Know the terms

Cybersecurity terms evolve. This glossary details the terms and their definitions as used in this report and other commonly referenced materials.

APT (Advanced Persistent Threat)

A targeted attack by adversaries that penetrate a network without detection, maintains access for a period of time, all while monitoring information or stealing resources. APTs require considerable resources and may continue for years.


The process of confirming the identity of a user, most often with a username and password.

Black Hat Hackers

An individual with extensive computer skills used to breach security of companies for malicious purposes.


A large number of compromised computers used to create and send spam or viruses, or flood a network with messages such as in a distributed denial of service attack.

Botnet Management

Command and control tools that allow hacker groups to manage huge numbers of compromised systems.


A liability policy that insures against damage from cybercrime.

Data Mining

A technique used to analyze existing data for enhanced value.

DDoS (Distributed Denial of Service)

An attack to make an online service unavailable by overwhelming it with traffic from multiple compromised systems.

Defense In-Depth

The approach of using multiple layers of security to maintain protection after failure of a single security component.

Doxing, Doxxing

Broadcasting personal information about a person or group, usually done by Internet vigilantes or hacktivists. The term comes from "dropping dox" using the slang term for .DOCX, the file extension used by Microsoft Word.


Translating data into unreadable code to keep that data private. See Public Key Encryption for more.


A hardware or software system that blocks unauthorized traffic from entering (or leaving) a network.


Collects, analyzes, and reports on data to use in the detection and prevention of a breach.

Gamers, Kids, and Amateurs

In the mid-1990s, cybervandals defaced Web pages operated by the early generation of online businesses. These so-called script kiddies were an annoyance but did little damage. They've since given way to a new class of attacker with more sophisticated software tools and ambitions.

Grey Hat Hackers

Ethically between black hat and white hat hackers, grey hats exploit system vulnerabilities, which is technically illegal. They tend not to leverage these hacks as a criminal, but sometimes offer to close the security gap for a fee.


Hacker or group that breaches systems for political, rather than monetary, gain.

IoT (Internet of Things)

Connection of everyday objects with embedded electronics, from smartwatches to pet collars to cars, with each other across modern networks.

Keystroke Logger, Keylogger

Surveillance software that records every keystroke, including usernames and passwords.

Machine-to-machine (M2M)

Any direct interaction over any network of electronically enabled devices, with no human involvement in the communications loop.


A generic term for a number of different types of malicious software. A malware payload may be delivered by a virus, via email, or compromised website page.


A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data.


Social engineering through emails using known information about the target to acquire other data such as user names, passwords, or financial information.

Public Key

The publicly-disclosed component of a pair of cryptographic keys used for asymmetric cryptography.

Public Key Encryption

Encryption system that uses two mathematical "keys." One, the public key, is known to everyone and used to encrypt a message. The second, the private key, is known only to the recipient and used to decrypt a message.


A type of malware that restricts access to data and demands that a payment be made to the attacker to restore access.

Security Incident

Unauthorized access to assets, such as data, networks, and devices.

Shadow IT

Third-party applications and other resources used by employees for business without IT department approval.

Spear Phishing

A targeted digital attack filled with personal information directed at a specific executive or company.


Software-over-the-air/firmware-over-the-air, in which updates, settings, and other digital programming are transmitted wirelessly to networked devices.

Tabletop Exercise

A meeting to discuss a simulated emergency situation.

Two-Factor Authentication

A method used to improve security by requiring two separate items for access to a resource. These usually include something the user knows (password or PIN), something a user has (access card), or something attached to the user (fingerprint or retina to scan).

Trojan, Trojan Horse

Malware that appears to be a benign and useful application to encourage users to run the program, which installs the destructive payload.

White Hat Hackers

Computer security experts who penetrate networks to warn companies of gaps that a malicious attacker could exploit. They are often employed by the companies themselves to test the durability of their systems.

Zero-day Attack, Zero-day Exploit

A computer threat that tries to exploit computer application vulnerabilities that is unknown to others or undisclosed to the software developer. Zero-day exploits (actual code that can use a security hole to carry out an attack) are used or shared by attackers before the software developer knows about the vulnerability. A cyberattack that exploits a vulnerability the day it becomes known, or even before vendors are aware they have an issue. Hackers then take advantage until users apply a patch to close the security hole.