who may have privileged access to their organization’s critical resources. These insiders are then targeted with personalized emails on a subject relevant to their work and are more likely to elicit a response or a click on the malicious link. The email can be sent in the name of a supply chain partner, a customer, or a remote co-worker and may include specific details to look legitimate.  

See More: What Is a Spear Phishing Attack? Definition, Process, and Prevention Best Practices

Interesting Phishing Facts

3. Malware

Malware refers to malicious software developed to damage, disrupt, and infiltrate a computer, smartphone, server, or computer network. Malware is also used to open gateways or backdoors in a system or computer network to enable attackers to remotely plant other malicious software without requiring authentications from the user or system admin. Malware typically stays hidden and causes damage without the knowledge of the user.  

See More: What Is Malware? Definition, Types, Removal Process, and Protection Best Practices

4. Multi-factor Authentication

Multi-factor authentication (MFA) is a key component of any organization’s identity and access management (IAM) strategy. It adds a layer of security over the sign-in process required to access cloud resources, web applications, or a virtual private network (VPN). It requires users to furnish two or more verification factors instead of relying only on the username and password for logging into a system. Studies show that this additional process reduces the risk of a cyber attack considerably. Passwords are the most common type of MFA factor used by organizations today where one-time passwords (OTP) are shared through email, SMS, or an authenticator mobile app such as Google authenticator or Authy. 

See More: Top 10 Multi-Factor Authentication Software Solutions for 2021

5. IAM

Identity and access management (IAM) is an online solution used by organizations to verify the authenticity of requests made by individuals or devices to access cloud or on-premise applications. IAM solutions improve the IT team’s visibility into who has access to what and ensure no one misuses access. With many organizations now working remotely due to the pandemic, IAM is on top of the IT agenda as many access requests are now being made remotely, at times with personal devices. 

See More: Top 10 Identity and Access Management (IAM) Solutions

6. Firewall

A firewall is a vital cog in a company’s security architecture. It monitors all incoming and outgoing network traffic as per the IT team’s instructions with the primary goal of allowing non-threatening traffic and keeping out all malicious traffic. A firewall can also be used to create a virtual wall between a private network and the public internet. The more advanced firewalls come with in-built integrated intrusion prevention systems (IPS), which enables them to block malware and prevent application-layer attacks.

See More: What Is a Firewall? Definition, Key Components, and Best Practices

7. Advanced Persistent Threat

Advanced persistent threat (APT) is a form of cyberattack wherein an attacker uses advanced and sophisticated techniques to infiltrate a system or a network and remain inside for a long period. The ultimate goal is to steal critical information over a long period. Since the effort required to carry out such an attack is high, APTs usually aim at high-value targets such as nation-states and large corporations. APT attackers are increasingly going after smaller companies that are part of larger organization’s supply chain networks. Smaller companies don’t have the cyber resources of large organizations and are usually poorly defended, which makes it easier to target them. 

See More: What Is an Advanced Persistent Threat? Definition, Lifecycle, Identification, and Management Best Practices

8. Ransomware Attack

Ransomware is a form of malware that uses encryption to block an organization’s access to their systems, files, databases, or applications until they agree to pay a ransom. Ransomware is designed to spread across the network and target database and file servers and can quickly paralyze an entire organization and disrupt business operations. It is considered one of the most lucrative forms of cyberattacks as many organizations choose to pay the ransom to prevent losses incurred due to business disruption. Every year ransomware actors make billions of dollars through ransom payments. To put more pressure on organizations, some ransomware groups also steal critical data before encrypting it and then threaten to sell it on the dark web if the ransom isn’t paid.

See More: What Is a Ransomware Attack? Definition, Types, Examples, and Best Practices for Prevention and Removal

Interesting Ransomware Facts

9. Cloud Encryption

With many businesses migrating to the cloud, securing workloads and databases is more critical than ever. Cloud encryption is one of the most effective methods that protect sensitive cloud data from attackers in case of a breach. In this method, all plain text data is encrypted and transformed into ciphertext using mathematical algorithms to make it unreadable. Even if the information is stolen and sold after a breach, the threat actor or an illegitimate buyer cannot read the content without the decryption keys.  

See More: What Is Cloud Encryption? Definition, Importance, Methods, and Best Practices

10. DDoS Attacks

A distributed denial-of-service (DDoS) attack is widely used to disrupt the services of a server, website or network by suddenly overwhelming it with large volumes of unexpected internet traffic they can’t handle. To carry out a DDoS attack, threat actors first infect hundreds and thousands of computer systems or IoT devices (referred to as bots) with malware and then use them to create a botnet. This botnet is then used to generate large amounts of traffic. DDoS attacks are sometimes also used as a distraction to carry out data theft or network infiltration. According to cybersecurity firm Neustar, DDoS attacks increased by 154% between 2019 and 2020.

See More: DDoS Attacks: A Growing Cybersecurity Problem in Remote Learning 

Interesting DDoS Facts

11. Spyware

Spyware is also a type of malware but is mostly used for surveillance. Instead of spreading across the network or stealing data, it remains hidden using advanced obfuscation techniques and quietly monitors every activity and communication on the target’s device. Though spyware was initially more popular with jealous spouses to spy on their partners, they are now widely used to target high-profile corporate targets. Post-pandemic, its usage has only increased. As per cybersecurity firm Positive Technologies, it was the third most popular malware used in attacks against enterprises in Q1 2021.

See More: Spyware: How They Impact Enterprises and How to Spot an Infection

12. Browser Isolation

Most organizations restrict what their employees can access on browsers on their company network or computer systems. This can be frustrating and even throttle productivity in some instances. Browser isolation is a method many organizations use to allow unrestricted web access to their employees without compromising on security. In this method, an employee’s internet activity is isolated from the larger computing environment in which they are operating. This is done by putting all traffic in a sandbox or a virtual machine (local isolation) or by hosting the browsing session on a remote server and streaming it to the user in real-time (remote isolation). 

See More: What Is Browser Isolation? Definition, Technology Components, and Vendors

13. Data Loss Prevention

As data volumes grow, managing and keeping track of data has become a lot more challenging. Loss of critical data can have severe repercussions for any organization. It can lead to loss of intellectual property, tarnish the brand image and invite heavy fines from data regulators. Many organizations are turning to data loss prevention (DLP) solutions to improve visibility over their data landscape. DLPs can mitigate the risk of data loss due to insider threats, negligence, external attacks, or natural disasters by ensuring that the organization has consistent access to all its data resources.  

See More: 10 Best Data Loss Prevention (DLP) Tools for 2021

14. Threat Modeling

Threat modeling is a technique used for identifying vulnerabilities and improving the security of an application in the earliest stages of development. A good threat modeling tool suggests strategies to mitigate vulnerabilities, which can be incorporated into the development life cycle of applications. Due to the sheer scale and number of stakeholders, threat modeling can take time and investment. Organizations also need to hire a threat intelligence analyst to oversee the project. 

See More: Top 10 Threat Modeling Tools in 2021

15. Penetration Testing

Penetration testing or pen testing is a type of ethical hacking which allows security teams to identify exploitable vulnerabilities in the company’s resources or network by simulating a cyberattack. The objective is to trace the attack paths threat actors use to carry out a cyberattack. This helps in managing associated risks. To ensure penetration testing does not disrupt any operations, they cannot be run during business hours and access is also restricted to certain critical functions.   

See More: Penetration Testing in Action: A Step-by-Step Guide to Get It Right

16. Shadow IT

Shadow IT refers to those applications, software, services, or devices that fall outside the purview of an organization’s IT team and have not been vetted and approved for use. Yet, such apps are widely used by business units and users. With the increase in cloud adoption, the use of shadow IT has also grown exponentially to plug the gaps left by company-approved applications. Due to a lack of visibility over shadow IT, IT teams cannot protect them from cyberattacks, putting the entire organization at risk. According to a Stratecast and Frost & Sullivan reportOpens a new window , 80% of employees use applications on the job that aren’t approved by IT.  

See More: How To Keep Corporate Data Safe in the Face of Growing Shadow IT

17. Password Managers

A password manager is an application that allows users to store and manage their login credentials and passwords. These credentials are stored in an encrypted database or vault and locked with a master password. This saves the need to remember multiple passwords for various work and personal accounts. They only have to remember one master password to retrieve all other passwords from the vault. Password managers can also generate passwords for users struggling to come up with complex passwords for different accounts on their own. Password hygiene is a big concern for enterprises. According to a Verizon report, 80% of data breaches are triggered by weak, reused, and compromised passwords. 

See More: 10 Best Password Managers for 2021

18. Zero Trust Networks

Zero trust networks have emerged as the go-to model for many organizations in the face of rising cyberattacks. It is a holistic approach to security based on the premise that no individual or device can be trusted. Zero trust requires organizations to implement strict identity verification for every worker and device trying to access their database on a private network, even if they are located inside the network perimeter. Even if an attacker infiltrates a network, they will not have free access to the resources. Shifting to a zero trust network does not require new hardware or software deployment and can be implemented using existing infrastructure. 

See More: Zero Trust Networks: Guide to Implementing Trusted Architecture in Remote Work Era

Interesting Zero Trust Facts

19. Biometric Authentication

Biometric authentication is a widely-used method to verify the authenticity of an individual using their biological characteristics such as the face, iris, fingerprint or voice. Most modern-day devices such as smartphones or laptops offer some form of biometric security. With passwords becoming obsolete, enterprises are looking for new ways to secure access to their resources. Biometric security is considered more secure and reliable than passwords. 

See More: What Is Biometric Authentication? Definition, Benefits, and Tools

20. Network Access Control

Network access control (NAC) is a security solution that keeps unauthorized users and devices from an organization’s private network. As more people use personal devices to access corporate networks, keeping track of who has access to what becomes critical. NAC also makes sense for organizations with large-scale IoT deployments. NAC functions by restricting access to the company’s protected resources to specific users and devices and only to particular areas of the network. So, if a person or device has access to a corporate network, they will still not be able to access any internal resources due to NAC. 

See More: What Is Network Access Control? Definition, Key Components, and Best Practices

21. Container Security

Container security is a broad term for a set of tools, policies, and processes designed to make a container more secure and resilient to attacks. With the growing use of containers, attacks on them have also increased. Though they are more secure than traditional virtual machines, they are not impenetrable. According to a reportOpens a new window by Aqua Security, botnets attack 50% of new misconfigured Docker APIs within 56 minutes of being set up. 

See More: What Is Container Security? Definition, Components, Best Practices, and Software

22. Whaling

Also known as CEO fraud, whaling is a more targeted form of spear-phishing attack wherein attackers send a fake email in the name of the CEO or C-level executives to other important officials within the organization. The objective of the attack is to draw the victims to a hoax website and trick them into sharing sensitive information such as their login credentials. This information can then be used to steal money or to launch attacks on company networks.  

See More: What Is Whaling Phishing? Definition, Identification, and Prevention

23. PAM

A subset of IAM, privileged access management (PAM), is an infosec mechanism that helps organizations manage and secure privileged accounts with access to critical data and accounts. Unlike standard accounts, which have limited access to resources, privileged accounts, if compromised, can have serious repercussions for an organization. According to a Forrester reportOpens a new window , privileged credentials were involved in around 80% of data breaches. 

See More: What Is Privileged Access Management (PAM)? Definition, Components, and Best Practices

Interesting PAM Facts

24. Social Engineering

Social engineering is a set of tactics employed by cybercriminals to gather sensitive information from unsuspecting users. These tactics include background research, social media monitoring, fake customer care calls and sometimes in-person meetings. The motive behind most social engineering tricks is to carry out cyber theft and steal critical information or money. In many instances, attackers use social engineering to target senior-level executives and gain entry into company networks using credentials stolen from them. 

See More: What Is Social Engineering? Definition, Types, Techniques of Attacks, Impact, and Trends

25. Incident Response

Incident response or IR is a set of measures taken by an organization to minimize the impact of a cyberattack. The measures include detection, analysis, containment, and recovery from a data breach. It also covers post-incident recovery activities such as feeding the information from the data breach to improve the incident response system and provide support to auditors. IR defines the roles and responsibilities of individuals and teams and details communication pathways between the incident response team and the rest of the organization. 

See More: What Is Incident Response? Definition, Process, Lifecycle, and Planning Best Practices

How are you celebrating the national cybersecurity awareness month? Comment below or let us know on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!