Secret key

A cryptographic key that is used for both encryption and decryption, enabling the operation of a symmetric key cryptography scheme.

Security automation

The use of information technology in place of manual processes for cyber incident response and management.

Security Information and Event Management (SIEM)

Software used to monitor, log, provide alerts and analyse security events to support threat detection and incident response.

Security monitoring

The collection of data from a range of security systems and the correlation and analysis of this information with threat intelligence to identify signs of compromise.

Security Operations Center (SOC)

A central unit within an organisation that is responsible for monitoring, assessing and defending security issues.

Security perimeter

A well-defined boundary within which security controls are enforced.

Security policy

A rule or set of rules that govern the acceptable use of an organisation's information and services to a level of acceptable risk and the means for protecting the organisation's information assets.

Single Sign-On (SSO)

A software process to enable computer users to access more than one application using a single set of credentials, such as a username and password.


Phishing via SMS: mass text messages sent to users asking for sensitive information (eg bank details) or encouraging them to visit a fake website.

Social engineering

Manipulating people into carrying out specific actions or divulging information that is of use to an attacker. Manipulation tactics include lies, psychological tricks, bribes, extortion, impersonation and other type of threats. Social engineering is often used to extract data and gain unauthorised access to information systems, either of single, private users or which belong to organisations.

Software as a service (SaaS)

Describes a business model where consumers access centrally-hosted software applications over the Internet.


The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages.

Spear phishing

Spear phishing is a cyber attacks that aims to extract sensitive data from a victim using a very specific and personalised message designed to look like it's from a person the recipient knows and/or trusts.
This message is usually sent to individuals or companies, and it is extremely effective because it’s very well planned. Attackers invest time and resources into gathering information about the victim (interests, activities, personal history, etc.) in order to create the spear phishing message (which is usually an email). Spear phishing uses the sense of urgency and familiarity (appears to come from someone you know) to manipulate the victim, so the target doesn’t have time to double check the information.


Faking the sending address of a transmission to gain unauthorised entry into a secure system.


Spyware is a type of malware designed to collect and steal the victim’s sensitive information, without the victim’s knowledge. Trojans, adware and system monitors are different types of spyware. Spyware monitors and stores the victim’s Internet activity (keystrokes, browser history, etc.) and can also harvest usernames, passwords, financial information and more. It can also send this confidential data to servers operated by cyber criminals so it can be used in consequent cyber attacks.

SQL injection

This is a tactic that uses code injection to attack applications that are data-driven. The maliciously injected SQL code can perform several actions, including dumping all the data in a database in a location controlled by the attacker. Through this attack, malicious hackers can spoof identities, modify data or tamper with it, disclose confidential data, delete and destroy the data or make it unavailable. They can also take control of the database completely.

SSL / Secure Sockets Layer

This is an encryption method to ensure the safety of the data sent and received from a user to a specific website and back. Encrypting this data transfer ensures that no one can snoop on the transmission and gain access to confidential information, such as card details in the case of online shopping. Legitimate websites use SSL (start with https). Users should avoid inputting their data in websites that don’t use SSL.


A way of encrypting data, hiding it within text or images, often for malicious intent.

Symmetric key

A cryptographic key that is used to perform both the cryptographic operation and its inverse, for example to encrypt plain text and decrypt cipher text, or create a message authentication code and to verify the code.


Threat analysis

The detailed evaluation of the characteristics of individual threats.

Threat assessment

The product or process of identifying or evaluating entities, actions, or occurrences, whether natural or man-made, that have or indicate the potential to harm life, information, operations, and/or property.

Threat hunting

Cyber threat hunting is the process of proactively searching across networks and endpoints to identify threats that evade existing security controls.

Threat management

There is no silver bullet to prevent 100% of cyber threats. Successful threat management requires a multi-layered approach encompassing prevention, detection, response and recovery.

Threat monitoring

During this process, security audits and other information in this category are gathered, analysed and reviewed to see if certain events in the information system could endanger the system’s security. This is a continuous process.


In access control, a ticket is data that authenticates the identity of a client or a service and, together with a temporary encryption key (a session key), forms a credential.


In security, a token is a physical electronic device used to validate a user’s identity. Tokens are usually part of the two-factor or multi-factor authentication mechanisms. Tokens can also replace passwords in some cases and can be found in the form of a key fob, a USB, an ID card or a smart card.

Traffic light protocol

A set of designations employing four colours (RED, AMBER, GREEN, and WHITE) used to ensure that sensitive information is shared with the correct audience.

Trojan horse

A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorisations of a system entity that invokes the program.

Two-factor authentication (2FA)

The use of two different components to verify a user's claimed identity. Also known as multi-factor authentication.

Typhoid adware

This is a cyber security threat that employs a Man-in-the-middle attack in order to inject advertising into certain web pages a user visits while using a public network, like a public, non-encrypted WiFi hotspot. In this case, the computer being used doesn’t need to have adware on it, so installing a traditional antivirus can’t counteract the threat. While the ads themselves can be non-malicious, they can expose users to other threats. For example, the ads could promote a fake antivirus that is actually malware or a phishing attack.

No hay comentarios:

Publicar un comentario

Más leídas este mes