The Cyber Security Glossary

A security technique used to ensure that only authorized users can access certain resources or data.

A prolonged and targeted cyberattack in which an intruder gains and maintains access to a network over a long period of time.

An entity (individual, group, or nation-state) that is attempting to gain unauthorized access to systems or networks for malicious purposes.

Software that automatically displays or downloads advertising material when a user is online.

Artificial intelligence that acts autonomously or with minimal human intervention, often used in cybersecurity to detect and respond to threats.

Software designed to detect and remove malicious software from a computer system.

The total number of vulnerabilities that can be exploited by attackers within a system or network.

The process of verifying the identity of a user, device or system.

The process of granting or denying access to resources based on an authenticated identity.

A method of bypassing normal authentication to gain access to a system or network.

A copy of important data or files stored separately to ensure recovery in the event of a data loss.

The process of analyzing and evaluating user behavior to identify risks or vulnerabilities within an organization’s systems.

A network of infected computers (bots) that are controlled remotely to carry out cyberattacks, such as DDoS attacks.

The unauthorized access or acquisition of data from a system, often leading to exposure of sensitive information.

A type of attack where an attacker tries all possible combinations to crack a password or encryption.

A policy allowing employees to use their personal devices (smartphones, tablets, etc.) for work-related tasks

A form of phishing where attackers impersonate legitimate entities and ask victims to call a phone number, which is controlled by the attacker, to steal sensitive information.

A type of phishing attack where malicious actors use social engineering to trick victims into clicking links that lead to fake websites or install malware.

A widely accepted model in cybersecurity consisting of confidentiality, integrity, and availability, which represents the core principles of information security.

A fraudulent tactic where attackers convince victims to click on a link or download a file by posing as a legitimate service or tool that offers to fix problems or enhance security.

The measures and technologies used to protect data, applications, and services stored in the cloud.

A set of user credentials (e.g., username and password) that allow access to a system or network.

The practice of securing information by transforming it into unreadable formats that can only be decrypted by authorized users.

A deliberate attempt to compromise the integrity, confidentiality, or availability of a computer system, network, or data.

The ability of an organization to continue operating despite experiencing cyberattacks or failures, ensuring minimal disruption and rapid recovery.

A fraudulent scheme conducted online, typically through deceptive websites, emails, or social media, designed to steal money, personal information, or access to sensitive data.

The practice of protecting systems, networks, and programs from digital attacks, theft, and damage.

The understanding and knowledge of potential cyber threats and best practices to protect systems, data and personal information from malicious attacks.

An annual event in October to raise awareness about the importance of cyber security and promote safe online behaviors among individuals and organizations.

The actions and practices that employees and users adopt concerning cyber security, which can directly affect the risk profile of the organization.

The collective attitudes, values, and practices related to cyber security within an organization, influencing how employees and stakeholders approach security.

A part of the internet that is not indexed by search engines, often used for illicit activities including the sale of stolen data.

The process of converting data into a coded format to prevent unauthorized access.

The unintended or unauthorized exposure of sensitive data to the public or unauthorized parties.

A strategy to ensure sensitive or critical data is not lost, misused, or accessed by unauthorized users.

The practice of safeguarding personal and sensitive data from unauthorized access, loss, or misuse, ensuring compliance with laws and regulations.

An attack where multiple systems are used to flood a target system with traffic, making it unavailable to users.

The process of converting encrypted data back into its original form.

A type of synthetic media where AI is used to manipulate videos, audio, or images to create realistic but fake content, often used for impersonation or misinformation campaigns.

A type of cyber scam where criminals pretend to be law enforcement, threatening victims with arrest or legal consequences unless they transfer money or reveal personal information.

A type of cyberattack where an attacker manipulates DNS records to redirect traffic to malicious websites.

A type of cyber attack where an attacker tricks a user into unknowingly clicking on two hidden or disguised elements, usually leading to unintended actions or security breaches.

Enforced by India, this act regulates how personal digital data is processed, balancing individuals' right to protect their data with the need to use it for legal purposes.

Email bombing is a form of cyber attack where a target’s email inbox is flooded with a massive volume of unsolicited emails, often disrupting normal operations or overwhelming the recipient’s system.

The use of technology and policies to protect email communications from phishing, malware, and other threats.

A technique used to secure data by converting it into an unreadable format, which can only be reverted to its original state by authorized parties.

Security measures taken to protect devices (endpoints) like computers, smartphones, and other network-connected devices.

The unauthorized transfer of data from a system or network.

A piece of software or code that takes advantage of a vulnerability in a system to cause unintended behavior or damage.

A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Specialized software stored on hardware devices that controls the device’s operations.

An interactive training approach that uses game elements, such as rewards and challenges, to engage users in learning about cyber security practices and risks.

A network device that acts as a bridge between two networks, often providing security features such as firewall protection.

A regulation in EU law that governs data protection and privacy for all individuals within the European Union and the European Economic Area, emphasizing individuals' control over their personal data.

A hacker who may violate ethical standards but does not have malicious intent, often seeking to improve security systems.

An individual who uses their technical skills to gain unauthorized access to systems and networks, often for malicious purposes.

The act of gaining unauthorized access to systems or networks for various purposes, including stealing information or disrupting operations.

A process of converting data into a fixed-size string of characters (hash), commonly used in data security and integrity checks.

The process of adhering to the Health Insurance Portability and Accountability Act, ensuring the privacy and security of health information.

A decoy system or network set up to attract attackers and monitor their activities to learn about their tactics.

Mistakes made by individuals that can lead to security breaches, such as sending an email to the wrong person or failing to follow security protocols

The fraudulent acquisition and use of someone’s personal information, typically for financial gain.

A social engineering tactic in which an attacker pretends to be a legitimate person or organization.

Any event or action that threatens the security, confidentiality, integrity, or availability of an information system.

A set of procedures used to detect, respond to, and recover from cyber security incidents.

A security threat that originates from within the organization, often by employees or contractors with authorized access.

A system that monitors network or system activities for malicious activities or violations of policies.

A system that not only detects but also actively prevents and blocks potential security threats.

A technique used by attackers to disguise their identity by modifying the source address of their packets to appear as though they come from a trusted source.

An international standard that outlines requirements for an information security management system (ISMS) to manage sensitive company information, ensuring its confidentiality, integrity and availability.

A type of cyber attack where malicious actors infect USB charging stations to steal data from or install malware on a connected device, such as a smartphone.

A type of malicious software that records keystrokes to gather sensitive information such as usernames and passwords.

The techniques used by attackers to move within a network after gaining initial access.

A protocol used for accessing and maintaining directory services, commonly used for managing user credentials and permissions.

A security principle that ensures users and systems only have the minimum level of access necessary to perform their tasks.

Malicious software designed to harm, exploit, or otherwise compromise a computer system.

A type of attack where an attacker intercepts communication between two parties to eavesdrop or manipulate data.

MFA bypass is the process of circumventing Multi-Factor Authentication (MFA) mechanisms, typically through exploiting vulnerabilities or using deceptive techniques, to gain unauthorized access to systems or accounts.

A learning strategy involving small, bite-sized lessons, often delivered in quick, on-demand formats like videos or articles, which is effective for cyber security training to raise awareness on specific threats.

The improper setup of system or network settings that create vulnerabilities, which can be exploited by attackers (e.g., open cloud storage or default credentials).

A strategy and software for managing, securing, and enforcing policies on mobile devices within an organization.

A security method requiring two or more forms of verification to authenticate a user’s identity.

Measures taken to protect the integrity, confidentiality, and availability of computer networks and data.

The practice of dividing a computer network into smaller sub-networks to improve performance and security.

A U.S. federal agency that develops cybersecurity standards and best practices.

A U.S. government agency responsible for signals intelligence and information assurance.

An open standard for token-based authentication and authorization, allowing third-party services to access user resources without sharing credentials.

A software library used to implement SSL and TLS protocols for securing communications over networks.

The process of collecting publicly available data and information from open sources to support intelligence activities.

A cyber attack technique where attackers attempt to gain access to multiple accounts by using a small set of commonly used passwords across many usernames, rather than targeting a single account with many different passwords.

The process of identifying, testing, and applying patches to fix vulnerabilities in software and systems.

A set of security standards designed to protect card payment information and ensure safe handling of credit card data by businesses.

A simulated cyber attack conducted by cyber security professionals to identify and exploit vulnerabilities in a system.

Any data that can be used to identify an individual, including name, email, phone number and social security number.

Legislation that governs the collection, use, and disclosure of personal health information in Ontario, Canada, and requires organizations to secure health-related data.

A social engineering attack designed to trick users into revealing sensitive information, usually through fraudulent emails or websites.

Phishing tests are simulated attacks designed to assess an organization's susceptibility to phishing scams by evaluating how employees respond to fake email, website or message-based threats.

A targeted phishing attack that uses highly customized or validated information about the victim to increase the likelihood of success.

The process of gaining higher-level permissions or access rights than initially granted in a system.

The practice of securing, managing, and monitoring access to sensitive systems and data.

A rapidly evolving field of computing that uses quantum-mechanical phenomena, such as superposition and entanglement, to perform complex calculations at speeds far beyond traditional computers. It poses potential security risks as it could eventually break current encryption methods.

A form of phishing using QR codes, where attackers embed malicious links in QR codes to trick users into revealing personal information or downloading malware.

A type of malware that encrypts a user’s files and demands payment (ransom) to restore access.

Programs aimed at educating employees about potential cybersecurity threats and how to prevent or respond to them.

A malicious technique where attackers manipulate search engine optimization (SEO) tactics to rank harmful or misleading content higher in search results, often leading users to phishing sites or malware.

A system that provides real-time analysis of security alerts generated by applications and network hardware.

A form of phishing attack that uses SMS or text messages to trick individuals into revealing personal information or downloading malware.

A centralized team responsible for monitoring, detecting, and responding to security incidents within an organization.

A manipulation technique used by attackers to deceive people into divulging confidential information or performing certain actions.

A targeted form of phishing attack in which attackers personalize emails or messages to deceive specific individuals or organizations into disclosing sensitive information.

The act of disguising communication from an unknown source to appear as if it is from a trusted source.

A type of malware that secretly monitors and collects information about a user's activities without their knowledge.

A code injection technique that exploits vulnerabilities in a web application’s database query structure, allowing attackers to manipulate or retrieve data.

The practice of concealing data within another file, such as embedding hidden messages in images or audio files, to evade detection.

Cyber attacks that target vulnerabilities in an organization's supply chain to compromise the integrity or security of the goods or services provided.

Syncjacking is a cyber attack where an attacker intercepts and manipulates the synchronization process between devices or services to gain unauthorized access or control.

Any potential danger to an organization’s data, systems, or networks, including cyber attacks, natural disasters, or insider threats.

The process of gathering, analyzing, and sharing information about potential or actual cyber threats to improve an organization's security.

A type of malicious software that disguises itself as legitimate software but performs harmful actions once executed.

A method of authentication requiring two forms of identification before granting access to an account or system.

The amount of time a system or service has been running without failure or downtime.

A technique used to deceive users by creating fake URLs that closely resemble legitimate websites.

The process of verifying the identity of a user through credentials such as a password, token, or biometric scan.

A type of malware that attaches itself to files or programs and spreads by replicating itself.

A type of phishing attack carried out over the phone, where attackers impersonate legitimate organizations or individuals to steal sensitive information.

A technology that creates a secure, encrypted connection over a less-secure network, such as the internet, to protect data and privacy.

A weakness in a system that can be exploited by attackers to gain unauthorized access or cause damage.

Web skimming is a type of cyber attack where malicious scripts are injected into websites to steal sensitive customer data, such as credit card information, during online transactions.

A specific type of spear phishing that targets high-profile individuals (e.g., executives) within an organization, with the goal of stealing sensitive corporate information.

A security practice where only approved applications or users are allowed access to a system or network.

A type of self-replicating malware that spreads across networks without needing to attach itself to other files.

A security protocol for securing wireless networks, designed to provide stronger encryption than previous versions.

A type of vulnerability in web applications that allows attackers to inject malicious scripts into webpages viewed by other users.

A vulnerability that is unknown to the vendor or developer and has no patch or fix available, often exploited by attackers before discovery.

Zero Trust is a security framework that assumes no user or device, whether inside or outside the network, should be trusted by default and requires continuous verification of identities and access permissions.