Whether you are a cybersecurity professional, an IT enthusiast, or simply someone looking to improve your understanding of online security, this glossary serves as a valuable resource. From Access Control to ZTNA, each entry is here to provide clear explanations, helping you to navigate the ever-evolving landscape of cyber threats and defences.
A
| Terminology | Abbreviation | Definition |
|---|---|---|
| Access Control | A security technique that regulates who or what can access or use resources in a network. | |
| Active Directory | AD | A technology used to manage computers and other devices on a network. |
| Advanced Persistent Threats | APT | Deliberate attacks on your security by outsiders who will try any number of different attacks, no matter how long it takes, to get into your system. |
| Anti-malware | A software program created to protect IT systems and users from malicious software. | |
| Antivirus Software | AV | A software used to prevent, detect, and remove malware. |
| Application | A computer program that is designed for a particular purpose. | |
| Artificial Intelligence | AI | The ability of a digital computer or computer-controlled robot to perform tasks commonly associated with intelligent beings. |
| Attack Signature | The pattern of events that take place in order to perpetrate an attack on a computer system which can be used to identify the source. | |
| Audit Log | A system or application log that stores details of what people have been doing on the application/system it applies to, which can be used for general monitoring and forensic analysis in the event of a problem. | |
| Audit Trail | A chronology of events built by a human being using sources such as the audit log and is written to be readable by non-technical people. | |
| Authentication | Confirms the identify of an individual who is trying to connect to and use a computer system. |
B
| Terminology | Abbreviation | Definition |
|---|---|---|
| Backdoor | Describes a hidden method of bypassing security to gain access to a restricted part of a computer system. | |
| Backup | To make a copy of data stored on a computer or server to reduce the potential impact of failure or loss. | |
| Biometric | A characteristic of your body which can be used to identify you e.g., your irises and your fingerprints. | |
| Blue Team | A security testing team that focuses on analysing systems and designing new or improved security mechanisms to defend the systems from attack. | |
| Botnet | A group of Internet-connected devices, each of which runs one or more bots. | |
| Brand protection | The act of preventing someone from illegally using a brand name or intellectual property owned by another company. | |
| Bring Your Own Device | BYOD | Being allowed to use one's personally owned device, rather than being required to use an officially provided device. |
| Brute-force attack | BFA | A hacking method that uses trial and error to decode passwords and encryption keys to gain unauthorised access into a network. |
| Buffer Overflow | A technique for hacking systems that injects more characters into a request than should be permitted, either causing the system to crash or injecting code into the target system to change its behaviour. | |
| Business Continuity Plan | BCP | A framework and procedure set that you build in order to maximise your chances of recovering from a security or data breach. |
| Business Impact Analysis | BIA | An assessment of all of your systems to estimate the negative effect on the organisation of a system being compromised or disabled. |
C
| Terminology | Abbreviation | Definition |
|---|---|---|
| Certificate Revocation List | CRL | A list of digital certificates which are no longer acceptable due to reasons such as the host being compromised and the private key stolen. |
| Certification Authority | CA | A respected organisation that issues digital certificates, which you can attach to your Web servers in order to prove your organisation's identity. |
| Challenge-Response | A basic means of authentication, where a system requests action from the user, and the user responds. | |
| Checksum | A calculation that's used to confirm the Integrity of a collection of data. | |
| Chief Information Officer | CIO | The head of information services within an organisation e.g., information processing and IT systems. |
| Chief Information Security Officer | CISO | The head of information security and cyber security in the organisation. |
| Chief Technology Officer | CTO | A senior executive who oversees the technology and engineering aspects of the organisation. |
| CIA | Confidentiality, Integrity and Availability: the three core pillars of cybersecurity. | |
| Cipher | Synonymous with Encryption Algorithm. | |
| Classified Information | Highly confidential information that pertains to, for example, national security. | |
| Clear text | Unencrypted information. | |
| Cloud computing | The practice of using a network of remote servers hosted on the Internet to store, manage, and process data. | |
| Collision | An instance in which an encryption or hash function produces the same output for two or more given sets of input. | |
| Common Vulnerability Scoring System | CVSS | An industry standard for assessing the severity of a vulnerability on a computer system and representing it as a 'score' between 0 (no risk) and 10 (severe risk). |
| Competency-based training | Training or education that is oriented toward teaching specific skills to a high level of ability rather than covering a wide range of skills to a lesser extent. | |
| Compromise | A successful penetration into a system by a hacker despite the security mechanisms defending it. | |
| Computer-based Training | Training or education that is delivered by the student accessing the materials via an electronic device rather than by interacting with an instructor. | |
| Configuration Management | A regime of recording, monitoring and regularly verifying the configuration of systems and applications to verify that changes that are made do not have unexpected security consequences. | |
| Cookie | A token embedded into Web pages that let the owner of the site you're connected to track your progress and remember you if you return. | |
| Critical National Infrastructure | CNI | An organisation that is important for the operation of a nation or state, if a cyber attack or outage occurred to these organisations, it would have potentially massive implications on the operation of the country. |
| Cross certificate | A certificate issued by a Certification Authority to sign the certificate of another Certification Authority. | |
| Cross site scripting | XSS | One of the most common vulnerabilities in web sites, and one that is straightforward to avoid with diligent development techniques. |
| Cryptographic Key | One of the three elements necessary when encrypting data. | |
| Cryptographic Strength | The level of difficulty in breaking a cryptographic system. | |
| Cyber Security | The defence of information held and processed on digital systems against unauthorised access, damage or misuse. | |
| Cyber Security as a Service | CSaaS | Outsourcing cybersecurity needs to third-party service providers. |
| Cyclic Redundancy Check | CRC | A method of error checking data by computing a function against the transmitted and received versions of data and comparing the results. |
D
| Terminology | Abbreviation | Definition |
|---|---|---|
| Data breach | When a company’s private data has been accessed by unauthorised people or removed from the company control. | |
| Data Encryption Standard | DES | A symmetric encryption algorithm devised in the 1970s. |
| Data Leakage Prevention | DLP | Software that prevents information that shouldn't be leaving your systems from doing so. |
| Decryption | Converting coded or encrypted data to its original form which allows information to be understood without an encryption key. | |
| Deep Packet Inspection | DPI | A method of examining the content of data packets as they pass by a checkpoint on the network, they may take actions accordingly. |
| Defence in depth | Employing several layers of protection to improve your chances of preventing someone from breaking into your systems. | |
| Demilitarised Zone | DMZ | A network that sits between the Internet and the secure LAN. |
| Denial of Service | DoS | A type of cyber-attack in which a malicious actor aims to render a computer or other device unavailable to its intended users by interrupting the device's normal functioning. |
| DevSecOps | A development regime in which the Operations and Security teams work with the Development teams throughout the project in order that the security team can provide constant, ongoing feedback to help developers get the operations and security aspects of the system right. | |
| Disaster Recovery Plan | DRP | A technical plan which gets systems back up and running in the event of a severe security attack or outage. |
| Distributed Denial of Service | DDoS | A type of security attack whereby the attacker exploits dozens, hundreds of thousands of systems around the world to target simultaneous attacks against a single organisation. |
| Domain | A group of connected computers which share account information and security policies. | |
| Domain-based Message Authentication, Reporting and Conformance | DMARC | A mechanism that allows senders and receivers to monitor and improve protection of their domain from fraudulent email. |
| DomainKeys Identified Mail | DKIM | An email authentication method designed to detect forged sender addresses in email. |
E
| Terminology | Abbreviation | Definition |
|---|---|---|
| Elliptic Curve Cryptography | ECC | Cryptography that is based upon the use of Elliptic Curve Algorithms. |
| Encryption | Coding used to protect your information from hackers. | |
| End user Device | Term to collectively describe modern smartphones, laptops and tablets that connect to an organisation's network. | |
| Endpoint | Any physical device that can be connected to a network. | |
| Endpoint detection and response | EDR | A solution which continuously monitors and mitigates potential threats in endpoint devices. |
| Exploit | A code that takes advantage of a software vulnerability or security flaw. |
F
| Terminology | Abbreviation | Definition |
|---|---|---|
| False positive | An instance in which a security system gives an threat alert that turns out to be incorrect. | |
| Firewall | A system designed to prevent unauthorised network traffic to or from a trusted network. | |
| Firmware | The low-level software in a computer or network device that drives the core operation. |
G
| Terminology | Abbreviation | Definition |
|---|---|---|
| Governance, Risk, and Compliance | GRC | These work together to ensure that an organisation’s systems are secure, reliable, and compliant with regulatory requirements. |
H
| Terminology | Abbreviation | Definition |
|---|---|---|
| Hacker | An individual who uses their IT skills to gain unauthorised access into a network. | |
| Hardening | Taking a default installation of a computer system and changing its configuration to make it more secure. | |
| Hash Function | A function that takes a Clear Text string and irreversibly converts it into a cryptic, fixed-length string. | |
| High availability | Implementation of a system using multiple devices so that if one fails, the others will automatically take over service. | |
| Honeypot | A cybersecurity mechanism that uses a manufactured attack target to lure cybercriminals away from legitimate targets. | |
| Host Intrusion Prevention System | HIPS | A system that runs on computers to identify and block intrusion attempts that somehow got through the firewall. |
I
| Terminology | Abbreviation | Definition |
|---|---|---|
| Inadvertent disclosure | Where someone unwittingly sends sensitive information outside the company systems. | |
| Incident | An unwanted or unplanned effect on the system(s) involved. | |
| Incident Response Plan | IRP | Largely synonymous with a Business Continuity Plan. |
| Industrial Control System | ICS | The control unit for a non-IT system, e.g., an air conditioning system or heavy machine plant. |
| Information owner | The individual who has accountability for a given collection of data. | |
| Information security | InfoSec | A subcategory that focuses on the practices, systems, and processes used to protect sensitive information. |
| Internal network | The network connecting all of an organisation's internal systems together. | |
| Internal security testing | Probing the Internal Network to see how susceptible it is to an attack. | |
| Internet | A global network connecting the vast majority of computer systems worldwide. | |
| Internet Protocol address | IP address | A numerical identifier for each device connected to a network which allows data and messages to be transferred from a device computer to a computer. |
| Internet of Things | IoT | A network of physical devices which can transfer data to one another without human intervention. |
| Intrusion Detection System | IDS | Software that watches for, and identifies, attempts to break into your systems. |
| Intrusion Prevention System | IPS | Similar an Intrusion Detection System but has extra features that can take action to attempt to stop the attack. |
| IP Security | IP Sec | A security mechanism for IP networks, most commonly used for VPN connections. |
L
| Terminology | Abbreviation | Definition |
|---|---|---|
| Least privilege | The principle of assigning every user with only the privileges they actually need to do their job, and no more. | |
| Link encryption | A situation in which the entire end-to-end connection between the sending endpoint and the receiving endpoint is encrypted in some way. | |
| Local Area Network | LAN | A collection of network-connected computers and other electronic systems that are all located within a specific location such as a home, office or other building. |
| Logic bomb | A piece of malicious code that's planted in a computer system and set to activate when certain conditions are met. |
M
| Terminology | Abbreviation | Definition |
|---|---|---|
| Machine Learning | ML | A type of AI by which computers find patterns in data or solve problems automatically without having to be explicitly programmed. |
| Macro virus | Malware that exploits the macro languages in popular applications such as word processor and spreadsheet software. | |
| Malicious code | An item of software designed to do something bad that the user wasn't expecting and which they didn't ask for. | |
| Malware | Any code written for the specific purpose of causing harm, disclosing information, or otherwise violating the security or stability of a system. | |
| Man-in-the-middle attack | MitM | A piece of Malware, or hardware device, is inserted between the sender and receiver of a piece of data and copies that data. |
| Message Digest 5 | MD5 | Hash function which is considered insecure owing to its susceptibility to collisions. |
| Multi-Factor Authentication | MFA | Provides a method to verify a user's identity by requiring them to provide more than one piece of identifying information. |
| Multilevel Security | MLS | Provides different users with different levels of permissions to access systems. |
| Mutual authentication | The act of two parties in a data exchange authenticating each other prior to transmission taking place. |
N
| Terminology | Abbreviation | Definition |
|---|---|---|
| Network | A collection of IT systems that interact with each other via electronic connections. | |
| Network Admission Control | NAC | A mechanism whereby the network infrastructure forbids a device from communicating until it has proven its identify and that its operating software and Anti-Malware Software are up to date. |
| Network Detection and Response | NDR | A solution which monitors network traffic through AI, ML, and behavioural analytics. |
| Network Functions Visualisation | NFV | A method to virtualise network services that have traditionally been run on proprietary hardware. |
| Network security | Protects networking infrastructure from data theft, unauthorised access, and manipulation. | |
| Network sniffing | The act of putting a monitor on a network and capturing/examining the traffic as it flies past. | |
| Next Generation Fire Wall | NGFW | A network security device that provides capabilities beyond a traditional firewall. |
O
| Terminology | Abbreviation | Definition |
|---|---|---|
| Operations Security | OpSec | The concept of taking a systemic, proactive approach to the operation of the security function in your organisation. |
| Outside threat | A threat posed by a system or individual outside your organisation's network and premises. | |
| Over-The-Air | OTA | An approach in which key exchange is carried out over the same path that the encrypted data is traversing. |
P
| Terminology | Abbreviation | Definition |
|---|---|---|
| Packet Filter | A mechanism that only allows specific types of traffic to and from specific addresses. | |
| Packet sniffer | The piece of software that does network sniffing. | |
| Password | A sequence of characters used by Users alongside their user IDs as part of the process of gaining access to a computer system. | |
| Password generator | An application that generates complex, hard-to-crack passwords for users. | |
| Password protected | A situation in which a system demands a password before it admits users. | |
| Patch | A program fix that eliminates a vulnerability that could potentially be exploited by a hacker. | |
| Patch management | A regime of regularly downloading and applying the patches required for your systems and monitoring patch currency. | |
| Penetration testing | Pen testers | Performs simulated cyberattacks on a company’s computer systems and networks. It detects security vulnerabilities and weaknesses before a hacker can exploit them. |
| Personal firewall | Security software that resides on an individual PC or other computer. | |
| Personal Identification Number | PIN | A passcode comprising only numeric digits, commonly used as authentication for users of credit and debit cards. |
| Personally Identifiable Information | PII | Data that identifies individuals and which can be used by intruders for nefarious purposes such as identity theft. |
| Pharming | A type of social engineering cyberattacks in which criminals redirect internet users trying to reach a specific website to a different, fake site. | |
| Phishing | A type of internet fraud that seeks to acquire a user's credentials by deception, commonly via email or brand impersonation. | |
| Port scanning | A simple test where a piece of software computer attempts to make every possible type of connection from the machine on which it is running to target machines, which identifies potential vulnerabilities in a system. | |
| Private key | One of the two cryptographic keys in a public key cryptography setup. | |
| Privilege | The rights that someone is granted to a computer system to control the types and levels of access they are given. | |
| Promiscuous mode | This mode means that the PC will accept everything that arrives rather than being filtered through. | |
| Protocol | A defined and agreed way of two systems interacting. | |
| Proxy | A system that makes requests to a server on behalf of the client. | |
| Public domain software | Software whose source code is released to the public at no charge, and which can be reused by anyone under the terms of a liberal set of licensing rules. | |
| Public key | The other of the two Cryptographic Keys in a Public Key Cryptography setup. | |
| Public key cryptography | A mechanism whereby each party in a data interchange advertises a public key for the other to use for encryption. |
R
| Terminology | Abbreviation | Definition |
|---|---|---|
| Radio Frequency Identification | RFID | A mechanism assets are given passive electronic tags that respond with a unique identifier when irradiated with radio waves. |
| Ransomware | A type of malware which prevents you from accessing your device and the data stored on it, usually by encrypting your files. | |
| Recovery Point Objective | RPO | The point in time to which the data on a system must be recovered in the case of a data loss. |
| Recovery Time Objective | RTO | The longest acceptable time between a system failing and it being returned to service such that it can be used, even if not optimally. |
| Red Team | A group of security specialists who analyse an organisation's systems by simulating cyber attacks on the system, in order to identify vulnerabilities that can then be mitigated. | |
| Remediation | Corrective action undertaken to fix or mitigate a security vulnerability. | |
| Remote access | A mechanism for users to access your organisation's systems from outside the organisation's premises. | |
| Replay attacks | An attack in which the attacker monitors and records traffic from your network then pushes the recording back into your system in order to break in or cause a problem. | |
| Risk assessment | The process of identifying and documenting risks that exist in an organisation. | |
| Risk mitigation | Reducing risk by making changes to systems, policies and/or processes. | |
| Rogue device | An unauthorised system on a network that is neither known to nor supported by the official IT team. | |
| Role-based Access Control | RBAC | A concept whereby access to systems and resources is based on the nature of the individual's role(s) rather than being attached to the individual him/herself. |
| Root Cause Analysis | RCA | Establishing the underlying issue that was the cause of a security incident or system outage. |
| Rootkit | A set of covert tools installed by an attacker to compromise the security of a computer system. |
S
| Terminology | Abbreviation | Definition |
|---|---|---|
| Sandboxing | Setting aside an area of a computer as a 'safe' place in which software can be run without risk of it infecting production systems. | |
| Secure Hash Algorithm | SHA | The most commonly used family of hash functions as there are no known vulnerabilities in the more recently devised SHA algorithms. |
| Secure Sockets Layer | SSL | An encryption-based Internet security protocol. |
| Security Assertion Markup Language | SAML | A standard protocol for authenticating user logins against computer systems. |
| Security as a Service | SECaaS | A cloud-based outsourced service wherein an outside company handles and manages your security. |
| Security Incident | An incident whose primary impact relates to security. | |
| Security Awareness Training and Testing | A formal process for educating employees about cybersecurity best practices to better navigate the many cybersecurity threats they may face at work and at home. | |
| Security Information and Event Management | SIEM | A log management tool which collects, stores, and searches through logs to track activity within your organisation. |
| Security policy | A statement detailing how the organisation wishes its staff to behave and its systems to operate in order to attain and preserve its desired level of security. | |
| Security posture | The state of an organisation's systems with regard to security, and the organisation's preparedness for response to a security incident. | |
| Sender Policy Framework | SPF | An email authentication method which ensures the sending mail server is authorized to originate mail from the email sender's domain. |
| Service Level Agreement | SLA | An agreement between a supplier and a customer that forms a framework for the provision of the services, often including security-specific requirements. |
| Short Message Service | SMS | A basic text messaging system used by mobile telephones. |
| Smishing | A social engineering attack that uses fake mobile text messages to trick people into downloading malware, sharing sensitive information, or sending money to cybercriminals. | |
| Sniffer | A piece of software for Network Sniffing. | |
| Split tunnelling | When a computer is connected to two networks at once. | |
| Social Engineering | A cyber attack technique that exploits human error or trust to gain access to sensitive information or systems. | |
| Software Defined Data Centre | SDDC | A data storage facility in which all infrastructure elements are virtualised and delivered as a service. |
| Software Defined Visibility | SDV | A framework that allows the deployment of security devices whilst being able to understand what type of data is flowing between these systems. |
| Spam | Unsolicited electronic messages sent to a large group of people. | |
| Spear phishing | A cyberattack method that hackers use to steal sensitive information or install malware on the devices of specific victims. | |
| Spoofing | A technique attackers use to appear to make their communications appear from a legitimate source. This is usually done in the form of a faux email address, or brand identify. | |
| Static key | A key that changes infrequently. | |
| Steganography | The science of communicating in such a way that hides the communication. | |
| Supervisory Control and Data Acquisition | SCADA | A controller module for a piece of equipment that would not usually be connected to the network (a generator, for instance or some other piece of plant machinery) so it can be monitored and/or controlled from a PC. |
| System administrator | The technical specialist who manages a computer system, and whose credentials are usually highly sought after due to their privilege. |
T
| Terminology | Abbreviation | Definition |
|---|---|---|
| Threat Monitoring | A type of solution which continuously monitors across networks and/or endpoints for security threats. | |
| Transport Layer Security | TLS | The successor of Secure Socket Layer (has had no known breaches yet). |
| Trap door | An algorithm that is very simply and quick to execute in one direction, and intractably hard and slow to execute in the other direction. | |
| Triple DES | 3DES | A development of the data encryption standard which is considerably more secure. |
| Trojan horse | A malicious program hidden inside an ostensibly innocuous one. | |
| Trusted certificate | A digital certificate that is trusted by the machine that is using it for identification, this is because it has been done by a reputable issuing organisation. | |
| Tunnelling | Sending data using one protocol through a connection established using another. | |
| Two Factor Authentication | 2FA | A mechanism for improving security by making users identify themselves by two means rather than one. |
V
| Terminology | Abbreviation | Definition |
|---|---|---|
| Virtual machine | VM | A software-based computer that runs on another computer. |
| Virtual Private Network | VPN | An encrypted internet connection to ensure safe data transmission from network devices. |
| Vulnerability | A weakness or deficiency in a computer system, or network that could be exploited by unauthorised parties or cyber criminals. | |
| Virus | A type of malware that is designed to infect legitimate software programs and replicates across networks when those programs are activated. | |
| Vulnerability | An aspect of a computer system or network that is susceptible to intrusion due to a flaw in design or programming. |
W
| Terminology | Abbreviation | Definition |
|---|---|---|
| Web Application Firewall | WAF | A system that examines inbound connections to an internet-connected system with the intention of blocking illicit requests so that such attacks do not reach the target system. |
| Web filtering software | Software that is put at the edge of your network to prevent users from accessing material on the Internet that is classed as threatening or otherwise unwanted. | |
| Wide area network | WAN | A network spread over a large area, typically a collection of Local Area Networks and other networks connected together. |
| Wi-Fi Protected Access | WPA | A mechanism for Wireless Local Area Network access which is considerably more secure than Wired Equivalent Privacy. |
| Wired Equivalent Privacy | WEP | A wireless encryption standard that is no longer considered usable as it is very insecure. |
| Wireless Application Protocol | WAP | An early form of mobile phone based data access, introduced in 1999 but obsolete today. |
Z
| Terminology | Abbreviation | Definition |
|---|---|---|
| Zero-day | Recently discovered exploits. | |
| Zero-day attack | An attack on a computer system which exploits a vulnerability of which the software or anti-malware vendor is not aware. | |
| Zero Trust Network Access | ZTNA | Secure access for remote users via authenticated controls. |
