Cyber Security Glossary

Category: News
Published: 19th January 2024

< Back to Media
Image representing cyber AI

Whether you are a cybersecurity professional, an IT enthusiast, or simply someone looking to improve your understanding of online security, this glossary serves as a valuable resource. From Access Control to ZTNA, each entry is here to provide clear explanations, helping you to navigate the ever-evolving landscape of cyber threats and defences.


Access ControlA security technique that regulates who or what can access or use resources in a network.
Active DirectoryADA technology used to manage computers and other devices on a network.
Advanced Persistent ThreatsAPTDeliberate attacks on your security by outsiders who will try any number of different attacks, no matter how long it takes, to get into your system.
Anti-malwareA software program created to protect IT systems and users from malicious software.
Antivirus SoftwareAVA software used to prevent, detect, and remove malware.
ApplicationA computer program that is designed for a particular purpose.
Artificial IntelligenceAIThe ability of a digital computer or computer-controlled robot to perform tasks commonly associated with intelligent beings.
Attack SignatureThe pattern of events that take place in order to perpetrate an attack on a computer system which can be used to identify the source.
Audit LogA system or application log that stores details of what people have been doing on the application/system it applies to, which can be used for general monitoring and forensic analysis in the event of a problem.
Audit TrailA chronology of events built by a human being using sources such as the audit log and is written to be readable by non-technical people.
AuthenticationConfirms the identify of an individual who is trying to connect to and use a computer system.
BackdoorDescribes a hidden method of bypassing security to gain access to a restricted part of a computer system.
BackupTo make a copy of data stored on a computer or server to reduce the potential impact of failure or loss.
BiometricA characteristic of your body which can be used to identify you e.g., your irises and your fingerprints.
Blue TeamA security testing team that focuses on analysing systems and designing new or improved security mechanisms to defend the systems from attack.
BotnetA group of Internet-connected devices, each of which runs one or more bots.
Brand protectionThe act of preventing someone from illegally using a brand name or intellectual property owned by another company.
Bring Your Own DeviceBYODBeing allowed to use one's personally owned device, rather than being required to use an officially provided device.
Brute-force attackBFAA hacking method that uses trial and error to decode passwords and encryption keys to gain unauthorised access into a network.
Buffer OverflowA technique for hacking systems that injects more characters into a request than should be permitted, either causing the system to crash or injecting code into the target system to change its behaviour.
Business Continuity PlanBCPA framework and procedure set that you build in order to maximise your chances of recovering from a security or data breach.
Business Impact AnalysisBIAAn assessment of all of your systems to estimate the negative effect on the organisation of a system being compromised or disabled.
Certificate Revocation ListCRLA list of digital certificates which are no longer acceptable due to reasons such as the host being compromised and the private key stolen.
Certification AuthorityCAA respected organisation that issues digital certificates, which you can attach to your Web servers in order to prove your organisation's identity.
Challenge-ResponseA basic means of authentication, where a system requests action from the user, and the user responds.
ChecksumA calculation that's used to confirm the Integrity of a collection of data.
Chief Information OfficerCIOThe head of information services within an organisation e.g., information processing and IT systems.
Chief Information Security OfficerCISOThe head of information security and cyber security in the organisation.
Chief Technology OfficerCTOA senior executive who oversees the technology and engineering aspects of the organisation.
CIAConfidentiality, Integrity and Availability: the three core pillars of cybersecurity.
CipherSynonymous with Encryption Algorithm.
Classified InformationHighly confidential information that pertains to, for example, national security.
Clear textUnencrypted information.
Cloud computingThe practice of using a network of remote servers hosted on the Internet to store, manage, and process data.
CollisionAn instance in which an encryption or hash function produces the same output for two or more given sets of input.
Common Vulnerability Scoring SystemCVSSAn industry standard for assessing the severity of a vulnerability on a computer system and representing it as a 'score' between 0 (no risk) and 10 (severe risk).
Competency-based trainingTraining or education that is oriented toward teaching specific skills to a high level of ability rather than covering a wide range of skills to a lesser extent.
CompromiseA successful penetration into a system by a hacker despite the security mechanisms defending it.
Computer-based TrainingTraining or education that is delivered by the student accessing the materials via an electronic device rather than by interacting with an instructor.
Configuration ManagementA regime of recording, monitoring and regularly verifying the configuration of systems and applications to verify that changes that are made do not have unexpected security consequences.
CookieA token embedded into Web pages that let the owner of the site you're connected to track your progress and remember you if you return.
Critical National InfrastructureCNIAn organisation that is important for the operation of a nation or state, if a cyber attack or outage occurred to these organisations, it would have potentially massive implications on the operation of the country.
Cross certificateA certificate issued by a Certification Authority to sign the certificate of another Certification Authority.
Cross site scriptingXSSOne of the most common vulnerabilities in web sites, and one that is straightforward to avoid with diligent development techniques.
Cryptographic KeyOne of the three elements necessary when encrypting data.
Cryptographic StrengthThe level of difficulty in breaking a cryptographic system.
Cyber SecurityThe defence of information held and processed on digital systems against unauthorised access, damage or misuse.
Cyber Security as a ServiceCSaaSOutsourcing cybersecurity needs to third-party service providers.
Cyclic Redundancy CheckCRCA method of error checking data by computing a function against the transmitted and received versions of data and comparing the results.
Data breachWhen a company’s private data has been accessed by unauthorised people or removed from the company control.
Data Encryption StandardDESA symmetric encryption algorithm devised in the 1970s.
Data Leakage PreventionDLPSoftware that prevents information that shouldn't be leaving your systems from doing so.
DecryptionConverting coded or encrypted data to its original form which allows information to be understood without an encryption key.
Deep Packet InspectionDPIA method of examining the content of data packets as they pass by a checkpoint on the network, they may take actions accordingly.
Defence in depthEmploying several layers of protection to improve your chances of preventing someone from breaking into your systems.
Demilitarised ZoneDMZA network that sits between the Internet and the secure LAN.
Denial of ServiceDoSA type of cyber-attack in which a malicious actor aims to render a computer or other device unavailable to its intended users by interrupting the device's normal functioning.
DevSecOpsA development regime in which the Operations and Security teams work with the Development teams throughout the project in order that the security team can provide constant, ongoing feedback to help developers get the operations and security aspects of the system right.
Disaster Recovery PlanDRPA technical plan which gets systems back up and running in the event of a severe security attack or outage.
Distributed Denial of ServiceDDoSA type of security attack whereby the attacker exploits dozens, hundreds of thousands of systems around the world to target simultaneous attacks against a single organisation.
DomainA group of connected computers which share account information and security policies.
Domain-based Message Authentication, Reporting and ConformanceDMARCA mechanism that allows senders and receivers to monitor and improve protection of their domain from fraudulent email.
DomainKeys Identified MailDKIMAn email authentication method designed to detect forged sender addresses in email.
Elliptic Curve CryptographyECCCryptography that is based upon the use of Elliptic Curve Algorithms.
EncryptionCoding used to protect your information from hackers.
End user DeviceTerm to collectively describe modern smartphones, laptops and tablets that connect to an organisation's network.
EndpointAny physical device that can be connected to a network.
Endpoint detection and responseEDRA solution which continuously monitors and mitigates potential threats in endpoint devices.
ExploitA code that takes advantage of a software vulnerability or security flaw.
False positiveAn instance in which a security system gives an threat alert that turns out to be incorrect.
FirewallA system designed to prevent unauthorised network traffic to or from a trusted network.
FirmwareThe low-level software in a computer or network device that drives the core operation.
Governance, Risk, and ComplianceGRCThese work together to ensure that an organisation’s systems are secure, reliable, and compliant with regulatory requirements.
HackerAn individual who uses their IT skills to gain unauthorised access into a network.
HardeningTaking a default installation of a computer system and changing its configuration to make it more secure.
Hash FunctionA function that takes a Clear Text string and irreversibly converts it into a cryptic, fixed-length string.
High availabilityImplementation of a system using multiple devices so that if one fails, the others will automatically take over service.
HoneypotA cybersecurity mechanism that uses a manufactured attack target to lure cybercriminals away from legitimate targets.
Host Intrusion Prevention SystemHIPSA system that runs on computers to identify and block intrusion attempts that somehow got through the firewall.
Inadvertent disclosureWhere someone unwittingly sends sensitive information outside the company systems.
IncidentAn unwanted or unplanned effect on the system(s) involved.
Incident Response PlanIRPLargely synonymous with a Business Continuity Plan.
Industrial Control SystemICSThe control unit for a non-IT system, e.g., an air conditioning system or heavy machine plant.
Information ownerThe individual who has accountability for a given collection of data.
Information securityInfoSecA subcategory that focuses on the practices, systems, and processes used to protect sensitive information.
Internal networkThe network connecting all of an organisation's internal systems together.
Internal security testingProbing the Internal Network to see how susceptible it is to an attack.
InternetA global network connecting the vast majority of computer systems worldwide.
Internet Protocol addressIP addressA numerical identifier for each device connected to a network which allows data and messages to be transferred from a device computer to a computer.
Internet of ThingsIoTA network of physical devices which can transfer data to one another without human intervention.
Intrusion Detection SystemIDSSoftware that watches for, and identifies, attempts to break into your systems.
Intrusion Prevention SystemIPSSimilar an Intrusion Detection System but has extra features that can take action to attempt to stop the attack.
IP SecurityIP SecA security mechanism for IP networks, most commonly used for VPN connections.
Least privilegeThe principle of assigning every user with only the privileges they actually need to do their job, and no more.
Link encryptionA situation in which the entire end-to-end connection between the sending endpoint and the receiving endpoint is encrypted in some way.
Local Area NetworkLANA collection of network-connected computers and other electronic systems that are all located within a specific location such as a home, office or other building.
Logic bombA piece of malicious code that's planted in a computer system and set to activate when certain conditions are met.
Machine LearningMLA type of AI by which computers find patterns in data or solve problems automatically without having to be explicitly programmed.
Macro virusMalware that exploits the macro languages in popular applications such as word processor and spreadsheet software.
Malicious codeAn item of software designed to do something bad that the user wasn't expecting and which they didn't ask for.
MalwareAny code written for the specific purpose of causing harm, disclosing information, or otherwise violating the security or stability of a system.
Man-in-the-middle attackMitMA piece of Malware, or hardware device, is inserted between the sender and receiver of a piece of data and copies that data.
Message Digest 5MD5Hash function which is considered insecure owing to its susceptibility to collisions.
Multi-Factor AuthenticationMFAProvides a method to verify a user's identity by requiring them to provide more than one piece of identifying information.
Multilevel SecurityMLSProvides different users with different levels of permissions to access systems.
Mutual authenticationThe act of two parties in a data exchange authenticating each other prior to transmission taking place.
NetworkA collection of IT systems that interact with each other via electronic connections.
Network Admission ControlNACA mechanism whereby the network infrastructure forbids a device from communicating until it has proven its identify and that its operating software and Anti-Malware Software are up to date.
Network Detection and ResponseNDRA solution which monitors network traffic through AI, ML, and behavioural analytics.
Network Functions VisualisationNFVA method to virtualise network services that have traditionally been run on proprietary hardware.
Network securityProtects networking infrastructure from data theft, unauthorised access, and manipulation.
Network sniffingThe act of putting a monitor on a network and capturing/examining the traffic as it flies past.
Next Generation Fire WallNGFWA network security device that provides capabilities beyond a traditional firewall.
Operations SecurityOpSecThe concept of taking a systemic, proactive approach to the operation of the security function in your organisation.
Outside threatA threat posed by a system or individual outside your organisation's network and premises.
Over-The-AirOTAAn approach in which key exchange is carried out over the same path that the encrypted data is traversing.
Packet FilterA mechanism that only allows specific types of traffic to and from specific addresses.
Packet snifferThe piece of software that does network sniffing.
PasswordA sequence of characters used by Users alongside their user IDs as part of the process of gaining access to a computer system.
Password generatorAn application that generates complex, hard-to-crack passwords for users.
Password protectedA situation in which a system demands a password before it admits users.
PatchA program fix that eliminates a vulnerability that could potentially be exploited by a hacker.
Patch managementA regime of regularly downloading and applying the patches required for your systems and monitoring patch currency.
Penetration testingPen testersPerforms simulated cyberattacks on a company’s computer systems and networks. It detects security vulnerabilities and weaknesses before a hacker can exploit them.
Personal firewallSecurity software that resides on an individual PC or other computer.
Personal Identification NumberPINA passcode comprising only numeric digits, commonly used as authentication for users of credit and debit cards.
Personally Identifiable InformationPIIData that identifies individuals and which can be used by intruders for nefarious purposes such as identity theft.
PharmingA type of social engineering cyberattacks in which criminals redirect internet users trying to reach a specific website to a different, fake site.
PhishingA type of internet fraud that seeks to acquire a user's credentials by deception, commonly via email or brand impersonation.
Port scanningA simple test where a piece of software computer attempts to make every possible type of connection from the machine on which it is running to target machines, which identifies potential vulnerabilities in a system.
Private keyOne of the two cryptographic keys in a public key cryptography setup.
PrivilegeThe rights that someone is granted to a computer system to control the types and levels of access they are given.
Promiscuous modeThis mode means that the PC will accept everything that arrives rather than being filtered through.
ProtocolA defined and agreed way of two systems interacting.
ProxyA system that makes requests to a server on behalf of the client.
Public domain softwareSoftware whose source code is released to the public at no charge, and which can be reused by anyone under the terms of a liberal set of licensing rules.
Public keyThe other of the two Cryptographic Keys in a Public Key Cryptography setup.
Public key cryptographyA mechanism whereby each party in a data interchange advertises a public key for the other to use for encryption.
Radio Frequency IdentificationRFIDA mechanism assets are given passive electronic tags that respond with a unique identifier when irradiated with radio waves.
RansomwareA type of malware which prevents you from accessing your device and the data stored on it, usually by encrypting your files.
Recovery Point ObjectiveRPOThe point in time to which the data on a system must be recovered in the case of a data loss.
Recovery Time Objective RTOThe longest acceptable time between a system failing and it being returned to service such that it can be used, even if not optimally.
Red TeamA group of security specialists who analyse an organisation's systems by simulating cyber attacks on the system, in order to identify vulnerabilities that can then be mitigated.
RemediationCorrective action undertaken to fix or mitigate a security vulnerability.
Remote accessA mechanism for users to access your organisation's systems from outside the organisation's premises.
Replay attacksAn attack in which the attacker monitors and records traffic from your network then pushes the recording back into your system in order to break in or cause a problem.
Risk assessmentThe process of identifying and documenting risks that exist in an organisation.
Risk mitigationReducing risk by making changes to systems, policies and/or processes.
Rogue deviceAn unauthorised system on a network that is neither known to nor supported by the official IT team.
Role-based Access ControlRBACA concept whereby access to systems and resources is based on the nature of the individual's role(s) rather than being attached to the individual him/herself.
Root Cause AnalysisRCAEstablishing the underlying issue that was the cause of a security incident or system outage.
RootkitA set of covert tools installed by an attacker to compromise the security of a computer system.
SandboxingSetting aside an area of a computer as a 'safe' place in which software can be run without risk of it infecting production systems.
Secure Hash AlgorithmSHAThe most commonly used family of hash functions as there are no known vulnerabilities in the more recently devised SHA algorithms.
Secure Sockets LayerSSLAn encryption-based Internet security protocol.
Security Assertion Markup Language SAMLA standard protocol for authenticating user logins against computer systems.
Security as a ServiceSECaaSA cloud-based outsourced service wherein an outside company handles and manages your security.
Security IncidentAn incident whose primary impact relates to security.
Security Awareness Training and TestingA formal process for educating employees about cybersecurity best practices to better navigate the many cybersecurity threats they may face at work and at home.
Security Information and Event ManagementSIEMA log management tool which collects, stores, and searches through logs to track activity within your organisation.
Security policyA statement detailing how the organisation wishes its staff to behave and its systems to operate in order to attain and preserve its desired level of security.
Security postureThe state of an organisation's systems with regard to security, and the organisation's preparedness for response to a security incident.
Sender Policy FrameworkSPFAn email authentication method which ensures the sending mail server is authorized to originate mail from the email sender's domain.
Service Level AgreementSLAAn agreement between a supplier and a customer that forms a framework for the provision of the services, often including security-specific requirements.
Short Message ServiceSMSA basic text messaging system used by mobile telephones.
SmishingA social engineering attack that uses fake mobile text messages to trick people into downloading malware, sharing sensitive information, or sending money to cybercriminals.
SnifferA piece of software for Network Sniffing.
Split tunnellingWhen a computer is connected to two networks at once.
Social EngineeringA cyber attack technique that exploits human error or trust to gain access to sensitive information or systems.
Software Defined Data CentreSDDCA data storage facility in which all infrastructure elements are virtualised and delivered as a service.
Software Defined VisibilitySDVA framework that allows the deployment of security devices whilst being able to understand what type of data is flowing between these systems.
SpamUnsolicited electronic messages sent to a large group of people.
Spear phishingA cyberattack method that hackers use to steal sensitive information or install malware on the devices of specific victims.
SpoofingA technique attackers use to appear to make their communications appear from a legitimate source. This is usually done in the form of a faux email address, or brand identify.
Static keyA key that changes infrequently.
SteganographyThe science of communicating in such a way that hides the communication.
Supervisory Control and Data AcquisitionSCADAA controller module for a piece of equipment that would not usually be connected to the network (a generator, for instance or some other piece of plant machinery) so it can be monitored and/or controlled from a PC.
System administratorThe technical specialist who manages a computer system, and whose credentials are usually highly sought after due to their privilege.
Threat MonitoringA type of solution which continuously monitors across networks and/or endpoints for security threats.
Transport Layer SecurityTLSThe successor of Secure Socket Layer (has had no known breaches yet).
Trap doorAn algorithm that is very simply and quick to execute in one direction, and intractably hard and slow to execute in the other direction.
Triple DES3DESA development of the data encryption standard which is considerably more secure.
Trojan horseA malicious program hidden inside an ostensibly innocuous one.
Trusted certificateA digital certificate that is trusted by the machine that is using it for identification, this is because it has been done by a reputable issuing organisation.
TunnellingSending data using one protocol through a connection established using another.
Two Factor Authentication2FAA mechanism for improving security by making users identify themselves by two means rather than one.
Virtual machineVMA software-based computer that runs on another computer.
Virtual Private NetworkVPNAn encrypted internet connection to ensure safe data transmission from network devices.
VulnerabilityA weakness or deficiency in a computer system, or network that could be exploited by unauthorised parties or cyber criminals.
VirusA type of malware that is designed to infect legitimate software programs and replicates across networks when those programs are activated.
VulnerabilityAn aspect of a computer system or network that is susceptible to intrusion due to a flaw in design or programming.
Web Application FirewallWAFA system that examines inbound connections to an internet-connected system with the intention of blocking illicit requests so that such attacks do not reach the target system.
Web filtering softwareSoftware that is put at the edge of your network to prevent users from accessing material on the Internet that is classed as threatening or otherwise unwanted.
Wide area networkWANA network spread over a large area, typically a collection of Local Area Networks and other networks connected together.
Wi-Fi Protected AccessWPAA mechanism for Wireless Local Area Network access which is considerably more secure than Wired Equivalent Privacy.
Wired Equivalent PrivacyWEPA wireless encryption standard that is no longer considered usable as it is very insecure.
Wireless Application ProtocolWAPAn early form of mobile phone based data access, introduced in 1999 but obsolete today.
Zero-dayRecently discovered exploits.
Zero-day attackAn attack on a computer system which exploits a vulnerability of which the software or anti-malware vendor is not aware.
Zero Trust Network AccessZTNASecure access for remote users via authenticated controls.