Ransomware attacks globally nearly doubled in 2021. BitSight’s Ransomware for Dummies book reveals indicators of potential attacks, and how to minimize costly damage when successful ransomware targets you.
Like many technical industries, cybersecurity has a lot of specialized lingo. But there are two dozen cybersecurity terms in particular that are critical to understand. We’ve defined them here (in alphabetical order) and linked to a few articles that may help you better understand them along the way.
The Cybersecurity Pocket Dictionary: 24 Terms You Should Know
1, 2, & 3. Availability, Confidentiality, & Integrity
These three terms make up the triad of information security (often abbreviated “CIA”):
- Confidentiality is what a company needs to do to ensure sensitive information stays private.
- Integrity focuses on the life cycle of the data, ensuring it is always accurate.
- Availability means your hardware and software systems have constant uptime and everything is maintained properly.
Read More: 3 Critical CISO Roles & Responsibilities
According to Heimdal Security, “Botnets are entire networks of computers controlled and instructed to...attack other computers, send spam or phishing emails, deliver ransomware, spyware, or [perform] many other similar malicious acts.”
Our research has shown that companies with a higher number of botnets (or a BitSight Botnet Grade of “B” or lower) are twice as likely to experience a publicly disclosed data breach. You can read more about these findings in our BitSight Insight report How Do Botnet Grades Correlate With Significant Data Breaches?
5. Continuous Monitoring
Cyber risk is a major part of every vendor risk management (VRM) program. But traditional risk assessment methodologies—like on-site assessments, audits, penetration tests, and vulnerability scans—only provide you with a cybersecurity snapshot of the exact moment they were performed.
Continuous monitoring is used to describe a solution—like BitSight Security Ratings—that gives you a constant, real-time look into your network and your vendors’ networks for observing any potential vulnerabilities.
6. Data Breach
A data breach has taken place when confidential or personally identifiable information (PII) has been compromised in any way. Unfortunately, it’s almost impossible to fully prevent a data breach from happening—but there are some best practices you can put in place to reduce the risk of a hack and make sure a data breach in your organization wouldn’t be catastrophic.
Distributed denial-of-service (DDoS) is an attack vector that happens when a bad actor creates a slew of traffic requests on a website at once in order to crash it or severely cripple it for a period of time. This impacts information availability or creates a noticeable disruption in service—which is often the hacker’s intent
Encryption is defined as the “activity of converting data or information into code.” Encrypting critical data is an important step in preventing large-scale data leakage from a cybersecurity breach. If the data is encrypted, a bad actor may have access to the data but may not be able to harvest it in a useable form.
Exploitation is typically discussed in regard to software vulnerabilities that hackers are able to take advantage of. Consider this Heimdal Security statistic: “99% of computer users are vulnerable to exploit kits (software vulnerabilities).”
Malicious software—or malware—is one of many types of attacks a bad actor can use to exploit a software vulnerability in order to gain access to data or systems. All 350 North American Eddie Bauer retail locations as well as 20 properties managed by HEI Hotels were affected by point-of-sale (PoS) malware attacks recently.
Read More: How Point Of Sale Breaches Happen
11. Man-In-The-Middle (MITM) Attack
A man-in-the-middle (MITM) attack is when a hacker intercepts communication between two (or more) parties and relays the information to both sides. Common vulnerabilities like POODLE facilitate MITM attacks.
12. Patching Cadence
Patching cadence involves determining how many vulnerabilities you have in your system and how many critical vulnerabilities have yet to be patched. It is one of four critical cybersecurity metrics we recommend reporting to the board.
13, 14, & 15. Phishing, Spear Phishing, & Whaling
To conduct a phishing attack, a bad actor tries to impersonate either a legitimate person or a corporation through an email that asks the user to take an action. This action would give the “phisher” an access point to critical data or information.
Spear phishing is a more targeted form of phishing. The bad actor will usually pose as a trusted individual from the victim’s own company or assume the identity of an authority figure to give their email the gravitas it needs.
Whaling is similar to phishing and spear phishing, but the target is an important person or a high-profile individual, like a C-level executive or a celebrity. The methods used to phish them are usually highly personalized.
Ransomware is a type of malware attack where the victim is forced to pay a ransom in order to get their network or data back. This, along with targeted spear phishing attacks, is one of the biggest cybersecurity threats of 2016.
Read More: The Rising Face Of Cyber Crime: Ransomware
17. SQL Injection
A structured query language (SQL) injection attack targets back-end databases and applications that use the SQL programming language. Along with phishing attacks and DDoS attacks, it’s considered a critical attack vector that can lead to a cybersecurity breach.
18, 19, & 20. SPF, DKIM, & DMARC
SPF, DKIM, and DMARC are email authentication protocols that reduce the likelihood of employees falling victim to phishing attacks by quarantining suspicious emails to spam folders. Proper application of these email authentication protocols will help lower the chances of a breach.
20 & 21. SSL & TLS
Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are both authentication protocols hackers can exploit.
22. Third-Party Cyber Risk Management
Third-party cyber risk management—or vendor risk management (VRM)—is the process of measuring and mitigating threats and risk that vendor relationships pose to your information, network, and organization.
Torrenting is a peer-to-peer file sharing technology that has a good, bad, and ugly side when it comes to cybersecurity.
In cybersecurity, vulnerability typically refers to a system or network that is, for one reason or another, more susceptible to attacks.