Cybersecurity terms that everyone should know

Cybersecurity terms that everyone should know

Cybersecurity, being very important from the invention of computers and networks, is gaining more attention as even the most advanced organizations have fallen victim to cyber-attacks in just the past decade. But it stayed a responsibility of the IT team of an organization for a long period. The pandemic of 2020 had established that cybersecurity is not just an IT team’s responsibility but of the entire employees’.  

Regardless of your role in your organization, this article will cover a lot of cybersecurity terminologies that will keep everyone, from security professionals to general end-user, informed. Take your time to grasp and upon interest, you can expand your knowledge about one or many, which you may find interesting and want to excel.



Access control: It ensures the resources are granted to the right users with the right permissions

Advanced Persistent Threat (APT): It is a security event in which the bad actor gains access to a system or network without being detected

Adware: Refers to any piece of software or application that display advertisements on the user’s computer

Algorithm: A set of step-by-step instructions for solving a problem, especially one that can be implemented by a computer.

Asset: An asset can be any material that is used to complete a task.

Authentication: It is the process of verifying that a person is who he claims to be.

Authorization: Process of giving the right permissions to the authenticated users.

Availability: The surety that a system can meet its purpose and is accessible to all the users using it.



Backdoor: A hidden method/tool used by the attacker on the compromised system to bypass security and gain unauthorized access to the restricted parts of a system

Baiting: The process of luring users into a trap that steals their personal information or inflicts their systems with malware

Blackhat: A Blackhat hacker is an attacker who violates a computer or network for personal gain.

Blacklist: List of a specific set of files that are known to be malicious or otherwise unwanted.

Botnet: A collection of computers that are compromised and used to create and send spam or virus to flood with messages causing a Denial-of-Service attack

Bring Your Own Device (BYOD): Refers to whether the employees can bring their own devices to work and access resources through them.

Brute force attack: Activity that involves repetitive successful attempts of trying various password combinations to break into any web application.

Bug: It refers to an error, fault, or flaw in a computer program that may cause it to behave abnormally.



Cache: Pronounced as CASH. It is a high-speed storage mechanism.

Chain of Custody: It is important to the Federal rules of evidence and its handling.

Ciphertext: Encrypted form of a message being sent

Clickjacking: Also known as UI Redress attack. A common hacking method is where an attacker may use an invisible page or HTML to overlay the legitimate page.

Common Vulnerabilities and Exposures (CVE): It is an online database operated by the MITRE organization which has the details of all attacks, exploits, and compromises for the public’s benefit.

Confidentiality: The need to ensure that the information is disclosed to only the authorized users.

Cracker: It is the proper term to refer to an unauthorized person or an attacker, instead of the term hacker.

Cryptography: The application of mathematical processes on data at rest and data in transit to ensure its safety.

Cyber Ecosystem: The collection of computers, networks, communication paths, applications, users, and data.

Cyberespionage: The unethical act of leaking data while violating an organization’s privacy and security.



Daemon: A program that is often started at the time of booting runs continuously without interventions.

Data integrity: Term ensuring the data is unmodified and therefore original, complete, and intact.

Data mining: Process of analyzing data in order to find the relevant and significant items

Data theft: Act of stealing data intentionally

Distributed Denial of Service (DDOS) Attack: An attack method that blocks the users to access the resource

Decrypt: The act of transforming a cyphertext back to its original form.

Demilitarized Zone (DMZ): A segment or subnet of a private network where the resources are hosted in a publically accessible manner. That is, to the public through the internet.

Digital forensics: Process of gathering digital information to be used as a piece of evidence in a legal procedure.



Eavesdropping: The act of listening to a network while a transaction or communication is made.

Encode (Encrypt): The act of converting a message into a coded format, named ciphertext.

Exploit: A malicious application that can take advantage of a computer’s vulnerability.



Firewall: A software or hardware that screens out viruses, attackers, and worms that are trying to enter one’s system.



Gap analysis: The comparison of actual performance against the anticipated or required one.



Hacktivism: Attacking a system or a network with a motivation driven by a cause or a belief rather than personal gain.

Honeypot: A trap or decoy for attackers



Identity cloning: A type of identity theft in which the attacker holds the identity of the victim and live in the network with that stolen identity

Incident: An adverse event in an information system or network

Incident response plan: A plan to execute or the way to respond if a security event has occurred

Insider threat: The likelihood that internal personnel may pose a risk to the security of an organization

Intrusion Detection System (IDS): A tool that detects the presence of intruders or the occurrence of a security violation and notifies the admins.



JavaScript-Binding-Over-HTTP (JBOH): An Android-specific mobile device attack that allows an attacker to start the execution of arbitrary code on a compromised device.



Keylogger: Any method of recording a victim’s keystrokes as they are typed into a physical keyboard.

Kernel: The central component of a computer operating system, the core, which provides basic services to all other components.



Least Privilege: The principle of granting users or applications only the least amount of permissions they require to carry out their intended function.

Loopback Address: a pseudo-IP address ( that always refers back to the localhost and is never broadcast over the internet.



MAC Address: It is a physical address on a network device which is a numeric value that distinguishes it from every other device on the planet.

Malicious Code: Software that appears to perform a useful or desirable function while gaining unauthorized access to system resources or tricking a user into performing malicious logic.

Malware: Any code written with the intent of causing harm, disclosing information, or otherwise jeopardizing a system’s security or stability.

Morris Worm: A worm program that flooded the ARPANET in November 1988, causing problems for many of the hosts. It was written by Robert T. Morris, Jr.

Multi-Factor Authentication (MFA): a method of confirming a user’s identity by requiring them to provide multiple pieces of identifying information.



National Institute of Standards and Technology (NIST): A physical sciences lab and a non-regulatory agency of the United States Department of commerce. They promote and maintain measurement standards.

Network Address Translation (NAT): used to distribute one or a few publicly routable IP addresses to many hosts

Network Mapper (Nmap): A utility used for network discovery and security auditing. It is open-source and free.

Non-Repudiation: The ability for a system to prove that a message was sent by a specific user and only that user and that it has not been altered.

Null Session (Anonymous Logon): A method of allowing an anonymous user to connect to a network and retrieve information such as usernames and shares without requiring authentication.



Outsider threat: The possibility that an external entity, such as an ex-employee, competitor, or even an unhappy customer, could jeopardize an organization’s stability or security.



Packet: A message fragment sent over a packet-switching network.

Password Authentication Protocol (PAP): A simple, weak authentication mechanism in which a user enters a password, which is then sent across the network in cleartext.

Password Cracking: The process of trying to guess passwords, given the password file information

Password Sniffing: Also known as Passive wiretapping, is a method of obtaining password information by listening in on a local area network.

Patch: A small update released by a software company to fix bugs in previously installed software.

Penetration: Bypassing a system’s protections and gaining unauthorized logical access to sensitive data.

Personal firewall: Firewalls that are installed and run-on personal computers

Pharming: A more advanced version of a MITM attack where a user’s session is hijacked and redirected to a spoof website.

Phishing: Act of tricking a user into entering valid credentials at a fake website by sending them e-mails that appear to come from a trusted source.



Ransomware:  A type of malware that is a form of extortion and it works by encrypting a victim’s hard drive and preventing them from accessing critical files.

Risk: The product of the threat level and the level of vulnerability

Risk assessment: The process of determining an organization’s risk level.

Root: The name of the administrator account in Unix systems.

Rootkit: A collection of tools used by hackers for masking intrusion and gaining administrator-level access.



Sandboxing: A method of testing or evaluating applications, code, or entire operating systems by isolating them.

Secure Shell (SSH): A program that allows you to log into another computer over the internet, run commands on that machine, and transfer files from one machine to another.

Secure Sockets Layer (SSL): Protocol developed by Netscape for sending confidential documents over the Internet.

security perimeter: A network’s or a private environment’s perimeter where specific security policies and rules are enforced

Session: A virtual connection between 2 hosts.

Session Hijacking: The act of taking over some else’s session.

Social Engineering: Art of manipulating people into doing something or disclosing some sensitive information.

Spear phishing: the misleading practice of sending emails pretending to come from a known or trusted sender in order to persuade recipients to reveal confidential information.

Spoof (spoofing): An unauthorized entity attempting to gain access to a system by impersonating an authorized user.

Spyware: Type of software that gets installed itself on a device and monitors it secretly.



Tailgating: Act of someone without authentication entering a restricted area following an authorized person.

Threat: When a circumstance, capability, action, or event exists that has the potential to breach security and cause harm, there is a potential for security violation.

Threat assessment: It is the process involved in finding out the types of threats that an organization might be exposed to.

Threat Model: A model which describes the given threat and the impact on it

Threat Vector: The method by which a threat approaches the target.

Time to Live: A mechanism for limiting the amount of time data can be stored in a computer or network.

Traffic: Amount of data sent and received by visitors at a given time

Trojan: Malicious software that is created by hackers disguised as legitimate software to gain access to target users’ computers. Also known as Trojan Horse.

Tunnel: a protocol for transferring data from one network to another in a secure manner.



Unauthorized access: Unauthorized Access occurs when someone who does not have permission to connect to or use a system gains access in a way that the system owner did not intend.



Virtual Private Network (VPN): It defines the opportunity to establish a secure network connection when using public networks.

Virus: a malicious software program that is installed on a user’s computer without their permission and performs malicious actions.

Vishing: A type of phishing that is carried out over a call

Vulnerability: A security flaw in a system that an attacker can exploit to gain unauthorized access



Whaling: A form of phishing targeting high-profile businesspersons and managers.

Whitehat: Legal hackers who work for organizations to test their systems by attacking them.

Whitelist: A list of trusted apps that can be executed in a restricted system

Worm: A type of malware that is primarily concerned with replication and distribution.



X-509 certificate: Used in SSL/TLS connections to ensure that the client (Web browser) is not tricked by a malicious impersonator posing as a well-known, reliable website.

X-mas Scan: This scan sets the ACK, SYN, URG, RST, and FIN flags all at once and got this name as it lights the packet like a Christmas tree

XML injection: A type of attack that manipulates or compromises the logic of an XML application.

XSS (Cross-Site Scripting): A type of attack aiming at the vulnerabilities found in browsers enabling the attacker to inject scripts into web pages.



Y2K Bug (Year 2000 bug or Millennium bug): It refers to a widely used computer programming shortcut that was predicted to cause massive havoc as the year 2000 was approaching.

Yara Rules: It is a way of finding malware by creating malware family descriptions based on textual or binary patterns

Yaska: An open-source program that scans source codes for security vulnerabilities, code quality, performance, and compliance with best practices.

Yersinia: A valuable and widely used tool for Unix-like operating systems that aims to exploit flaws in various network protocols.



Zero Day: A recently discovered vulnerability that needs to be fixed as soon as possible because if found by a bad actor can be used to gain unauthorized access.

Zombies: A zombie computer is an Internet-connected computer that has been compromised, infected with a computer virus, or infected with a trojan horse.

As long as computers exist, we humans have to take cybersecurity seriously and what we have covered in this article are “just some” of the terms in cybersecurity. Yes. This is just the tip of the iceberg in terms of the entire terminologies that exist.

But there is nothing much to worry about if you know what you are doing…!