Cyber Security Terms

A Glossary of Common Cyber Security Terms

A

Attack Surface: Any software, application, or network has an attack surface which is the sum of all points where unauthorized users can try to access the data or steal it from that certain IT environment.

C

Cybercrime: An illegal action performed by criminals who target or use a computer or a computer network. Usually, cybercrimes are committed by cybercriminals most known as hackers, to earn money by targeting organizations, individuals, or groups.

Cyber Readiness: Cyber readiness or risk readiness is known as the processes that organizations go through to integrate security measures across its whole IT infrastructure. This process continuously monitors the potential threats and exposures and also logs every activity going in and out of the network.

Cyber Risk: Cybersecurity risk is a potential exposure of an IT network or a system environment that can result in extensive harm to critical assets or loss of sensitive data within an organization’s network.

D

Dark Web: Content within the global internet (world wide web) across overlay networks which requires special means of software, authorization, or configurations in order to access, allowing users to remain anonymous while browsing the public internet. The dark web is secured with extreme privacy and protection in mind and is designed to leave no trace leading back to the user.

E

External Attack Surface: The external surface is any exposed server or IoT device with a public-facing IP address, related to your organization that potential attackers could leverage to break into a network, gain access to corporate data and use your resources without authorization.

External Attack Surface Management: ‘EASM’ solutions are specially designed for organizations to gain instant visibility into all of the IT network exposed assets and its security posture with real-time and ongoing discovery of unknown risks and exposures. EASM solutions provide the ability to get an always up-to-date view of all your assets allowing organizations to fully maximize the current tools used by the organization.

H

Hacker: Hackers are known as technology & computer experts who use their proficiency with IT systems combined with unstandardized means to attain their goals or triumph any obstacles within a computer system or IT network for malicious reasons.

K

Known Assets: Assets an organization knows about, manages, and monitors on a daily basis. It includes servers, web-facing applications, and other services. These assets are usually used on a daily basis.

O

official Perimeter: official perimeter or registered perimeter is an IP address that is publicly known and registered to your organization’s IT network. The official perimeter is part of an organization’s asset inventory, which holds the current exposed services of a specific network.

P

Penetration test:  Also known as ‘pen test’, is a well planned and controlled cyber attack on a computerized system or IT network, performed by a pen tester (also known as a white hat hacker), in order to find security vulnerabilities and asset exposures. The scope of a pen test might be a specific subset of an organization’s infrastructure. It might be conducted to simulate an external attack, or check security measures for when an attacker has already gained initial access to the organization.
Phishing:  A social engineering attack, meant to trick a target into accessing / logging into / providing information that could later be used for other purposes. These types of attacks typically leverage previous knowledge of the target’s habits, interests, and workflow to blend with the actual content a user is exposed to and not raise any suspicion. These attacks are often conducted on a large scale, assuming that even if 1 out of 1,000 employees opens the email, the entire organization is still compromised.

R

Ransomware: Ransomware is a form of malware attack executed by unauthorized actions. This approach is designed to deny organizations access to their files on their computer system by encrypting them and demanding ransom payment. The attackers demand ransom from the organization in exchange for the decryption keys, and in some cases to prevent the attackers from publishing data stolen from the organization’s network.

Red Team Engagement: An external test meant to simulate a real-life attack on the organization. Red Teams approach the engagements the same way an actual Black-hat hacker would, using the same tools and methods. Red teams will have a previously agreed upon objective to achieve (get the company source code, steal all the customer’s data, etc.) that will be defined by the organization (usually CISO/CTO). Another condition defining the engagement will be “Black-Box” (the red team has no prior knowledge of the target) or “White-Box” (the red team has been provided with a certain amount of data on the target.

Remediation: A remediation plan is a series of procedures addressing a certain breach and also limiting the damage that breaches can cause a certain network or environment. A remediation plan is a guideline which for an organization must follow to overcome security incidents.

Risk Scoring: A cybersecurity risk analysis, designed to evaluate and measure potential risks for a specific network, combining the risk impact, the value of the assets at risk, and the probability of an attack.

S

Security Breach: Any incident that results in a sort of unauthorized access to network data, application, or device is called a security breach. This means that secure information can be intentionally or unintentionally accessed.

Shadow IT: Implemented resources or applications that are unknown or unapproved by the IT department within the organizations’ network, is called Shadow IT. These assets refer to computer services, hardware devices, or cloud services of any kind that were installed inside the IT environment of an organization without the IT division knowing about its existence.

Spear- Phishing: a subset of Phishing, this type of attack is more targeted and often tailor-made to a specific person. This requires much deeper research into the target, its relations, interests, and very often weaknesses.

U

Unknown Assets: A major part of an organization’s “unofficial perimeter”. These assets are not part of the organization’s formal external profile. Here you may find various test servers, IoT devices, login pages, and temporary services that are exposed either by accident, misconfiguration (often default settings), or by human error, for example, a user forgetting to take them down when deprecating or replacing them with newer services.

Unofficial Perimeter: Every exposed server and IoT device which are not being marked as official and recognized by an organization as official will be identified as part of its unofficial network perimeter. Inside the unofficial perimeter are assets like shadow IT-related services, phishing sites, and staging environments.

V

Vulnerability: Vulnerability refers to any weakness a computer system or a network has that can be exploited by hackers/ cybercriminals in order to gain illegitimate access and compromise sensitive data. Once organizations are familiar with its vulnerabilities, security teams must work fast to patch them or face potential cyberattacks.

Vulnerability Management: Vulnerability management is the process performed for identifying, classifying, prioritizing, and reporting security software vulnerabilities. Vulnerability management is a proactive approach of looking for weaknesses by scanning networks and identifying vulnerabilities and providing remediation suggestions to mitigate the potential of security breaches so organizations can stay ahead of attackers.

Interested in hearing more news and content on Reposify?

Sign Up for Our Newsletter