Cyber Security -General Terms
Script kiddie
A person who uses existing computer scripts or code to hack into computers, lacking the expertise to write their own.
Cyber kill chain
A phase-based model to describe the stages of an attack, which also helps inform ways to prevent such attacks.
White Hat Hacker
A white hat hacker is a computer security specialist who breaks into protected systems and networks to test and asses their security. White hat hackers use their skills to improve security by exposing vulnerabilities before malicious hackers (known as black hat hackers) can detect and exploit them.
Threat agent
An individual or group that can manifest a threat. It is fundamental to identify who would want to exploit the assets of a company, and how they might use them against the company. Threat Agent = Capabilities + Intentions + Past Activities.; person who has the abilty for a threat
Insiders
An insider is a malicious hacker (also called a cracker or a black hat) who is an employee or officer of a business, institution, or agency. The term can also apply to an outside person who poses as an employee or officer by obtaining false credentials. The cracker obtains access to the computer systems or networks of the enterprise, and then conducts activities intended to cause harm to the enterprise.
Threat vector
An threat vector is a path or means by which a hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities
Authentication
Authentication is any process by which a system verifies the identity of a User who wishes to access it. Since Access Control is normally based on the identity of the User who requests access to a resource, Authentication is essential to effective Security.
BYOD
Bring your own device. Can be critical as networks need to be protected from attacks from personal computers.
Cybercrime
Criminal activity or a crime that involves the Internet, a computer system, or computer technology: identity theft, phishing, and other kinds of cybercrime.
Authorization
The action of giving permission to access information.
Information security
The set of business processes that protects information assets regardless of how the information is formatted or whether it is being processed, is in transit or is being stored.
Gray Hat Hacker
The term "grey hat" refers to a computer hacker or computer security expert who may sometimes violate laws or typical ethical standards, but does not have the malicious intent typical of a black hat hacker.
Cyberterrorist
the politically motivated use of computers and information technology to cause severe disruption or widespread fear in society.
Physical security
Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism.
Asset
Property owned by a person or company, regarded as having value and available to meet debts, commitments, or legacies.
Cyber security
Protection against the criminal or unauthorized use of electronic data, or the measures taken to achieve this.
Risk transference
Risk Transference refers to the shifting of the burden of loss for a risk to another party through legislation, contract, insurance or other means.
Risk mitigation
Risk mitigation is defined as taking steps to reduce adverse effects. There are four types of risk mitigation strategies that hold unique to Business Continuity and Disaster Recovery. It's important to develop a strategy that closely relates to and matches your company's profile.
Hacktivist
A computer hacker whose activity is aimed at promoting a social or political cause.
Black Hat Hacker
A black hat hacker is an individual with extensive computer knowledge whose purpose is to breach or bypass internet security. Black hat hackers are also known as crackers or dark-side hackers. The general view is that, while hackers build things, crackers break things.
