Jargon Buster: Demystifying IT Terminology 

Cybersecurity Edition 

Jargon Buster

The jargon buster aims to give simple, plain English explanations of typical words and/or phrases used in security and cybersecurity, making it easier to stay informed.

Zero Trust:

Security approach assuming no inherent trust, requiring continual user and device authentication.

 

Phishing:

Cyberattack where malicious actors impersonate entities to trick individuals into revealing sensitive information.

 

Ransomware:

Malicious software encrypting files, demanding ransom for decryption; paying does not guarantee data return.

 

Malware:

Malicious software (viruses, Trojans, worms, spyware) designed to harm or exploit computer systems.

 

Penetration Testing (Pen Test):

Simulating cyberattacks to identify system vulnerabilities and weaknesses.

 

Multi-Factor Authentication (MFA):

Security process requiring two or more forms of identification for enhanced login security.

 

Firewall:

Network security device or software filtering traffic based on predefined rules, acting as a barrier between trusted and untrusted networks.

 

Encryption:

Converting data into code to prevent unauthorised access, ensuring unreadability without decryption key.

 

Cyber Threat Intelligence (CTI):

Information about potential cybersecurity threats, including tactics employed by malicious actors.

 

Incident Response (IR):

Structured approach to addressing and managing the aftermath of a cybersecurity incident.

 

Patch Management:

Regularly updating software, operating systems, and applications to fix known vulnerabilities.

 

DDoS Attack (Distributed Denial of Service):

Attack flooding a target system with traffic from compromised computers (botnets).

 

Vulnerability Assessment:

Identifying, classifying, and prioritising security vulnerabilities in systems, networks, and applications.

 

Two-Factor Authentication (2FA):

Security process requiring users to provide two authentication factors for enhanced login security.

 

Endpoint Security:

Protection of individual devices from cybersecurity threats.

Data Breach: Incident where sensitive data is accessed, disclosed, or stolen by unauthorized individuals or entities.

 

Security Audit:

Evaluation of an organisation’s security policies, practices, and controls for effectiveness and compliance.

 

SOC (Security Operations Centre):

Centralised unit monitoring, detecting, and responding to cybersecurity incidents in real-time.

 

DMZ (Demilitarised Zone):

Network segment separating internal and external networks, often used for public-facing services.

 

SIEM (Security Information and Event Management):

Software providing real-time analysis of security alerts from various network sources.

Want to learn more about our services?