There are numerous cyber and information security terms being circulated and this is by no means a complete glossary but it does try to offer an understanding of the most common jargon and technical terms you may encounter.


Please select a glossary section:

Access Control

A way of controlling who has access either physical or digital to a building / department or a system, file, computer or online service

Administrator Privileges

Allows access to computer systems that are unavailable to most users and allows the execution of actions that would otherwise be restricted

Adware (Add-on Software)

This is software that automatically starts, launches, downloads advertising material onto your computer (e.g. pop-up banners)

Air-Gapped Environment

A security measure that enable s a secure network to be isolated unsecure networks in all manners – physically, electrically, and electromagnetically

Anomalous Activity

Comparison process to define what activity is considered normal against observed events to identify significant deviations

Anti-virus Software

This is software that will protect your computer from viruses that it encounters on the internet. It is important to keep this regularly updated as new viruses are constantly being introduced

APT (Advanced persistent threat)

This is an attack on a network by an unauthorised person who wants to gain access and remain hidden for a period of time. Due to it’s nature it is usually associated with stealing data rather than someone trying to cause damage and is mainly aimed at companies in sectors that hold high-value information such as the financial industry

Attack Signature

Specific sequence of events symptomatic of an unauthorized access attempt


Process of verifying the identity of a user, machine or any other entity


Something that is of value to an individual or business NB in tech speak this refers to a list of all your hardware such as servers and computers so we may need to change this a bit


When unauthorised access is obtained to a programme or online service without detection


To make a copy of data stored on a computer or system

Bandwidth (measured on bits per second bps)

The capacity to communicate data through a given channel in a set amount of time

Baseline Configuration

Set of specifications for a system that have been officially reviewed and agreed on at a given point in time, and that can be changed only through official procedures

Black Holing

This method is usually used by an (ISP) Internet service provider to stop a (DDoS) Distributed denial of service from attacking on one of its customers. However, this approach makes the actual site completely inaccessible to all traffic, both malicious and legitimate


Malware that gets what it needs and then destroys its target or renders its host unusable if it is detected by security systems

Border Router

Device found at an organisations boundary to an external network


Is a network of computers that is controlled by cyber criminals


A fast data transmission system where the communications set-up can be shared between multiple users

Buffer Overflow
Business continuity management

A process for preparing and maintaining continued business operations during and after disruption or crisis

Business systems

The systems required to manage and support a business (e.g. email)


Bring Your Own Device


Official acknowledgment that specific requirements have been met

Change Management

Broad processes for managing organisational change, including planning, governance, project management, testing, and implementation


A transaction made using a payment card where the supplier initially receives payment but is later disputed and the transaction is rejected by the cardholder causing the suppliers account to be debited

Cloud computing

The practice of using a network of remote (usually shared) servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer


Content Management System

Communication Network Diagram

The configuration or arrangement of a network including its nodes and connecting communication lines

Crisis Management

Process of managing a company’s operations in event of an emergency that puts business continuity under threat including its ability to communicate with employees, customers, and the media

Critical System

Includes all the systems and assets that are so important that the incapacity or destruction of them could have a debilitating impact

Cyber Attack

Attack via cyberspace to damage, disrupt or gain unauthorised access to a computer, computer system, or network with the aim of either disrupting, disabling, destroying or controlling a computing environment or infrastructure, or destroying the integrity of the data or stealing controlled information

Cyber Crime

Criminal/illegal activities using computers and/or networks

Cyber Space

The environment through which digitised information is distributed on networks of computers

Cyber Threat

Events, actions, or people with the potential to exploit technology-based vulnerabilities and to have a negative impact on operations, assets (including information) or individuals
Data loss prevention (DLP)

A format of implementing policies and controls designed specifically to protect data when it is stored, used or being moved around a network .

Data Driven Attack

This is an attack that is encoded in what appears to be simple data. These are able to penetrate firewalls as they are not detected in data form and can then launch an attack on a system once inside

Data Mining

Process of analysing information to find unrevealed patterns or correlations

Digital Certificate

Electronic equivalent of an ID card that authenticates the instigator of a digital signature

Disaster Recovery Plan

Plan describing processes to recover from significant processing interruptions

Distributed Denial of Service (DDoS)

Form of attack that makes a computer resource or resources unavailable to its intended users

DMZ (demilitarised zone)

Part of a network that allows less trusted users to access certain servers

Domain Name System Security Extensions (DNSSEC)

Technology developed to protect against such attacks by providing a digital signature to data so as to be assured it is valid

DoS Attack (Denial of Service)

These attacks are aimed at stopping the normal running of a server, network or website.. The most usual format is to slow down the function by overloading with requests which could eventually lead to a complete crash so that access to users is denied

DDos (Distributed Denial of service)

Is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources


Dynamic provable data possession


This is when hackers are intent on stealing funds by exploiting system vulnerabilities via the HR / salary process. Often there’s an automatic regular repetitive process that processes employee salaries using data from the company HR system. The hacker logs into the HR system and simply changes the payment information to another bank account. Then the hacker sits back and waits for the normal weekly or fortnightly payroll process to run. The first sign of detection is staff realising their regular pay hasn’t been deposited they call HR by which time the money has been moved. A side effect of access to the HR system is that other personal information is accessed too.

Drive-by Download

A computer can become compromised simply by visiting a website that itself contains a malicious code. Cybercriminals can inject a vulnerable web page without their knowledge and in turn anyone who visits that website without their own protection in place will inadvertently download the malicious programme to their own computer


End-to-end encryption


Transforming data into a code to hide its content so only those with the knowledge of the code can access the information


Refers to the date when a software product no longer receives automatic fixes, updates or online technical assistance from the producer

Enterprise Network

Configuration of computer systems within an organisation that include local area networks (LAN), wide area networks (WAN), bridges and applications


A communications system connecting a number of computer systems to form a local area network (LAN)


Technique or code that intentionally takes advantage of a vulnerability allowing an attacker to access a system and impact an operating system or application program


This can be a piece of hardware or a software solution that only allows authorised users to enter. It will have built-in filters that block unauthorised or potentially dangerous material from entering the system and should also log any attempts to break through

FTP (file transfer protocol)

Standard high-level protocols to transfer files from one computer to another

Gap analysis

Analysis that uses comparison to identify the difference between actual and desired outcomes


General Data Protection Regulation


The Snapchat of malware. Snapchat, the popular social app, allows users to send photos and videos to friends that, once viewed, “disappear” and cannot be viewed again. The concept of ghostware is similar: The malware enters a system, completes its task then disappears without leaving a trace


A person who has the expertise to break through computer security


This is the process by which to identify and rectify vulnerabilities on a system


This is the collection of valuable information such bank details, email addresses, passwords


Transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string, and used to index and retrieve items in a database because it is faster to find the item using the shorter key than to find it using the original value

Hot Add

Ability to dynamically add hardware, virtual or physical, to a running system without downtime


Hypertext Transfer Protocol


Hypertext Transfer Protocol (HTTP) within a connection encrypted by TLS or SSL

Identity Management

A method used to validate someone’s identity when they try to access a network

Incident Management

Executing a defensive response when a network’s security is threatened

Incident Response Plan

Action process including resources and communication strategy when an actual or potential threat has been identified

Information security

This encompasses all measures that are used to protect company or personal information from any compromising activity

Information Systems

Electronic or paper-based systems used to access, store, transmit, protect and finally dispose of information


Systems technologies that include operations such as central computer processing, end-user computing, local area networking, and telecommunications, devices that control transmission paths such as routers, aggregators and repeaters, and the software used to send, receive and manage transmitted signals

Intrusion Detection System (IDS)

A security system that collects and analyses information to identify possible attempts of unauthorised access and security breaches, both internally and externally

Intrusion Prevention System (IPS)

A security system that blocks the unauthorised access and security breaches

Internet Service Provider (ISP)

A company that provides access to the internet and other related services


Internet Protocol


Internet Protocol Security

IP Spoofing
Keyboard Logger

The logging of typed keystrokes to secretly capture and record private/confidential information (e.g. login details and passwords)

Life-Cycle Process

Process with multiple steps starting with the initiation, analysis, design, and implementation of a system and follows through to the maintenance and its eventual disposal

Local area network (LAN)

A communications network that links multiple computers in a defined location (e.g. a business office)


Media access control address

Malware (malicious software)

Any software programme that has been created to conduct a harmful/unauthorised action within a user’s device, usually intending to infiltrate damage or disable the device (e.g. Trojan viruses and keyloggers)

Man-in-the-Middle Attack (MITM)

An attacker can monitor and change communications as they are positioned within the communication line between the server and the user


Quantitative measurements

Mobile Device

Portable computing and communication devices with capacity for storing information including notebook and laptop computers, cellular telephones and smart phones, tablets, digital cameras and audio recording devices

Multifactor Authentication

Using two or more factors to achieve authentication including passwords, PIN’s, cryptographic identification device or some form of biometric


Two or more computer systems that are grouped together to enable them to share information, software and hardware

Network Activity Baseline

Baseline that is identified to determine typical patterns in order to detect significant deviations

Network Administrator

Identified individual who is responsible for the installation, management and control of a network

Network Firewall

A device put in place to control traffic to and from a network


Psychological syndrome in which a person is afraid of being out of mobile or cell phone contact

Operating System

A system that supports and manages software applications


Process of using another entity to complete services that could otherwise be done in-house


A series of characters used to authenticate a person’s identity that should be kept secret/private


A code that is used to update a system or software package that is released to fix a bug or known vulnerability


Payment Card Industry


If unauthorised access to sensitive data is obtained by skirting system protections

Personal firewall

Software that is put on a PC to control network traffic to and from that computer


A method by which criminals try to get individuals to disclose valuable information such as bank details and passwords, they usually send an email that looks as though it is from an official source with a hyperlink to a fake site where the user will be asked to type in confidential information

PKI (Public Key Infrastructure)

This enables users and computers to safely exchange data over networks and to verify the identity of the other user by supporting the distribution of public encryption keys


Point-to-Point Tunneling Protocol

Portable device

A small transportable computing device such as a smart phone, laptop or tablet computer

Principles of Least Privilege

Security objective of gives users only the access that they needed perform official duties

Privileged Access

Individuals who have been given the ability to override system or application controls

Proxy Server

This is a server that acts as an intermediary between a workstation user and the internet in order to validate requests and ensure security. It is usually associated with or part of a gateway server and a firewall server

Real-Time Network Monitoring

An immediate response when an attempt to penetrate has been detected and identified in time to prevent access

Remote Access

Obtaining access to a computer or network from a remote location

Remote Login

A utility that allows a user to login onto a network, as if it were directly connected but is an information exchange between devices where the information cannot be reliably protected the organisation’s security controls

Removable Media

Portable electronic storage media that can be inserted into and removed from a computing device and which is used to store text, video, audio, and image information, this includes hard disks, zip drives, compact disks (CD), thumb drives, pen drives and similar storage devices


Organisational ability to recover from a significant disruption and reinstate critical operations

Resilience Testing

Tests that identify an organisations ability to recover from a significant disruption


The recovery of data following computer loss or failure

Risk assessment

The process of identifying, analysing and evaluating vulnerabilities both physical and digital

Risk Management

Identifying vulnerabilities in an organisation and developing a strategy to help deter and protect against an attack

Rogue Wireless Access

Unauthorised wireless nodes on a network


These are programmes used by hackers to dodge detection while they try to gain access, once installed they are invisible and can avoid being detected by security software


Hardware device connecting two or more networks and routing incoming data to the appropriate network


In password protection, salt is a random string of data used to modify a password hash. Salt can be added to the hash to prevent a collision by uniquely identifying a user’s password, even if another user in the system has selected the same password. Salt can also be added to make it more difficult for an attacker to break into a system by using password hash-matching strategies because adding salt to a password hash prevents an attacker from testing known dictionary words across the entire system


Restricted and controlled execution environment that prevents potentially malicious software from accessing any system resources unless it has been authorised

Security Log

Creates records that contain login, logout activity and other security events and can track security based information on a computer system


Computer that provides data, information or services to other computers over a network


Secure File Transfer Protocol


A mobile phone that has been constructed on a mobile computing platform offering a more advanced computing capability than a standard mobile phone

Social Engineering

Format for attempting to trick people into revealing confidential or private information and/or performing certain actions


A software component that connects a computer programme to a LAN (local area network) or a WAN (wide area network), allowing data to be read and written over the network

Spamming or Spam Emails
Spear Phishing

Attack that targets a specific user or group aiming to trick them into performing an action, such as opening a document or clicking a link, that then launches an attack. It relies on the attacker knowing some personal piece of information about their target


Scalable, provable data possession


Is a form of Malware that is able to pass information about activity on a computer to a third party such as key strokes, passwords and contact details, as well as reducing the performance of the device itself


Secure Shell


Secure Sockets Layer


Transmission Control Protocol


Transport Layer Security


Small device that has a computer chip embedded in it and is used to store/ transmit electronic information

Trojan virus

A programme that pretends to be legitimate software but when activated it launches harmful activity however unlike other viruses and worms, a Trojan cannot spread by themselves

Two-Faced Malware

Developed to defeat Sandboxing. It behaves benignly while in the sandbox before performing its malicious process once it passes through security protocols. Sandbox solutions often employ a rating system based on the observation of the inspected files. If everything looks OK, the sandbox will assign an “innocent” rating. This rating could be applied to following items by security monitoring systems and so may enable future versions of files to be given the “all clear” without being sandboxed and therefore potentially able to bypass inspection by advanced security systems. Two-faced malware could be enhanced to game sandbox rating systems in a counter-intelligence move, making it much more difficult to detect

Virtual Private Network (VPN)

Computer network that uses public telecommunication infrastructure, such as the Internet, to provide remote users secure access to their organisation’s network


(Voice phishing)


A malware that loads into a programme on a computer without the user’s knowledge, it must have a host programme to be active, it cannot run by itself


Voice over IP


A weakness that can be used to penetrate or attack a system


Wide Area Network


Type of ‘Phishing’ aimed at senior executives such as CEO, CFO and individuals with executive authority relating to financial payments


A malware that does not need to attach itself to a programme, instead it replicates itself and sends copies to infiltrating other computers by using networks


Wi-Fi Protected Setup


Cross-Site Scripting


Vulnerabilities in software that no-one knows are there (apart from the hacker) until something goes wrong, i.e. realising money has gone missing. So-called because when found, companies have “zero days” to fix them