The world of cyber security can often be an obscure one. So to provide some clarity and understanding here is a list of some common terms and their meaning.

A

APT - Advanced Persistent Threats - An advanced attack in which access is gained to an organisations network and then remains undetected for an extended period of time.

Application Security - Analysis and best practice for application coding to reduce future weakness.

C

Cyber Attack - A cyber attack is an attempt to steal data, damage assets or destroy a computer network.

Cyber Threat - A potential or imminent cyber attack.

Cyber Security - The protection of an organisations data, networks, hardware assets and software.

D

Data Breach - The intentional or unintentional release of secure, private or confidential information. Either to a specific threat actor with a goal to obtain it or to the general public for malicious damage to reputation.

Data Loss Prevention (DLP) - Automated monitoring typically of organisation email, internet access and file transfers to ensure there is no deliberate or accidental leakage of sensitive data.

Denial of Service - This is where an attacker floods an organisations systems with a view to overwhelm resources and bandwidth causing a collapse or slow down, meaning actual requests are unable to be fulfilled. A Distributed Denial of Service (DDoS) is when multiple compromised devices are used in a coordinated effort to achieve this at a much larger scale.

E

Endpoint Security - Server and workstation software installed to protect against Malware and APT.

F

File Integrity Monitoring -Monitoring of all files in a computer system to see if they have been changed. Shining a light on any unauthorised activity typically demonstrated by a virus.

Firewall Policy Governance & Assurance - Having firewalls in place is half the battle, ensuring they have the right rules, management and oversight is paramount.

H

Host Intrusion Management - Comprising of Host Intrusion Detection System (HIDS) which looks for suspicious activity and Host Intrusion Prevention System (HIPS) which actually blocks traffic.

I

Identity & Access Management - Management of all user access to both systems and applications. Enabling user access reviews (UAR's) and segregation of duties from an operational risk perspective.

Intrusion Detection System - A device or application that monitors for malicious activity or policy violations.

M

Malware - Forms of malicious code such as viruses, worms, trojans, spyware, ransomware, adware and other compiled code executable used to compromise systems.

Man in the middle attack - (MitM) attacks often referred to as 'eavesdropping' is when an attacker breaches a two party communication in order to steal information. This is quite commonly seen on public wifi which is unsecured.

P

Penetration Testing - Ethical hacking (often referred to as PEN testing) to understand vulnerabilities.

Phishing - Not to be confused with a nice day out on the water, but rather this is the use of fraudulent communications (such as a hoax email) to lure a victim in an organisation to click links containing malware compromising a system.

Privacy Impact Assessment - Assessment of level of privacy or sensitivity of client data held by an organisation.

Privileged access - High tier system and application access for those such as system and data administrators, compliance, operational risk teams and auditors.

R

Ransomware - This is when a malicious threat actor steals/accesses data and then encrypts it holding the owner of the data at ransom to unlock it so they can resume their business. Payment is usually requested in non-traceable form such as crypto-currency.

Red Teaming - An individual or team play an adversarial role using out of the box thinking to find any weakness in your organisation to achieve a goal often targeting social engineering, physical security breaches, process weakness and PEN testing to thoroughly test security.

Risk - Exposure to danger or hazards.

 

S

Secure Data Encryption & Key Management - Encryption of data both at rest and in transit (typically cryptographic encryption) and the corresponding security keys to decrypt said data.

Security Information & Event Monitoring (SIEM) - Typically real time monitoring of logs in order to identify threats to the network, endpoints and applications.

SOE & Non-SOE Workstation Security - Standard Operating Environment or Non- Standard Operating Environment - essentially the environment assigned to each laptop or desktop on your organisations network.

Supplier Security Assessment - The weakest link in the chain is most often the target by an attacker. A supplier security assessment reviews vendors and suppliers cyber security of your organisations data that is shared, stored and its use.

T

Threat Actor - Someone who is intends to carry out or is performing a cyber attack usually one of four; Nation states, organised crime, hacktivists or insiders.

Threat Landscape - The world of external environment potential threats or risks to your organisation.

Z

Zero-day exploit - A zero day is a vulnerability present since inception of a product. Once identified by a threat actor there is a window of time before these vulnerabilities are patched by an organisation using the product for them to target this weakness.