25 Terms for Cyber Security Awareness Training
A list of defined common words and phrases within the cybersecurity industry, helping you to identify their worth and understanding.
We’ve all experienced marketing buzzwords, on an ad, at a trade show, or conference; but what exactly does that specific buzzword mean? We have listed 25 common words and phrases used within the cybersecurity industry to help you speak the jargon amongst peers, but more importantly to understand their real benefit (or not).
- Spear Phishing
- Whale Phishing
- Security Culture
- Social Engineering
- Trojan Horse
- Crypto currency
Many have argued cyber is merely a buzzword of IT (Information Technology) and confusion and debate between the two has occurred. While technology has become an existential component to everything we do, technology is the apparatus or equipment within this domain. The ‘I’ in IT helped us go beyond the physical and incorporate the logical, that included data in the form of information. However, security needs to go further beyond IT, ones and zeros. Within cyber or more specifically cybersecurity, we can include other aspects such as culture, behaviors and external risk. The term first coined in the 1940s allows us greater breadth, such that activities and plans may go beyond the corporate network. One example may include the reputational damage caused from cybercrime.
A term given to the act and product of emails sent to individuals or employees of organizations, with the intent to ‘hook’ someone. Cybercriminals may send out millions of phishing emails, fishing email inboxes for a bite. The bait of choice can vary from social engineering the recipient to respond, opening a file or clicking a link. Cybercriminals are becoming more sophisticated every day, making it harder to spot for both trained and untrained staff. This is the reason we created SKALES, to help both trained and untrained staff to spot suspicious emails and/or phishing, reducing incidents, reducing risk.
Like phishing, but targeted. Spear phishing unlike general phishing focuses on smaller numbers. Information within is specifically crafted for its intended audience, its only suitable for its intended target. Targets may be a particular department or a single individual. While spear phishing is less common, it can be far more effective and extremely difficult to detect.
Again, like phishing, Whale phishing is specifically crafted for the C-board of an organization, such as the Chief Financial Officer or their personal assistant. Whale phishing presents a very real and dangerous threat, costing organizations millions of dollars in a single theft and with dire consequences. Many high-profile organizations have fallen to Whale phishing, causing hundreds of thousands of dollars in lost funds.
A mindset and approach of staff within an organization. A healthy security culture is one that is balanced, aligned to the organizations risk appetite A poor security culture will cause elevated risk from either making themselves vulnerable to attack or impact productivity via blocking controls. It should be the aspiration of every business to adopt a good (or great) security culture – after all, security is everyone’s responsibility.
The psychological act to manipulate a human-being. This is often seen within phishing attempts, especially spear phishing or whale phishing. This attack may be as simple as encouraging a member of staff to reply-back, providing valuable information or allow someone to physically talk their way past the security guard.
AI - Artificial Intelligence
A broad term that incorporates such buzzwords as machine learning and deep learning. AI was first concepted in the 1950s by Minsky and McCarth who described the field of AI as “any task performed by a machine that would have previously been considered to require human intelligence”. The field is developing quickly in recent years thanks to the use of big data. Although, we are a long way away from seeing a terminator… we hope.
ML - Machine Learning
A technology that resides within the broader term of AI. Machine learning has been used extensively within the marketing industry, and with worthy cause. By creating models within the datasets (groups of data), ML allows solutions to learn, grow and scale with use, making them more efficient and capable to predict accurately with high degrees of success. SKALES uses ML to understand threat data and identify malicious emails within milliseconds.
NLP - Natural Language Processing
As the name suggests, NLP is the practice of processing language. While many forms exist such as, audio or written, SKALES uses text within emails to identify malicious intent. The practice allows solutions to quickly interpret the words and phrases (or other forms of communication) and make sense of the information within.
A term used to describe computing services accessible over the internet. Cloud services allow organizations and individuals to host services remotely. As an example, services such as Hotmail or Gmail are services hosted on Cloud computing services. SKALES is a Cloud-based service, providing secure services via browser, API and software connectors.
SKALES’ Administration Dashboard, allows senior management to gain an overview of current and past attacks, as well as employee security behaviour engagement and reporting accuracy. With metrics and reporting, managers gain a better understanding of the staffs susceptibility. The dashboard also supports analysts with rapid triage, processing and management of phishing emails, where highlighted by SKALES or reported by staff. CLICK HERE to get a demo and better understand how SKALES can improve your security.
SEG - Security Email Gateway
A solution that resides between organizations email servers and the internet. The SEG will typically check in-bound and out-bound emails looking for SPAM (Phishing etc.) Depending on the solution and its configuration, SEG may block and delete emails it deems are SPAM. An essential email solution, unfortunately SEGs have a very difficult problem to overcome and thus phishing often bypasses SEGs and end up in staff mailboxes, presenting a real risk of compromise.
SOAR – Security, Orchestration, Automated, and Response
A process whereby security tools automate actions based on configuration and information. As an example, a network device is automatically updated with the latest phishing websites, shortly thereafter a staff member clicks a phishing link within an email. The network device blocks the request, stopping the laptop from visiting the website and becoming infected. SKALES supports SOAR, improving an organization’s ability to scale their security posture.
DDoS – Distributed Denial of Service
An attack method whereby a barrage of data is transmitted to a given victim. The intention is to disrupt the service (I.e. website) by overloading it. DDoS is also a common technique to create noise, whilst an alternative or ’real’ attack occurs. If you suffer a DDoS attack, ensure a specialist reviews network and security logs for alternative attacks hidden within the noise.
Otherwise known as malicious software that performs an illicit action based on its intention of use. While some software is blocked by an anti-malware program, its use may be genuine, such as the IT departments use of team viewer – a remote access program typically used to provide IT support.
A type of malware that spreads through use. A common variant is malware that is spread through PDF attachments. By opening and running scripts within the file the virus is then able to infect and spread.
A type of malware that self-propagates and spreads automatically. An example often seen is malware running on an infected machine that distributes copies of itself via email to everyone within the address book.
Some variants of malware act as bots, running on an infected computer and communicating with cyber criminals via a command-and-control server. Spyware is typically a bot used to steal data, passwords, and access your webcam without your knowledge!
A collection of bots being controlled centrally by a threat actor. Massive DDoS are the result of botnets. Their collective effort has taken many websites offline, impacting business and preventing sales and service. Botnets have many uses and are not only used for DDoS attacks as some are used for sending out Phishing or mine for cryptocurrencies. SKALES actively reviews email data against known botnets, supporting the detection of business email compromise.
Trojan Horse (Computing)
A type of malware hidden within a legitimate program. Software acquired illegally often contain malware and are activated when the legitimate program is installed and run.
VPN – Virtual Private Network
Is a technology that establishes and maintains a secure connection between two points. When a VPN is established, typically all traffic (I.e. surfing the web) is sent through the VPN. If a connection is established between two countries, it would appear your computer is physically residing within the other country. While changing geographical location is common amongst personal use, businesses typically make use of the technology to safeguard communication from anyone who may be on the network listening, such as WIFI hotspots.
A term used for vulnerabilities and exploits that the vendor is yet to be aware of. Stuxnet, a piece of malware designed to disrupt the centrifuges of an Iranian nuclear reactor was able to exploit vulnerabilities of an industrial control system. For years the malware impacted systems before the vendor became aware and fixed the vulnerability. Zero-day exploits are sought after by cybercriminals-alike, because until the vendor releases a fix, there is no way of stopping the attack.
A technology that relies heavily on AI to generate artificial information. The most notorious use of deepfake, is the ability to masquerade as someone else. Deepfake technology is often used within videos by using a photo of a person and transplanting their facial features on to the person within the video. It is believed that audio deepfake attacks have occurred in the wild, social engineering a CEO of a major UK utilities company and successfully stealing $243,000.
A digital currency used for financial transactions. Like any currency, it is used for both legitimate and illegal means. Bitcoin is the most used cryptocurrency and strongest against the US dollar. There are many cryptocurrencies and new variations are being created frequently. Its ability to exist outside the financial banking system and anonymity offers great advantages to criminal entities
APT - Advance Persistent Threat
A threat actor deemed an APT should be a well-organized and sophisticated entity. While an APT can be a cybercriminal groups, the most notorious are state-sponsored groups, such as APT1 with known associations to China and APT29 associated with Russia.
SIEM - Security Information and Event Management
A platform or set of tools that enables the correlation and processing of delivered information and events. Such types of information could be firewall logs that allows security teams to identify malicious activity and triage of incidents. SOAR makes use of SIEMs and SKALES empowers both.
How many of these terms did you know? What terms did we miss? Let us know via Twitter or LinkedIn if you used these terms for your cyber security awareness training.
Subscribe for more
Tackling phishing. Empowering people.