Improve Your Cybersecurity Vocabulary

This short glossary of cybersecurity terms is a simple way to raise awareness for terms like “zero-day attack” that employees and executives outside of cybersecurity should know about.

Clickjacking, Linkjacking, Phishing, Smishing And Other Cybersecurity Terms You Need To Know

The industry has its own language which lay people often struggle to understand. This short glossary of cybersecurity vocabulary is a simple way to raise awareness for terms like “zero-day attack” that employees and executives outside of cybersecurity should know about. Regardless of your role in an organization, take the time to learn these commonly used terms and increase your knowledge of the most critical issue of the digital age – cybersecurity.

APT (Advanced Persistent Threat)

A security breach that enables an attacker to gain access or control over a system for an extended period of time usually without the owner of the system being aware of the violation. Often an APT takes advantage of numerous unknown vulnerabilities.

Backdoor

A secret entry point established to circumvent normal security measures for access to software or a computer system.

Botnet

Botnets can comprise dozens to over a million individual computers. The term botnet is a shortened form of robotic network – a collection of innocent computers which have been compromised by malicious code to run a remote control agent and perform criminal actions.

Bug Bounty

Reward offered by some organizations and developers to individuals who report a vulnerability or bug.

Catfishing

When a bad actor creates an online fictional persona for deceptive purposes.

Clickjacking

A malicious technique that tricks you into clicking on a URL, button or other screen object other than that intended by or perceived by the user.

DDoS (Distributed Denial of Service)

An attack which attempts to block access to a digital resource. It is a variation of the DoS attack (see DOS) that can include flooding, connection exhaustion, and resource demand. The distinction of DDOS from DOS is that the attack traffic may originate from numerous sources or is reflected or bounced off of numerous intermediary systems. DDoS attacks are often waged using botnets.

Honeypot

A trap or decoy for attackers. A honeypot is used to distract attackers in order to prevent them from attacking actual production systems. A honeypot may also be able to discover new attacks or the identity of the attackers.

Keylogger

Software that records users’ keystrokes to collect passwords and other high-value information.

Linkjacking

An unethical practice of redirecting a link to a middle-man or aggregator site or location rather than the original site.

Multi Factor Authentication (MFA)

A security approach that asks users to give at least two credentials, such as a password and biometric, to access an organization’s data or systems.

Penetration Testing

Also known as pen-testing, it’s an attempt to evaluate how hack-proof a system is by trying to exploit it.

Phishing

When attackers send emails that purport to be from reputable parties to induce recipients to reveal personal information.

Ransomware

A type of malicious software attack that blocks access to a computer system until the victim pays a sum of money to unlock it.

Social Engineering

A cyberattack aimed at stealing user data where the attacker pretends to be a trusted individual or organization to trick the victim. Common techniques include phishing and smishing.

Smishing

The fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords or credit card numbers.

Sockpuppet

A fictitious online identity used for deceptive purposes.

Whitelist

A pre-approved list of software, code, file name, path, file size and hash value. Conversely, any code, whether benign or malicious, excluded from the whitelist will not be able to execute on the protected system (aka blacklist).

Zero-Day Exploit

A software vulnerability that’s either previously unknown or has no developed patch, leaving hackers free to do damage.

Zero Trust

Concept that says devices shouldn’t be automatically trusted, even if they have been verified previously.vocabu

Uncover knowledge areas in cybersecurity

Whether you’re embarking on a cybersecurity journey, considering essential defensive methods or expanding to product-specific training. Our cybersecurity experts will assess your current posture and identify potential risks.

Book a consultation

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

K12 Budgeting: Planning Your 1:1 Device Refresh Program Cost

As K12 education evolves, managing 1:1 device programs effectively is crucial. These programs, providing each student with a personal computing device, play a pivotal role in modern education. Success demands strategic planning, communication, foresight, and a holistic approach to device management. With digital learning on the rise, these devices are more than just tools for accessing information; they are platforms for interactive, core learning experiences. However, funding remains a significant hurdle, making effective budgeting for your device refresh program essential for optimizing ROI and device longevity.

Crafting a Futureproof 1:1 Device Strategy for School Districts

In the evolving landscape of Education Technology, crafting a futureproof 1:1 device strategy is crucial. This strategy should link every student, teacher, and administrator experience with specific device specifications. The integration of educational apps into the curriculum can significantly enhance the learning environment. These apps, tailored to the needs of students, can provide interactive content, fostering a dynamic learning experience.

Optimizing Your K12 Tech Investments: Funding 1:1 Device Programs

This blog will guide school districts grappling with the financial and resource demands of implementing a successful 1:1 device program amid ongoing challenges of budget constraints and competing priorities. Our guided workbook, created in partnership with Intel, provides further support with personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

K12 Cybersecurity: How to Secure 1:1 Devices in Your School District

This blog post delves into the importance of security, cybersecurity, and data privacy in school districts implementing 1:1 device initiatives. It offers basic steps for evaluating, planning, and executing a security strategy. Our guided workbook, created in partnership with Intel, provides a personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

Lost & Stolen Devices are a Serious Data Security Threat—Here’s Why

Since the pandemic, remote and hybrid work has become the norm. While mobile devices and remote workstations have empowered great flexibility, it has also led to an increase in data security problems due to lost, misplaced, or stolen devices. Find out how remote and hybrid setups are contributing to this problem and how to protect yourself and your organization.

Ransomware Gangs Adding Pressure with ‘Swatting’ Attacks—Here’s What You Need to Know

Ransomware gangs are implementing new extortion tactics to encourage victims to pay up. Swatting is becoming an increasingly popular tactic. It involves calling law enforcement to falsely report a serious, in-progress crime triggering an extreme response such as an armed raid from the SWAT team. Explore how cybercriminals are using this tactic and what you can do to prevent it from happening to you.