Those who believe using a long password is all they need to keep their data secure have a lot to learn.

There is so much more that goes into cyber security, especially when you consider that securing your data and your identity is an absolute must, no matter what industry you’re in.  

Strong passwords are crucial, and technology like data security software offers additional layers of protection to safeguard your sensitive information. But educating yourself is the first step.

To help you learn more about cyber security, we’ve compiled over 70 of the most common terms and defined them for you.

Must-know cyber security terms

As you’ve browsed the internet, you’ve probably run into a lot of terms like “phishing” and “malware” and have been unsure what they mean and how they pertain to you. Now, you don’t have to search for a definition that makes sense, as (almost) everything you need to know is right here.

Ready to expand your cyber security vocabulary? Just keep reading.

A through E

Let’s start at the top!

A

Admin privilege: Having ultimate control of any given system.

Advanced Persistent Threats: When an unauthorized user invades a network, stays for an extended period of time, and steals data without harming the network.

Adware: Software that automatically displays or downloads material when a user is offline.

Air gap: A security measure that isolates a network from the internet or other external networks, making it more difficult to attack.

Attack vector: The technique a hacker uses to gain access to a computer or network in order to achieve a malicious outcome.

Authenticator: The way in which the identity of a user is confirmed.

B

Backdoor: An alternative way to access software or hardware, typically unauthorized and implanted by intelligence agencies.

Bitcoin: Cryptocurrency, a form of electronic cash created by Satoshi Nakamoto.

Black hat hacking: Hacking with malicious intent. Typically to gain access to a computer and steal as much data as possible.

Bot: Programs that automatically execute tasks as ordered by the creator of the program that has infected them.

Botnet: A collection of private computers that are infected with malicious software that are being controlled without the owner’s knowledge.

Bug: An error, flaw, failure, or fault in a computer program or system that causes an unintended code interaction.

Brute force attack: When an attacker inputs many passwords in the hope that it is eventually guessed correctly.

C

CAPTCHA: A test that distinguishes between robots and humans using a website where you have to “prove you’re human”.

Catfishing: Creating a fake identity on a social network account, usually a dating website, to target a specific victim for deception.

Closed source: Also known as proprietary software, when the code is hidden from the general public.

Cloud security: The strategies and policies used to protect data applications and cloud system apps.

Cookie: A segment of data sent by an Internet server to the browser that is returned to the browser every time it accesses the server. This is used to identify the user or track their access to the server. Initially, cookies were used to stay logged in but are now commonly used for tracking.

Cyber attack: An attack to violate the security of a computer system, network, or device with the intent to steal data, disrupt operations, cause damage, or gain unauthorized access.

Cyber security: A technique for protecting computers, networks, programs, and data from unauthorized access or hackers for exploitation.

Crypojacking: A hacking attack that makes the device mine cryptocurrency, in addition to its normal use.

D

Dark web: A hidden part of the internet that is not indexed by search engines and requires special software to access.

Data breach: When sensitive, protected, or confidential information is intentionally released to an untrusted environment.

Data encryption: Transforming data in such a way that only approved parties can decrypt and access it.

Data protection: Also known as data privacy and information privacy, the process of safeguarding information so it doesn’t fall into the wrong hands.

Digital security: An all-encompassing term for the tools used to secure your identity, data, assets, and devices.

DoS: Short for denial of service, an attack that disrupts the service to waste time, effort, and money.

DDoS: Short for distributed denial of service, an attack that occurs when multiple systems infiltrate a targeted network. Typically a global attack.

E

Encryption at rest: The process of scrambling data while it's stored on a device, making it unreadable if the device is stolen or accessed unauthorized.

Encryption in transit: The process of scrambling data while it's being transmitted between two locations, making it unreadable to anyone who intercepts it.

Endpoint security: Security measures applied to individual devices, such as laptops, desktops, and mobile phones.

Ethical hacking: The practice of locating vulnerabilities and weaknesses in information systems and computers by duplicating the actions and intent of malicious hackers who seek to bypass security and search for gaps in systems that can be exploited.

Evergreen: Software that is in a constant state of updating. Intended to be convenient to the user and meant to disrupt hackers.

F through J

More hot and fresh cyber security terms coming your way!

F

Firewall: An internet traffic filter meant to stop unauthorized incoming and outgoing traffic.

Firmware: Code that is embedded into the hardware of a computer.

Fileless Malware: Malware operating in-memory.

Flame: Also known as Flamer, sKyWIper, and Skywiper, a modular computer malware discovered in 2012. It attacks computers running on Microsoft Windows.

H

Hacker: A cyber attacker who uses software and social engineering methods to steal data and information.

Hardware: The physical and tangible parts of a computer, such as the monitor, keyboard, speakers, etc.

Hash: An algorithm that turns a large amount of data into an encrypted output of fixed length to compare without converting it into plaintext. A hash is a crucial part of blockchain management in cryptocurrency.

I

Identity check: Confirmation of someone's identity, either using a password or a fingerprint.

Identity theft: The deliberate use of someone else's identity, typically for financial gain.

Incident response: The process of detecting, responding to, and recovering from a cyberattack.

Information technology: Also referred to as IT, the study or use of computers and telecommunications to store, retrieve, transmit, or send data.

Insider threat: A malicious threat to a group or organization that comes from someone within, like an employee, contractor, or business associate, who has insider information regarding the organization’s data, computer systems, or security measures.

Internet of Things: Also referred to as IoT, is an object that has an internet connection. Can be anything from your dog’s collar, watch, vehicle, hearing aid, and more.

IP address: Also known as an Internet Protocol address, is the string of numbers used to identify each computer using the internet on a network.

J

Javascript: A language used to create and control the content on a website, allowing you to program the behavior of web pages to do a specified action.

K through O

This section is shorter than the others, but let’s breakdown the most important terms you’ll need to know.

K

Kernel: The core of a computer’s operating system that houses the most essential functions of the computer.

Keylogger: A computer program that records keystrokes made by a user. This user is typically unaware that their actions are being monitored and that a hacker now has access to passwords and other confidential data.

M

Machine learning: The focus of developing programs that access and use data on their own, leading machines to learn for themselves and improve from learned experiences.

Malware: Short for malicious software, is any kind of software designed to damage, or enable unauthorized access, to computer systems.

Metadata: Seemingly harmless impersonal data, like how many times a user clicked or refreshed the page when visiting a website.

Mitigation defense: Software that doesn’t stop hacking from happening, but will mitigate the effects.

Multi-factor authentication (MFA): A security measure that requires two or more verification factors to access an account, making it more secure than passwords alone.

N

NSA: Stands for the National Security Agency and is the official United States cryptologic organization under the Department of Justice. Responsible for global monitoring, collection, and processing of information and data for both foreign and domestic intelligence.

O

Open source: Software that has their code listed as free to use, share, and modify.

P through T

Don’t stop now! You’re almost done!

P

Password: A secret word or phrase that is used to access a computer system or service.

Patch management: A strategy that is in place to manage upgrades for software applications.

Penetration testing (pen testing): The practice of simulating a cyberattack to identify vulnerabilities in a system.

Phishing: The method of obtaining user information through fraudulent communications targeted directly at people. This is usually done through emails disguised as coming from a legitimate source but delivers the target’s information back to the hacker’s actual source.

Piggyback programs: Programs that are bundled into another program that a user downloads in the hope that the user will select “next” by force of habit and install.

Plaintext: Text that can be read by the human eye, like this article!

Plugins: Customizable additions to software for extra functionality.

Private data: Data that is used to identify you, like your name, address, phone number, or Social Security Number.

R

Ransomware: A form of malware used to threaten victims by blocking, publishing, or corrupting their data unless the ransom is paid.

ReCAPTCHA: A service from Google that works to protect websites from spam and abuse caused by robots. A user is presented with a Turing test to distinguish them from a robot.

Rootkit: One of the most insidious types of malware, as they are extremely stealthy and difficult to detect by traditional endpoint protection methods. This malware masks its existence and controls the operating system, preventing its detection even further. Hackers use rootkits to access a system and steal information.

S

Sandboxing: An effort to increase security by isolating processes and browser tabs from one another and the rest of the computer.

Script: A simple form of code for software that can be written in word editors.

Social engineering: The act of taking advantage of human trust to gain access to private information. This can be done as easily as calling a number and asking for it.

Software: The programs and other operating systems used by a computer.

Spoofing: An attack in which a person, or program, disguises themselves as another by falsifying data to gain an advantage or the trust of someone else.

Spyware: A term coined in the mid-1990s to describe malware used to gain access to a user’s systems and monitor their data, files, and behavior. Often used to disable firewall or anti-malware software while consuming CPU activity to increase an endpoint’s vulnerability to attack.

Supply chain attack: An attack that targets a third-party vendor to gain access to a target organization.

SSL certificate: Standing for Secure Sockets Layer certificate, this authenticates the identity of a website and encrypts the information sent to the server using secure technology.

T

Trialware: Software that can only be run for a limited amount of time before it expires.

Trojan: A form of malicious software that disguises itself as a harmless computer program but provides threat actors with the ability to execute any variety of attacks that steal information, disrupt functionality or damage data.

Two-factor authentication: Attaching a phone number or email address to an account for heightened security.

U through Z

Last but not least….

V

Virtual Private Network: Also known as a VPN, it allows you to create a secure connection to another network using the internet.

Virus: Viruses are typically attached to files, applications or downloads that appear to be non-threatening elements. Once downloaded, opened or executed, the virus can piggyback onto programs to corrupt data or expand throughout a network and damage systems across a company.

Vulnerability: A weakness in a computer system or network that can be exploited by attackers.

W

White hat hacking: Hacking that is meant to do minimal damage and is usually done out of curiosity.

Worm: Worms predate viruses and have infected systems since mainframes were the only computers in existence. Worms are also capable of self-replication and may spread by exploiting flaws in applications or through social engineering.

Z

Zero-day exploit: A previously unknown, bug, flaw, or backdoor in software. An attack happens once this flaw is exploited and attackers release malware before the flaw can be patched.

Zero-trust security: A security model that assumes no user or device is trustworthy by default and requires continuous verification.

The more you know!

With all of these terms, you’re ready to tackle anything and everything that has to do with cyber security.

Keep learning more about this world with the top cyber security statistics.