Cyber security glossary
An A-Z of commonly used words and phrases in cyber security
What is phishing, ransomware or malware? Our cyber glossary explains all the cyber security terms and phrases you need to know.
A cyber criminal. See ‘Threat actors’.
An attempt to subvert or bypass a system's security. Attacks may be passive or active: active attacks attempt to alter or destroy data, whereas passive attacks try to intercept or read data without changing it.
Attack Surface Indicator (ASI)
A simple metric that quantifies how vulnerable your systems are to compromise. The ASI is calculated by dividing the number of high severity vulnerabilities identified in your IT estate by the number of endpoints you have.
Access to, or disclosure of, information on an IT system without authorisation.
Domain Name Server (DNS)
The internet’s phonebook. DNS is a way of translating alphabetical website addresses which are easy to read and remember, into numerical IP addresses which identify the location of the website.
The scrambling of data so it becomes very difficult to unscramble and interpret.
A computer or other user-driven device that communicates with the network it is connected to.
An unsecured, internet-connected computer that is monitored for signs of malicious activity and compromise attempts. The intelligence gathered from this activity is used to protect against future cyber attacks.
The action a virus carries out when it enters a computer system or storage device.
A generic term used to describe malicious software such as viruses, trojans, spyware, and malicious active content.
A method of cyber attack that uses social engineering techniques via email or instant messaging, in an attempt to fraudulently acquire personal information, such as passwords and credit card details, or divert payments to a criminal’s account.
A pattern (often a simple string of characters or bytes) expected to be found in every instance of a particular virus. Anti-virus scanners and intrusion detection systems use these signatures to identify and locate specific viruses.
Unsolicited or unwanted electronic messages. Spam includes legitimate adverts, misleading adverts, and phishing messages designed to trick recipients into giving up personal and financial information.
A site that mimics a real company’s website, to harvest confidential information (passwords, account numbers, card details, etc.) from people who are tricked into visiting it. The fake site looks exactly like the real site, down to the logo, graphics, and detailed information.
Cyber criminals, hackers, and other malicious individuals who use the internet to commit crimes such as identity theft, PC and network hijacking, illegal spamming, phishing, and fraud.
A file capable of attaching to disks or other files and replicating itself repeatedly, typically without a user’s knowledge or permission.
Zero day attack
A brand new attack, never before detected by security teams, for which there is no immediate vendor solution.
Zero day vulnerability
A brand new vulnerability in a piece of software, which a vendor has not produced a security patch for.
Cutting edge solutions and services for challenges you could face, tailored to meet your business’ cyber security needs.Find out more