Blog

Posted on July 28th, 2020 in Cybersecurity, Resources

Cyber Security is a crucial tech field that keeps our world safe. 

By visiting this guide you’re taking one of the first steps to becoming a cyber security professional—a rewarding path filling a critical need across the globe. Diving into the field requires learning the lingo that cyber security pros use on a regular basis. This includes a combination of general tech terms with cyber security-specific language. 

Learning the following 50+ terms puts you on a path to be able to communicate with industry professionals and will help you succeed in both your education and job.

Happy learning!

 

TERMS

Access
The ability to utilize a system to acquire information, control, or interact.

Adversary 
A threat or attacker that seeks to cause harm. Some adversaries are individuals, while others can be organizations or even foreign governments.

Asset
Anything that has value to an organization or system, such as information, structures, processes, reputations, and individuals. Assets are often directly connected to value.

Attack
A coordinated effort by an adversary to access a system and its information. Attacks can be either active or passive:

  • Active Attacks are ongoing assaults by a threat seeking to alter or control a system.
  • Passive Attacks are assaults seeking to penetrate the system but only to access information or learn from the system.


Authentication 
Verification of identity. Authentication is often required of a user or device. Closely related, authorization means the steps and evaluation process that determines whether a user or device is allowed access.

Behavior Monitoring
The observation of user activities, processes, and information systems in order to determine any unusual, abnormal activity that breaks organizational policy. 

Blacklist
A list of those who do not have access or user privileges. 

Black Hat Hacker
Individuals who engage in hacking computer systems for malicious or personal gain. 

Blue Team & Red Team
Like in sports, cyber security professionals can be both offensive and defensive. Red Team pros are offensive and experts at hacking and breaking through defenses to find security vulnerabilities. Blue Team pros are the defensive and work with developing and maintaining internal defenses to protect against threats and attacks.

Like in sports, cyber security professionals can be both offensive and defensive. Red Team pros are offensive and experts at hacking and breaking through defenses to find security vulnerabilities. Blue Team pros are the defensive and work with developing and maintaining internal defenses to protect against threats and attacks.

Bot
A computer that accesses the internet and is controlled by a remote individual or organization to perform certain functions. Not all bots are bad, but in the cyber security world bots are typically programmed to perform malicious tasks.

Bug
A small flaw or defect within a device, program, or system. 

Cloud
You probably already have information like photos and documents in the cloud. This technology is composed of a large network of computers that store data and are able to remotely respond to requests to access that data. It therefore allows you to access files or cloud-based software from anywhere.

Cyber Exercise
A planned, simulated cyber attack that allows individuals and organizations to practice their response to an attack. 

Cyber Range
A virtual vulnerable environment for training. At Eleven Fifty, students of 6-8 people work on a cyber range to identify, stop, and mitigate attacks during simulations.

Database
Databases are how information and data is stored. 

Data Server
Computer hardware or software that provides database services, allowing other computers to connect to it and access files. It’s also known as a database server. 

Data Breach
Data breaches are one of the most common cyber attacks. It entails the review or movement or sensitive information, typically by an unauthorized third party.

Decryption
The process of taking encrypted data back to its original, readable and usable form.

Disruption
Has your favorite app ever gone down for an hour or so? This was likely caused by a disruption, an unplanned event that causes an overall interruption to the functionality of a program or an organization’s operations. Disruptions are now considered one of the greatest cyber security threats, causing lost revenue from unprecedented interruption of work and operations.

Distributed Denial-of-Service (DDoS) Attack
A powerful attack that floods a website with more traffic than the server or network is able to accommodate, causing it to go down.

Encryption
Encryption involves transforming data into ciphertext, an unreadable and unusable format, for protection.

Event
Observable actions within a network or a system that could indicate a larger attack.

Exposure
Without proper security measures in place, an organization is in a state of exposure, or being unprotected, and is vulnerable to third-party attacks.

Firewall
Firewalls are a key cyber security tool. They utilize established rules to determine what is authorized and unauthorized access to a network.

Grey Hat Hacker
A hacker who is neither a Black Hat or a White Hat, but lies somewhere in the middle. These hackers typically look for vulnerabilities without the system’s owner asking (an illegal action) and alert them to the situation. Sometimes they ask for nothing in return. Other times they ask for money to fix the problem, putting them in the grey territory because they seek to get something out of their actions. 

Hacker 
Hackers are every cyber security professionals’ enemy number one. They are  unauthorized individuals who maliciously gain or attempt to access a computer or information system.

Hackers are every cyber security professionals’ enemy number one. They are  unauthorized individuals who maliciously gain or attempt to access a computer or information system.

Incident
Something that occurs in violation of an organization’s security policies that has an adverse effect (or potential to cause an adverse effect) on an information system or its data. When a cyber security team jumps into action to address the incident, it’s called incident management, while the actions themselves are called the incident response. All cyber security teams should have an incident response plan, documented action steps, and procedures they take to identify an incident and respond.

Insider Threat
Not all threats come from outside hackers. Individuals within an organization can also pose a risk. Insider threats are those internal people who have access to sensitive data and information as well as procedures, products, and more and could possibly use that access in a harmful manner.

Integrity
Integrity refers to information and data that is still in its original state and has not been altered in any way during its storage or transfer.

IP Address
A computer’s home address and identification when it’s communicating over a network, such as logging onto the internet.

Cyber Security Terms 101: 55+ Terms to Get Started in Cyber Security

Malicious Code
Code written to perform a task that has an adverse effect, such as destroying data integrity or breaching confidentiality of information. 

Malware
A software that is created with the intent to perform unauthorized actions in order to compromise a system’s overall operations.

Man-in-the-Middle 
When an attacker intercepts an exchange of communications between two parties with the purpose of eavesdropping or impersonating a party (like an individual’s bank) to steal sensitive information. 

Micro Virus
A software that impacts common applications like word processors to infect data.

Mitigation
Using a process of risk-reduction actions to minimize effects of an event.

Network Resilience
The strength of a network against an event. Factors that determine network resilience include how well it’s able to continuously operate without interruption, how well it can bounce back when a failure happens, and how well it can jump into action to meet new, unforseen demands.

Factors that determine network resilience include how well it’s able to continuously operate without interruption, how well it can bounce back when a failure happens, and how well it can jump into action to meet new, unforseen demands.

Operational Exercise
Cyber security teams thrive on practice and preparation. Operational exercises are when they go through the steps of a response to an incident, utilizing their previously developed procedures and responsibilities by role.

Outside Threat
Most attacks and events are from outsider threats, or external individuals or groups who pose a risk to an organization and its data, procedures, and other assets.

Penetration Testing
An ethical form of hacking. Also known as pen testing, it involves cyber security pros seeking to find vulnerabilities and breach security on purpose in order to improve it.

Phishing
We’ve all gotten those emails from Nigerian princes looking to give you millions, right? Those emails are a phishing scam, a common threat, typically found in email form, with the goal to deceive an individual into giving sensitive information like passwords or bank account numbers.

Plaintext
Information that is not encrypted, and therefore usable and readable.

Precursor
Something that precedes an incident and alerts you that an attacker might be in action.

Recovery
What happens after an event or an incident? Recovery refers to the steps a cyber security team takes to get essential operations and services up and running, followed by the actions they take to fully restore and protect against future attacks.

Response 
Response is short-term action taken, sometimes manually, sometimes automated, as the first line of action during an incident.

Risk
Risks are at the center of cyber security! They are potential negative effects of an incident or event. Risks are created by security vulnerabilities. Risk Assessments help entities identify their potential risks and the consequences. Developing an action plan and taking steps to reduce risk is known as Risk Management.

They are potential negative effects of an incident or event. Risks are created by security vulnerabilities. Risk Assessments help entities identify their potential risks and the consequences.

Rootkit
A form of malicious software that gives an unauthorized user privileged, unrestricted access from a remote location. Rootkits contain tools for a variety of malicious uses, including those that steal passwords and other sensitive data, bots, and more.

Software
Software is a package of programs coded to execute a certain task. Apps and programs you download onto a desktop computer are all forms of software.

Spoofing
A threat that entails a transmission mimicking a real address in order to get access to an otherwise secure system. 

Spyware
A form of software that is installed onto a system without the user knowing. 

Threat
Events that point to security vulnerabilities being exploited, negatively impacting an entity.

Threat Assessment
Identifying potentially harmful actions and occurrences, as well as outside entities, that have the potential to cause harm to an entity, its property and information, and the people within it. 

Trojan Horse 
Another form of malicious software. On the surface they appear to be functional, helpful programs, but they are designed with a secret malicious function that can override security measures in place. 

Cybersecurity Certifications: What You Need to Know

Unauthorized Access
Any access to a system that is against security policy, whether performed through hacking or caused by an individual performing inappropriate actions.

Virus
A piece of programming that, just like a human virus, can replicate and spread. It frequently infects a computer without the user’s consent or, sometimes, knowledge.

Vulnerability
Weaknesses that open the door to a security threat and create risks. 

Weakness
Imperfections found within the code and design of a software program that increase vulnerability.

White Hat Hacker
Hackers who use their skills for good. White Hat Hackers are ethical hackers (typically cyber security professionals) who work to find vulnerabilities. They typically use the same methods as Black Hat Hackers, but legally because they’re doing it on behalf of a company to test their own system’s security.

Whitelist
The opposite of a blacklist, those who have access privileges and are seen as trustworthy actors, whether individuals or entities.

WHAT’S NEXT?

Now that you have an overview of these key cyber security terms, it’s time to take the next steps toward a new career in cyber security or tech!

Get the inside scoop on tech careers with these resources

Build on your new tech knowledge with a free intro course

Eleven Fifty Academy offers free courses to get a crash course in coding and tech and get a better understanding if coding is the right path for you. Choose from Intro to Cyber Security, Intro to Coding, or Intro to UX/UI Design. 

See upcoming courses.

Learn more about tech bootcamps

Bootcamps offer everything you need to build a solid foundation in tech skills. Their intense, condensed programs help you transition into a new career in less time than a traditional college degree. Bootcamp students come from all backgrounds and situations, including right out of high school or college, mid-career change, unemployed and displaced, underemployed, employed and looking to advance their skills. 

Eleven Fifty offers 12 and 24-week programs in Cyber Security, Web Development, Software Development,  and UI/UX Design. Explore the courses options

Questions? Want to learn more about if bootcamp is for you? Interested in financial aid opportunities? Contact a member of our Admissions Team.

SHARE

RELATED POSTS