It’s a word that gets used quite a lot, but what is cybersecurity, really? At its core, cybersecurity encompasses ways to protect company digital infrastructures from criminals who attempt to steal information and use it for their own purposes.
Effective cybersecurity protocols combine the latest technologies, professionals and highly detailed processes to develop strategies for protecting sensitive data, preventing financial losses (and lawsuits) and ensuring ongoing business continuity.
Now that you have a cybersecurity definition, here are some terms that fall under its umbrella that you should become familiar with – in alphabetical order.
Cybersecurity Terms, A-M
Attack Surface: It’s as scary as it sounds. These are the various logical and physical locations where threat actors try to enter/extract data on software-based systems. Making this as small as possible is ideal.
AV: Anti-virus is a kind of IT security software. This is designed to scan for malware and once any is detected, the AV should block it. The best ones run in the background seamlessly.
EDR: Solutions and tools that scan for, detect, investigate and mitigate suspicious activity found on endpoints and hosts. EDR (endpoint detection and response) can detect newer, advanced threats and trigger adaptive responses.
Firewall: This is a network security system that will monitor and control network traffic, based on security rules and barriers that you specify.
MD: This stands for managed detection and response, and it is often part of the offerings of a Security Operations Center (SOC) provider. It is a holistic, real-time, turnkey response for threat management.
MR: Also proactive, managed risk will continuously scan your networks, cloud environment and endpoints for potential gaps, misconfigurations, risky assets, problematic software and accounts. It is vulnerability management at its best.
Cybersecurity Terms, N-Z
NIST: This is the National Institute of Standards and Technology, a non-regulatory entity that operates under the United State Department of Commerce. The NIST Publication Series 800 has a thorough listing of IT security measures and controls.
SIEM: Security information and event management is a unified software tool that collects and organizes security alerts and events from various security products to identify possible threats.
SOC: The security operations center is where cybersecurity personnel work to develop and support security technologies, detect threats and respond to them. SOC-as-a-service providers operate off-site, but come on-site as needed.
VA: In the cybersecurity world, VA stands for vulnerability assessment. This process identifies, classifies, prioritizes and assesses internal, external and host-based potential threats.
VM: Vulnerability management follows VA, and features management solutions that will identify, track and prioritize possible dangers and optimize cybersecurity threat prevention.
XDR: Extended detection and response is all about platforms that extend traditional EDR endpoint focus tools. It can include telemetry from endpoint, identity, cloud and network resources.
Using a Managed Services Provider
These cybersecurity terms are just a small introduction to the high-tech, complex world of network system management and cyber threats. There is a whole other list of cyberattacks too, and like the terms above it is constantly evolving. Here are some that you may have heard of:
- Brute-Force Attacks
- Consent Phishing
- Cross-Site Scripting
- Data Breach
- DDoS (distributed denial-of-service attacks; these can crash web servers.
- Drive-by Attack
- Golden Ticket Attack
- Insider Threats
- Juice Jacking/Free Wi-Fi
- Smishing – this uses texting to fool people into downloading apps/following links
- Trojan Virus
- Web Shell
The last cybersecurity term to know is MSP or managed services provider, and this is where TAG Solutions comes in. We are dedicated to protecting our clients’ businesses, employees, customers and data, and developing comprehensive programs that reduce vulnerabilities and downtimes are what we’re all about.
Our core values serve as a fine introduction to our services; contact us for a free IT network assessment before it’s too late. Contact us today!