A Glossary of Common Cyber Security Terms
Attack Surface: Any software, application, or network has an attack surface which is the sum of all points where unauthorized users can try to access the data or steal it from that certain IT environment.
Cybercrime: An illegal action performed by criminals who target or use a computer or a computer network. Usually, cybercrimes are committed by cybercriminals most known as hackers, to earn money by targeting organizations, individuals, or groups.
Cyber Risk: Cybersecurity risk is a potential exposure of an IT network or a system environment that can result in extensive harm to critical assets or loss of sensitive data within an organization’s network.
Dark Web: Content within the global internet (world wide web) across overlay networks which requires special means of software, authorization, or configurations in order to access, allowing users to remain anonymous while browsing the public internet. The dark web is secured with extreme privacy and protection in mind and is designed to leave no trace leading back to the user.
External Attack Surface: The external surface is any exposed server or IoT device with a public-facing IP address, related to your organization that potential attackers could leverage to break into a network, gain access to corporate data and use your resources without authorization.
External Attack Surface Management: ‘EASM’ solutions are specially designed for organizations to gain instant visibility into all of the IT network exposed assets and its security posture with real-time and ongoing discovery of unknown risks and exposures. EASM solutions provide the ability to get an always up-to-date view of all your assets allowing organizations to fully maximize the current tools used by the organization.
Hacker: Hackers are known as technology & computer experts who use their proficiency with IT systems combined with unstandardized means to attain their goals or triumph any obstacles within a computer system or IT network for malicious reasons.
Known Assets: Assets an organization knows about, manages, and monitors on a daily basis. It includes servers, web-facing applications, and other services. These assets are usually used on a daily basis.
Ransomware: Ransomware is a form of malware attack executed by unauthorized actions. This approach is designed to deny organizations access to their files on their computer system by encrypting them and demanding ransom payment. The attackers demand ransom from the organization in exchange for the decryption keys, and in some cases to prevent the attackers from publishing data stolen from the organization’s network.
Remediation: A remediation plan is a series of procedures addressing a certain breach and also limiting the damage that breaches can cause a certain network or environment. A remediation plan is a guideline which for an organization must follow to overcome security incidents.
Risk Scoring: A cybersecurity risk analysis, designed to evaluate and measure potential risks for a specific network, combining the risk impact, the value of the assets at risk, and the probability of an attack.
Security Breach: Any incident that results in a sort of unauthorized access to network data, application, or device is called a security breach. This means that secure information can be intentionally or unintentionally accessed.
Shadow IT: Implemented resources or applications that are unknown or unapproved by the IT department within the organizations’ network, is called Shadow IT. These assets refer to computer services, hardware devices, or cloud services of any kind that were installed inside the IT environment of an organization without the IT division knowing about its existence.
Unknown Assets: A major part of an organization’s “unofficial perimeter”. These assets are not part of the organization’s formal external profile. Here you may find various test servers, IoT devices, login pages, and temporary services that are exposed either by accident, misconfiguration (often default settings), or by human error, for example, a user forgetting to take them down when deprecating or replacing them with newer services.
Unofficial Perimeter: Every exposed server and IoT device which are not being marked as official and recognized by an organization as official will be identified as part of its unofficial network perimeter. Inside the unofficial perimeter are assets like shadow IT-related services, phishing sites, and staging environments.
Vulnerability: Vulnerability refers to any weakness a computer system or a network has that can be exploited by hackers/ cybercriminals in order to gain illegitimate access and compromise sensitive data. Once organizations are familiar with its vulnerabilities, security teams must work fast to patch them or face potential cyberattacks.
Vulnerability Management: Vulnerability management is the process performed for identifying, classifying, prioritizing, and reporting security software vulnerabilities. Vulnerability management is a proactive approach of looking for weaknesses by scanning networks and identifying vulnerabilities and providing remediation suggestions to mitigate the potential of security breaches so organizations can stay ahead of attackers.