Cybersecurity Terminology
Cybersecurity is rife, or filled, with terminology that is industry specific, so navigating some cybersecurity articles can be difficult, especially if the terminology is not defined. There is also a plethora, or large number, of acronyms to remember, which can make reading difficult or frustrating.
The goal of this article is to give you a one-stop-shop for most of the terminology that you will need for cybersecurity. The terminology expands every year as the landscape of cybersecurity is constantly shifting, so this list will be updated from time to time to stay up to date.
This extensive list of definitions will take you through cybersecurity terminology organized by topic. If you are in a hurry to find the term you are looking for, remember you can always press “Ctrl + F” for easy searching. Here is an index of what to expect in this article:
1. Types of Hackers
2. Threat Types
3. Defensive Measures
4. Compliance and Standards
5. Roles and Responsibilities
6. Emerging Technologies
Types of Hackers
White hat hacker
An ethical hacker that uses their cybersecurity skills to find vulnerabilities in systems with permission in a legal setting
Black hat hacker
An illegal hacker that infiltrates networks with malicious intent, such as to steal data, deploy malware, or cause a denial of service
Grey hat hacker
In between a white and black hat hacker, this hacker may violate ethical standards or laws but generally doesn’t have malicious intentions
Blue hat hacker
1) A security professional invited by a company to test the security of a system before it launches (professional community)
2) A hacker that is seeking vengeance for someone who has wronged them (hacking community)
Red hat hacker
A hacker that seeks out black hat hackers to disrupt their operations while using aggressive methods that skirt what’s legal
Green hat hacker
A novice hacker that is still inexperienced but is known for their willingness to learn to write their own scripts
Script Kiddie
A unskilled hacker that just uses existing scripts or code to hack into systems and lacks the understanding of how to write their own scripts
Hacktivist
A hacker that uses their skills for social or political causes
Nation-state hacker
A hacker that is employed by a (shadow) government to infiltrate other countries’ systems generally for espionage or sabotage
Corporate hacker
A hacker that is hired by a corporation to hack into their competitors’ systems to conduct espionage or protect against espionage
Threat Types
Malware
A malicious program/software that is designed to damage, disrupt, or gain unauthorized access to computer systems
Virus
A type of malware that attaches itself to clean files and spreads throughout a computer system, infecting other files with malicious code
A secret or hidden way to bypass normal authentication or encryption in a computer system, a product, or an embedded device. Backdoors allow unauthorized access to a system, often without the knowledge of the system’s user or owner.
Trojan horse (Trojans)
A type of malware that disguises itself as a legitimate program/software
Worm
A type of malware that replicates itself and spreads to other computers, typically without any user interaction
Spyware
A type of malware that secretly observes the computer user’s activities without permission and reports it to the program’s author
Adware
A type of malware that is often bundled with free software, and it displays advertisements and can track browser activities
Ransomware
A type of malware that encrypts the victim’s data/system with the attacker demanding a random be paid, usually in cryptocurrency, to restore access to the data upon successful payment
Fraudulent communication that appears to come from a reputable source, generally through email, which aims to steal sensitive data like login information or credit card details
A highly targeted phishing attempt where the attacker chooses its target carefully and crafts a well-designed phishing email
Whaling
A spear phishing attempt that is designed to go for high-level executives or high-profile targets within businesses
Rootkit
A type of malware designed to gain administrative-level control over a computer system without being detected
Botnet
A network of private computers infected with malicious software and is controlled as a group without the owner’s knowledge to send spam or launch DDoS attacks
DDoS attack (Distributed Denial of Service)
An attempt to crash a website, server, or online service by overwhelming it with a flood of internet traffic
SQL Injection
A type of attack that exploits weak security in database-driven software, allowing an attacker to interfere with queries and manipulate existing data
Zero-Day Exploit
An attack that targets a previously unknown vulnerability in software before the vendor has become aware and is able to patch it
Cross-Site Scripting (XSS)
A security breach that occurs when attackers use vulnerable web applications to inject malicious scripts into content from other websites
Man-in-the-middle Attack
An attack where the attacker intercepts and possibly alters communication between two parties who believe they are communicating directly with each other
Drive-by Attack
Unauthorized downloading of malicious code to your devices when visiting a website, often without any user intervention
Cryptojacking
Malicious crypto mining that occurs when an attacker uses a victim’s computing resources to mine cryptocurrency for financial gain without the user’s consent
Man-in-the-Browser Attack
A security breach that infects a web browser and manipulates its actions to steal information
Credential Reuse
When cybercriminals use stolen credentials to gain access to individuals’ accounts across multiple services
APT (Advanced Persistent Threat)
A prolonged and highly targeted cyberattack in which the attacker gains access to a network and remains undetected for an extended period of time
Eavesdropping Attack
An attack where the attacker intercepts private communications or data as it is being transmitted over computer networks
An attacker injecting, deleting, or altering logs to hide their true intent
Insider Threats
Current or former employees or contractors who have access to a network to misuse their credentials to steal data or sabotage the system
IoT Attacks (Internet of Things)
Attacks targeting IoT devices like smart thermostats, smart locks, home security devices, etc., which are not often regularly updated or secured by default
Defensive Measures
Network security devices that monitor and control incoming and outgoing network traffic based on predetermined security rules
Antivirus/Antimalware software
Programs designed to detect, prevent, and remove malware including viruses, worms, and trojans
Encryption
The process of encoding data to prevent unauthorized access, making the data only readable to those with the decryption keys
Multi-factor Authentication (MFA)
Security processes that require a user to provide multiple forms of indemnifications before gaining access to an account or system
A service that encrypts internet traffic and disguises online identity through connections through different routers around the world to make it more difficult for third parties to track activities or steal data
Data Backup and Recovery
The process of creating and storing copies of data that can be used to protect organizations against data loss
Security Information and Event Management (SIEM)
Tools that provide real-time analysis of security alerts generated by applications and network hardware (pronounced “SIM”)
Intrusion Detection System (IDS)
Tools that monitor a network or system for malicious activities or policy violations
Intrusion Prevention System (IPS) / Intrusion Detection Prevention System (IDPS)
Tools that not only monitor a network or system, like the IDS, but also take preventative actions against identified threats
Patch Management
The process of managing updates of software that include acquiring, testing, installing multiple patches, or code changes, to systems
Endpoint Security
The process of securing various endpoints on a network, often defines as end-user devices such as mobile devices, laptops, and desktop PCs
Secure Wi-Fi
Protecting wireless networks by using strong encryption protocols like WPA2 or WPA3 to prevent unauthorized access and eavesdropping
Security Audits
Regular evaluations of security policies, procedures, and practices to ensure they defends against attacks effectively
Security Awareness Training
Educating employees about the various security threats and the company’s policies and procedures for addressing them
Data Loss Prevention (DLP)
Technologies and policies designed to prevent sensitive data from leaving an organization
Network Segmentation
Dividing a computer network into subnetworks, each being a network segment, to improve performance and security
Access Control
The selective restriction of access to a place or other resource, allowing access only to users who are authorized
Identity and Access Management (IAM)
Frameworks for business processes that facilitate the management of electronic identities (IAM systems can be used to initiate, capture, record, and manage user identities and their related access permissions in an automated way)
Web Filtering
The practice of blocking access to web content based on particular criteria, often used to prevent access to harmful or sensitive content
Mobile Device Management (MDM)
Security software used by IT departments to monitor, manage, and secure employees’ mobile devices that are deployed across multiple mobile service providers across multiple mobile operating systems
Penetration Testing
An authorized simulated attack on a computer system to evaluate the security of that system
Zero Trust Architecture
A security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they on the premises or not
Tokenization
The process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security
Secure Software Development Life Cycle (SSDLC)
A process that ensures security is built into the development of applications from the beginning
Application Whitelisting
A security approach which only allows specified applications to run on a system and blocking all others by default
Physical Security Controls
Measures to protect physical IT assets and infrastructure from physical actions and events that could cause serious loss or damage
Compliance and Standards
An international standard for managing information security
GDPR (General Data Protection Regulation)
A European regulation that sets guidelines for the collection and processing of personal information from individuals who live in the European Union
HIPAA (Health Insurance Portability and Accountability Act)
A U.S. law designed to provide privacy standards to protect patients’ medical records and other health information provided to health plans, doctors, hospitals, and other health care providers
PCI DSS (Payment Card Industry Data Security Standard)
Security standards for organizations that handle branded credit cards from the major credit card companies, which is also designed to secure credit and debit card transactions against data theft and fraud
A U.S. law that sets requirements for all U.S. public company boards, management, and public accounting firms, aimed at improving the accuracy and reliability of corporate disclosures
FISMA (Federal Information Security Management Act)
U.S. legislation that defines a comprehensive framework to protect government information, operations, and assets against natural or man-made threats
Developed by the U.S. National Institute of Standards and Technology to guide organizations in managing and reducing cybersecurity risk
CCPA (California Consumer Privacy Act)
A state statute intended to enhance privacy rights and consumer protections for residents of California, USA
A U.S. federal law that requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data
CIS Critical Security Controls
A set of actions for cyber defense that provide specific and actionable ways to stop today’s more pervasive and dangerous attacks
COBIT (Control Objectives for Information and Related Technologies)
A framework for IT management and IT governance that is a supportive tool for managers and allows bridging the gap between control requirements, technical issues, and business risks
ITIL (Information Technology Infrastructure Library)
A set of detailed practices for IT service management (ITSM) that focuses on aligning IT services with the needs of businesses
FERPA (Family Educational Rights and Privacy Act)
A U.S. federal law that protects the privacy of student education records
CMMC (Cybersecurity Maturity Model Certification)
The U.S. Department of Defense’s (DOD’s) certification process that measures a company’s ability to protect Federal Contract Information and Controlled Unclassified Information
NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection)
A set of requirements designed to secure the assets required for operating North America’s bulk electric system
DFARS (Defense Federal Acquisition Regulation Supplement)
A set of regulations that the Department of Defense (DOD) contractors must follow to ensure that all data is protected
HITECH (Health Information Technology for Economic and Clinical Health Act)
Legislation created to simulate the adoption of electronic health records and supporting technology in the United States
ePrivacy Directive (EU Cookie Law)
A European Union directive that requires websites to get permission from users before storing or retrieving personal information on a user’s computer or mobile device
NYDFS Cybersecurity Regulation (23 NYCRR 500)
A regulation from the New York Department of Financial Services that places cybersecurity requirements on all covered financial institutions
MAS TRM Guidelines (Monetary Authority of Singapore Technology Risk Management)
Guidelines set forth by Singapore’s central bank on the management of technological risks
AGID (Agenzia per l’Italia Digitale) Guidelines
Italian standards for the digitization of public sector agencies across Italy, emphasizing data protection, digital identity, and operational security
APPs (Australian Privacy Principles)
Principles that govern standards, rights, and obligations around the acquisition, use, and disclosure of personal information in Australia
POPI Act (Protection of Personal Information Act)
A South African data protection law designed to protect personal information processed by public and private bodies
Roles and Responsibilities
Chief Information Security Officer (CISO)
A senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems, and assets from both internal and external threats
Security Analyst
Responsible for protecting computer systems by monitoring, detecting, investigating, analyzing, and responding to security events
Security Architect
Designs, builds, and oversees the implementation of network and computer security for an organization
Network Security Engineer
Focuses on protecting the company’s computer systems and networks from threats, primarily by designing secure infrastructure and defending against real-time attacks
Penetration Tester (Ethical Hacker)
Simulates cyber-attacks against the company’s network to find exploitable vulnerabilities
Security Software Developer
Develops security software and integrates security into applications software during the design and development process
Cryptographer
Creates algorithms, ciphers, and security systems to encrypt sensitive information
Security Consultant
Provides expert advice on a variety of information security topics, including risk management, security strategies, and compliance
Incident Responder
Manages the initial response to security breaches, conducts a technical and forensic investigation into how the breach happened and the extent of the damage, and works to remediate the issue
Vulnerability Assessor
Scans, researches, analyzes, and reports on the security posture of an organization’s IT infrastructure
Chief Compliance Officer (CCO)
Ensures corporate compliance with regulatory requirements and internal policies, often focusing on issues like data security and privacy laws
Forensic Expert
Specializes in recovering data from digital devices and handling evidence to aid in the prosecution of cybercriminals in court
Security Administrator
Installs and manages organization-wide security systems and ensures system security controls are maintained according to the organization’s guidelines
IT Security Engineer
Designs and implements security systems to provide protection against cyber threats, vulnerabilities, and breaches
Security Auditor
Conducts detailed audits on an organization’s security policies and procedures to ensure they meet all specified standards
Information Assurance Analyst
Ensures that data isn’t lost when critical issues arise, which can include natural disasters, power outages, or cyber-attacks
Security Specialist
Focuses on a specific area of security such as network, information, or application security, often as a part of broader IT or cybersecurity teams
Governance, Risk Management, and Compliance (GRC) Officer
Develops strategies to manage the risks and compliance issues of the organization, often bridging the gap between the IT security and legal compliance teams
Malware Analyst
Studies malicious software, such as viruses and worms, that infects computers, understanding how they behave and developing strategies to combat them
Cybersecurity Trainer
Educates company employees about basic security compliance protocols and best practices to minimize risk
Data Protection Officer (DPO)
An enterprise security leadership role required by the General Data Protection Regulation (GDPR) and is responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements
Application Security Developer
Focuses specifically on building security into applications during the development phase to prevent vulnerabilities
System Security Administrator
Manages user credentials and helps develop organizational policies for the usage of their network resources
Cloud Security Architect
Specializes in securing cloud-based platforms, including designing cloud software and networks that are resistant to the threats specific to cloud computing environments
Emerging Technologies
Artificial Intelligence (AI)
The simulation of human intelligence processes by machines, especially computer systems, which includes learning, reasoning, and self-correction
Machine Learning (ML)
A subset of AI that provides systems the ability to automatically learn and improve from experience without being explicitly programmed
Blockchain
A decentralized digital ledger that records transactions across many computers in such a way that the registered transactions cannot be altered retroactively
Quantum Computing
A type of computing that uses quantum-mechanical phenomena, such as superposition and entanglement, to perform operations on data, potentially processing complex data at speeds unattainable by classical computers
Internet of Things (IoT)
The network of interconnected devices that communicate with each other through the Internet, enabling devices to send and receive data
5G Technology
The fifth generation of cellular network technology, offering higher speeds and more reliable internet connections on mobile devices and other new technologies
Augmented Reality (AR)
An interactive experience of a real-world environment where objects in the real world are enhanced by computer-generated perceptual information
Virtual Reality (VR)
A simulated experience that can be similar to or completely different from the real world, using VR headsets to generate realistic images, sounds, and other sensations
Edge Computing
A distributed computing paradigm which brings computation and data storage closer to the location where it is needed, to improve response times and save bandwidth
Autonomous Vehicles
Vehicles capable of sensing their environment and moving safely with little or no human input
3D Printing
The construction of a three-dimensional object from a Computer Aided Design (CAD) model or a digital 3D model, also known as additive manufacturing
Smart Grids
Electricity supply networks that use digital communications technology to detect and react to local changes in usage, improving the efficiency and reliability of electricity distribution
Biotechnology
The use of living systems and organisms to develop or make products, or any technological application that uses biological systems to make or modify products or processes for specific use
Nanotechnology
The manipulation of matter on an atomic, molecular, and supramolecular scale, often used for the development of devices within fields such as medicine, electronics, biomaterial
Robotic Process Automation (RPA)
The technology that allows anyone today to configure computer software, or a “robot” to emulate and integrate the actions of a human interacting within digital systems to execute a business process
Cyber Physical Systems (CPS)
Systems controlled or monitored by computer-based algorithms, tightly integrated with the internet and its users
Genetic Engineering
The direct manipulation of an organism’s genes using biotechnology, a set of technologies used to change the genetic makeup of cells to produce improved or novel organisms
Renewable Energy Technologies
Technologies that generate energy from resources that are naturally replenishing such as solar, wind, and hydroelectric power
Neural Networks
Computer systems modeled on the human brain and nervous system that are designed to recognize patterns and perform tasks like classification and prediction
Digital Twins
Digital replicas of physical devices that data scientists and IT pros can use to run simulations before actual devices are built and deployed
Voice Recognition Technology
Technology that can recognize spoken words, which can then be converted to text or used to perform commands on a device
Wearable Technology
Electronic technologies or devices incorporated into items that can be comfortably worn on a body, often used for tracking health and fitness data
Extended Reality (XR)
A term referring to all real-and-virtual combined environments and human-machine interactions generated by computer technology and wearables, encompassing VR, AR, and mixed reality (MR)
If you found this article helpful, I would appreciate an appluad or a share as it helps me stay motivated and create more useful content. Please comment on the article if you have any questions or would like further information (or if I missed something). Never stop learning! Have a great day, everyone.
Connect with Me on LinkedIn
I am always looking to expand my network in the cybersecurity community, so add me on LinkedIn, and let’s chat!
Buy Me A Coffee
If you appreciated the article or learned something valuable, consider buying me a coffee via the button below. Supporting me helps me stay motivated to write great educational content for everyone. No pressure, but I sincerely thank everyone that helps out. If you have any topics you would like covered, write them in a note, and I will try my best to write an insightful article for you.