21 Essential Cybersecurity Terms You Should Know
In part one of this blog series, we looked at 40+ cybersecurity terms and acronyms, ranging from RaaS (RansomwareWhat is Ransomware? Ransomware is a type of cyberattack in which the attacker infects a computer with malicious software that encrypts the victim's data. The computer usually becomes locked, presenting... as a Service) to SASE (Secure Access Service Edge). In part two, we take a deeper dive into Cybersecurity and give you the essential 21 cybersecurity terms you should know about.
Cybersecurity terms and acronyms
SSL:
Secure Sockets Layer, is an encryption-based Internet security protocol. It was first developed by Netscape in 1995 for the purpose of ensuring privacy, authenticationWhat is Authentication? Authentication is the process by which the identity of a user or system is verified. It ensures that the entity attempting to access a resource is who..., and data integrity in Internet communications. SSL is the predecessor to the modern TLS encryptionWhat is Encryption? Encryption converts readable data (plaintext) into a scrambled and unreadable format (ciphertext) using an algorithm and a key. The primary purpose of encryption is to ensure the... used today.
TLS:
Transport Layer Security is the successor protocol to SSL. TLS is an improved version of SSL. It works in much the same way as the SSL, using encryption to protect the transfer of data and information.
MIM:
Machine identity management is the process of governing and orchestrating the identities – digital certificates and keys – of machines – devices, workloads, applications, containers, IoTWhat is the IoT? IoT, or Internet of Things, refers to the network of interconnected devices embedded with sensors, software, and other technologies, enabling them to collect and exchange data..., etc. Machine identity management is essential for data security, integrity, and compliance, as it authenticates communicating parties and ensures all traffic is encrypted.
HTTP:
Hypertext Transfer Protocol is the set of rules for transferring files — such as text, images, sound, video and other multimedia files — over the web. As soon as a user opens their web browser, they are indirectly using HTTP.
IoT:
The Internet of Things describes the network of physical objects – “things” that are embedded with sensors, software, and other technologies for the purpose of connecting and exchanging data with other devices and systems over the internet.
W3C:
The World Wide Web Consortium (W3C) is an international organization committed to improving the web. It is made up of several hundred member organizations from a variety of related IT industries. W3C sets standards for the World Wide Web (WWW) to facilitate interoperability and cooperation among all web stakeholders.
APIWhat is an API? An Application Programming Interface (API), is a set of definitions and protocols for building and integrating application software. They allow disparate products or services to communicate with... More:
Is the acronym for Application Programming Interface, which is a software intermediary that allows two applications to talk to each other. Each time you use an app like Facebook, send an instant message or check the weather on your phone, you’re using an API.
PKI:
Public Key Infrastructure is the framework of encryption and cybersecurity that protects communications between the server (your website) and the client (the users). Think about all the information, people, and services that your team communicates and works with. PKI is essential in building a trusted and secure business environment by being able to verify and exchange data between various servers and users.
DevOpsWhat is DevOps?DevOps is a methodology that seeks to break down silos between development and operations teams to improve the speed and reliability of software delivery.DevOps is a methodology or...:
The word DevOps is a combination of the term’s development and operations, meant to represent a collaborative or shared approach to the tasks performed by a company’s application development and IT operations teams. In its broadest meaning, DevOps is a philosophy that promotes better communication and collaboration between these teams — and others — in an organization
SSH:
Secure Shell is a network communication protocol that enables two computers to communicate (c.f http or hypertext transfer protocol, which is the protocol used to transfer hypertext such as web pages) and share data. An inherent feature of ssh is that the communication between the two computers is encrypted meaning that it is suitable for use on insecure networks.
IAMWhat is IAM? Identity and Access Management (IAM) is a framework of business processes, policies, and technologies to manage electronic or digital identities. IAM frameworks allow Information Technology (IT) managers to...:
Identity and access managementWhat is Access Management? Typically delivered as part of an Identity and Access Management (IAM) solution, access management ensures that organizations allow users the necessary resources when needed, while restricting... (IAM) is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities.
HSM:
A hardware security module is a physical device that provides extra security for sensitive data. This type of device is used to provision cryptographic keys for critical functions such as encryption, decryption and authentication for the use of applications, identities and databases.
OOT:
Object-oriented technology is a software design model in which objects contain both data and the instructions that work on the data. It is increasingly deployed in distributed computing.
MNO:
A mobile network operator owns and operates the infrastructure and other elements necessary for mobile communications. Also called carriers or wireless service providers, MNOs provide mobile services to their subscribers.
eSIM:
The term “eSIM” simply means an embedded SIM card. There are no physical SIM cards involved and no physical swapping over required by you. eSIM needs to be supported by the network or carrier and enabled by them and not all networks support eSIM as yet.
AIWhat is AI? Artificial Intelligence (AI) refers to the simulation of human intelligence processes by computers in an aim to mimic or exceed human cognitive abilities across a range of domains.... (Artificial intelligence):
Artificial intelligence is defined as having machines do “smart” or “intelligent” things on their own without human guidance. As such, AI security involves leveraging AI to identify and stop cyber threats with less human intervention than is typically expected or needed with traditional security approaches.
SOAR:
Security Orchestration, Automation and Response refers to technologies that enable organizations to collect inputs monitored by the security operations team. For example, alerts from the SIEM system and other security technologies — where incident analysis and triage can be performed by leveraging a combination of human and machine power — help define, prioritize and drive standardized incident response activities. SOAR tools allow an organization to define incident analysis and response procedures in a digital workflow format.
SecOps:
Security Operations is a movement created to facilitate collaboration between IT security and operations teams and integrate the technology and processes they use to keep systems and data secure — all in an effort to reduce risk and improve business agility.
EDR:
Endpoint detection and response, also known as endpoint threat detection and response (ETDR), is an integrated endpoint security solution that combines real-time continuous monitoring and collection of endpoint data with rules-based automated response and analysis capabilities
GCP:
Google Cloud (also known as Google Cloud Platform or GCP) is a provider of computing resources for developing, deploying, and operating applications on the Web.
PII:
Personally Identifiable Information is a legal term pertaining to information security environments. While PII has several formal definitions, generally speaking, it is information that can be used by organizations on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.