Cyber security
Mitigate
To lessen an impact, for example, the impact of a cyber security incident or a risk.
Signature based
A digital signature is code that is attached to an electronically transmitted document to verify its contents and the sender's identity.
Hacking
A method of gaining unauthorised access to a computer system/network.
Penetration testing
A software tool that tests a computer system/network to find vulnerabilities that could be exploited by an attacker.
Attacker
Individuals or organisations that target computer systems/networks illegally.
Integrity
Integrity of data aims to protect data from unauthorised modification.
Encryption
A method that is used to attempt to ensure data security by use of encrypted (secret) code. In order to read the contents of an encrypted message or file, someone must have access to a secret key or password that will enable them to decrypt the message or file.
Fuzzing
A method that is used to test the security of software.
Botnet
A network of computers infected with malicious software and controlled without the owners' knowledge, for example, to send spam or hoax emails.
Disaster recovery plan
A plan that documents a set of procedures for an organisation to follow in order to recover and protect a computer system and its data in the event of a cyber security incident.
Business continuity plan
A plan to continue operations that an organisation will follow if it is affected by a cyber security incident
Audit trail
A record of activities on a computer system/network, for example, a record of modifications to data or access to parts of a system/network.
Cyber security incident report
A report that documents the details of a cyber security incident, such as the type of incident, when it occurred, how it was performed, etc.
Account lockout
A software security method performed by operating system software that locks any account when a user fails a login attempt more than a set number of times. For example, system software can be set up to lock an account for several hours if the user fails the login three consecutive times in a set time frame.
Risk
A threat to a computer system/network can result in a risk, for example, if a hacker gains access to a person's computer, there is a risk that data will be stolen.
Biometric access
Access to a computer system/network using technologies that measure and analyse human body characteristics for authentication purposes, such as DNA, fingerprints, retinas, voice patterns, facial patterns and hand measurements.
Patch management
Acquiring, testing and installing code changes or patches to software on a computer system/network.
Threat
An action that when performed on a computer system/network can cause destruction or disruption, for example, a hack or malware.
Denial of service
An attempt to disrupt a network/business/organisation by issuing more requests than a system is able to cope with, it can be performed with malicious intent or as a protest.
Phisher
An individual that attempts to acquire personal information, often for malicious reasons, such as fraud, by pretending to be a known and trusted individual or organisation.
Scammer
An individual who attempts to gain, for example, money from another person by fraudulent means enabled by the use of computers and the Internet.
Ethical hacking
An individual who attempts to penetrate a computer system/network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit. He or she is also known as a white hat hacker. He or she can also work alone.
Cyber criminal
An individual who commits illegal activities using computers and the Internet.
Vulnerability broker
An individual who exploits a vulnerability or weakness in a computer system/network for gain, for example, a hacker.
Hacker
An individual who gains unauthorised access to a computer system/network.
Hacktivist
An individual who gains unauthorised access to computer system/network for social or political purposes.
Script kiddie
An individual who uses existing computer scripts or codes to hack into computer systems. They do not have the expertise to write their own code.
Insider
An individual working inside an organisation, a trusted employee, who performs an illegal action, such as hacking.
Cyber security incident
An unwanted/unexpected event, such as an intrusion into a computer system/network, such as the spread of malware.
Availability
Data/information stored on a computer system/network must be available to authorised users and organisations and be protected from unauthorised deletion.
Honeypot
Decoy servers or computer systems that are set up to gather information on intruders or attackers of computer systems/networks.
Non repudiation
Ensures that an individual cannot deny the authenticity of their signature on a document or the sending of a message that they sent.
Escalation of privileges
Exploiting a weakness or weaknesses in an operating system or software application, such as a bug, design flaw or configuration oversight and gaining elevated access to resources that are normally protected.
Unauthorised access
Gaining access into a computer system/network illegally.
Social engineering
Hackers use this non-technical method to access computer systems/networks without authorisation. It involves fooling people into breaking normal security procedures, such as guarding their passwords and relies on manipulating the good nature of individuals.
Cyber dependant
Illegal activities dependent on the use of computers and the Internet, such as hacking or the distribution of malware on a network.
Cyber enabled
Illegal activities that could be undertaken without the use of computers, such as fraud but that are enabled by the use of computers, such as fraudulently obtaining money for goods online.
Confidentiality
Information stored on a computer system/network must be protected against unintended or unauthorised access. Data confidentiality is a measure of the ability of a system to protect its data.
Vulnerability
Is a weakness in a computer system/network that can be exploited by a threat, for example, out of date anti-malware software can result in the threat of a malware attack. If a computer system/network's vulnerabilities can be found and dealt with, this will help to minimize threats and risks.
Virus
Malicious software which is capable of copying itself and corrupting computer systems/networks or destroying data.
Spyware
Malware software that is designed to obtain covert information about someone else's computer activities by transmitting data covertly, from their hard drive, for example key logging software.
Access management
Managing the access to a computer system/network. It includes procedures such as account administration, account maintenance, account monitoring and the revocation of an account.
Cyber security
Refers to technologies, processes and practices designed to protect computers, networks, software and data from attack, damage or unauthorised access and aims to protect data confidentiality, integrity and availability.
Anti-malware
Software designed to prevent, detect and eradicate malicious software, such as a virus or a worm
Intrusion prevention system
Software that examines network traffic flows to detect and prevent vulnerability exploits.
Malware
Software that is designed to cause disruption or damage to data and/a computer system/network.
Anomaly based
Software that is designed to detect computer intrusions and misuse by monitoring system activity and classifying it as either normal or anomalous.
Firewall
Software that is designed to protect a computer system/network from unauthorised access and intrusion.
Intrusion detection system
Software that monitors network or system activities for unexpected or malicious activities.
Host firewall
Software that runs on a single host computer that restricts incoming and outgoing network activity for that host computer only. It can be used to prevent a host computer from becoming infected and stop infected host computers from spreading malware to other hosts computers.
Asset
Something that is of value to a person, an organisation or a state, e.g. data, finance and secrets that should be secured against cyber security incidents.
Phishing
The act of attempting to acquire personal information, often for malicious reasons, such as fraud, by pretending to be a known and trusted individual or organisation.
Risk analysis
This involves analysing a computer system or a set of procedures and assessing whether a system is at risk from a cyber incident due to weaknesses or vulnerabilities in software, hardware or procedures.
Sandboxing
This is a security method for separating running programs on a computer system/network. It is often used to run untested code, or untrusted programs from unknown sources such as suppliers, untrusted users and untrusted websites.
Risk management
This refers to ensuring that risks are monitored carefully and mitigated against or eliminated from a computer system/network.
Hoax email
Usually an email message warning recipients of a non-existent threat, usually forging quotes supposedly from authorities such as Microsoft and IBM.