Information Security Glossary
Authentication: Checking if someone really is who they say they are. Like when you sign in to your email with the right username and password.
- Related: Password Manager, Two-Factor Authentication (2FA)
Baiting: Tricking people into giving personal information using a lure, like a USB drive with a company logo in a public place.
- Related: Social Engineering, Phishing
Breach: When data is accidentally exposed or left unprotected, making it susceptible to hacking. Like the 2018 Facebook data breach, where nearly 50 million user accounts were compromised due to a security flaw.
-
- Related: Cybersecurity, Incident Response
Cybersecurity: The practice of protecting systems connected to the internet, including hardware, software, and data, from cyberattacks.
-
- Related: Network Security, Incident Response
Encryption: Changing data into secret codes to keep it safe. Like when you pay online, your card details become coded to keep them secure.
-
- Related: Virtual Private Network (VPN), Breach
Firewall: A system that watches and manages data going in and out of a network based on rules. It can stop unauthorized access to a private network.
-
- Related: Network Security, VPN
Incident Response: The method of dealing with a security breach or cyberattack, including preparation, detection, containment, eradication, and recovery stages.
-
- Related: Breach, Cybersecurity
Malware: Harmful software made to damage or misuse computer systems, networks, or users. Ransomware and viruses are examples.
-
- Related: Ransomware, Breach
Network Security: Measures taken to prevent and watch over unauthorized access, misuse, or denial of a computer network and its resources.
-
- Related: Firewall, Virtual Private Network (VPN)
Password Manager: A tool that safely saves and manages passwords for different online accounts. It helps you make and remember unique, strong passwords.
- Related: Authentication, 2FA
Phishing: A type of cyberattack where an attacker pretends to be a genuine entity to steal sensitive information. This can happen through email or text scams.
- Related: Social Engineering, Baiting
Physical Security: Measures to stop unauthorized access to facilities, equipment, and resources, and to protect people and property from damage. This can include security cameras, locks, and access control.
- Related: Tailgating, Cybersecurity
Pretexting: A type of social engineering where attackers create a false story to try and steal victims’ personal information.
- Related: Social Engineering, Baiting
Privacy Policy: A statement telling how a company collects, handles, and uses customer and visitor data. Good websites should have a privacy policy to reassure users about data protection.
Ransomware: A type of malware that locks a victim’s data and asks for money to unlock it. For example, the WannaCry attack affected many computers worldwide.
- Related: Malware, Incident Response
Remote Working: A work style that lets people work outside a traditional office. It depends on technology for communication and coordination.
- Related: Cybersecurity
Reverse Social Engineering: A technique where the attacker presents themselves as an authority or helpful person so the victim seeks them out for help.
- Related: Social Engineering, Pretexting
Social Engineering: A technique that uses human psychology to get sensitive information or access to systems.
- Related: Phishing, Baiting, Pretexting
Tailgating: A method of security breach where an unauthorized person follows an authorized person into a restricted area.
- Related: Physical Security
Two-Factor Authentication (2FA): A security method where users have to give two different kinds of identification to access an account.
- Related: Authentication, Password Manager
Virtual Private Network (VPN): A technology that makes a safe, secret connection between a user’s device and a far-off server. It helps protect data and privacy.
- Related: Encryption, Network Security
Zero-Day Vulnerability: A new weakness in software or hardware that cybercriminals exploit before the maker has a chance to fix it.
- Related: Malware, Incident Response