Understanding Cybersecurity Jargon – A Glossary for Non-Techies

Scarce a day goes by without a news report of a cyberattack. It’s about protecting information-intensive systems from attack, theft, compromise, damage, and unauthorized use.

A system of standards ensures that only authorized persons can possess system content. It includes file and program permissions along with user authentication.

Authentication

Cybersecurity is the field dedicated to protecting this information and the systems used to store it. Like any other profession, there is also cybersecurity jargon and vocabulary.

As more business services become digitally available, verifying that a user is who they say they are becomes increasingly essential. This is the purpose of authentication, which pairs a username (or other user ID) with verified credentials like a password or biometric identifier such as a retina scan.

The more sensitive the information or applications under guard, the more thorough the authentication process. A basic example is logging into Facebook with a username and password. Accessing your banking website may require a more secure password or even a security code sent to your phone number as additional verification.

Another aspect of authentication is authorization, which verifies a user’s identity and permits them to use the system or application after they prove their identity. This is also where the principle of least privilege comes into play, as users shouldn’t be given more permissions than necessary, as this can open them up to abuse or theft by hackers.

Another aspect is the intrusion detection system (IDS), which monitors networks for various types of cyberattacks and notifies administrators or triggers a response, such as disconnecting a session or blocking an IP address. It’s a more passive security tool than a firewall, which detects attacks and prevents them from ever happening.

Encryption

Encryption converts readable text into a coded language only the intended recipient can decipher. It is a crucial technology for securing information and preventing data breaches, and it’s regularly used in everything from video chats to e-commerce.

Malware is malicious software that can damage or disrupt a computer system. It can come in various forms, including viruses, trojans, spyware, and worms. Some malware is distributed via phishing emails and websites that mimic legitimate services to steal personal information or access business networks.

A firewall is a software or hardware that monitors and filters inbound and outbound network traffic based on an organization’s created security policies. A firewall can be installed on a server, computer, or mobile device.

Cybersecurity is the set of rules and practices that help protect organizations and individuals from cyberattacks and other threats. Many cybersecurity experts argue that no organization can be completely secure against hackers and large-scale data breaches, so it is necessary to take preventive measures such as encryption. Encryption is a critical tool that helps organizations comply with data privacy regulations like the Gramm-Leach-Bliley Act for financial institutions and the Fair Credit Practices Act for retailers. It can also help them thwart unauthorized cybercriminals from accessing their valuable proprietary information and customer, client, and patient data.

Endpoint

Endpoint security is the set of security measures that protect end-user devices that connect to and interact with networks, including laptops, desktops, mobile phones, tablets, IoT sensors, and more. Cybercriminals are constantly finding new ways to exploit vulnerabilities in these systems, and businesses must be able to detect and mitigate threats as quickly as possible to prevent breaches.

The main challenge of securing these devices is that they aren’t connected to a central network, so monitoring and controlling them remotely can be difficult. This makes the need for practical, integrated endpoint security solutions even more critical, especially for businesses that allow employees to work from home or on the go.

While antivirus software may help prevent malware from infecting endpoints, it offers little protection against insider threats like unintentional file deletion or unauthorized access. Endpoint detection and response (EDR) solutions address these threats by using software and networking instruments to monitor all activity on a computer’s endpoint, looking for signs of malicious behavior, including phishing emails and drive-by downloads.

It’s essential to distinguish endpoint security from network security, which focuses on hardware and software that manages the integrity of the system housing it. It can include firewalls and encryption but may not have visibility into individual endpoints, mainly offsite or remote ones.

Ethical Hacking

Those with a curious mind and a taste for coding can pursue a career as an ethical hacker. Like a malicious hacker, an ethical hacker uses computer systems to identify gaps in cybersecurity. However, unlike the typical black hat hacker who exploits software vulnerabilities for personal gain, an ethical hacker obtains consent from the system owner to find flaws and improve security. Examples of this work include penetration testing and simulating phishing attacks.

The first step of hacking is reconnaissance or footprinting. This preparatory phase involves gathering as much information about the target as possible. This includes the target’s system configuration, hardware, and software. It can also include searching for passwords, essential details, and more.

Once an ethical hacker has a comprehensive picture of the target, they can begin the attack. This is typically done with penetration tools to scan for vulnerabilities. Once a breach is found, an attacker can manipulate data and systems to their advantage. This can include stealing files, uploading malware, and causing other problems with the system. Once the hackers are finished, they clear their tracks so they don’t get caught by an incident response or forensics team. The last thing they want is to be responsible for any damage or breaches they’ve created. These precautions may include editing, corrupting, or deleting logs and registry values.