Cybersecurity terms evolve. This glossary details the terms and their definitions as used in this report and other commonly referenced materials.
A targeted attack that penetrates a network without detection and maintains access for a period of time, all while monitoring information or stealing resources. APTs may continue for years.
The path — system or human — used by a hacker to access a network and attack the organization.
The process of confirming the identity of a user, most often with a username and password.
An individual with extensive computer skills used to breach security of companies for malicious purposes.
A large number of compromised computers unknowingly used to create and send spam or viruses, or flood a network with messages such as in a distributed denial of service (DDoS) attack.
Command and control tools that allow hacker groups to manage huge numbers of compromised systems.
Bring-your-own-device is a business practice of permitting employees to use their own devices — computers, smartphones, tablets, or other devices — for work.
Cloud Access Security Brokers (CASBs) monitor apps and cloud services used by employees for enhanced security.
A type of liability policy created to specially insure against damage from cybercrime.
The area of the Internet that is hidden from search engines, is accessed only via special web browser, and is the marketplace for illicit items or services.
A technique used to analyze existing data for enhanced value.
A type of attack that makes an online service unavailable by overwhelming it with traffic from multiple compromised systems.
The approach of using multiple layers of security to maintain protection after failure of a single security component.
Broadcasting personal information about a person or group, usually done by internet vigilantes or hacktivists. The term comes from "dropping dox" using the slang term for .DOCX, the file extension used by Microsoft Word.
Translating data into unreadable code to keep that data private. See Public Key Encryption for more information.
Illegal transfer of an organization’s data as the result of a cyberbreach.
A hardware or software system that blocks unauthorized traffic from entering (or leaving) a network.
Collects, analyzes, and reports on data to use in the detection and prevention of a breach.
In the mid-1990s, cybervandals defaced Web pages operated by the early generation of online businesses. These so-called script kiddies were an annoyance but did little damage. They've since given way to a new class of attacker with more sophisticated software tools and ambitions.
Ethically between black hat and white hat hackers, grey hats exploit system vulnerabilities, which is technically illegal. They tend not to leverage these hacks as a criminal, but sometimes offer to close the security gap for a fee.
Hacker or group that breaches systems for political, rather than monetary, gain.
Connection of everyday objects with embedded electronics, from smartwatches to pet collars to cars, with each other across modern networks.
Surveillance software that records every keystroke, including usernames and passwords.
An area of artificial intelligence that focuses on computer programs teaching themselves to uncover ever-more complex cyberthreats.
Any direct interaction over any network of electronically enabled devices, with no human involvement in the communications loop.
A generic term for a number of different types of malicious software. A malware payload may be delivered by a virus, via email, or compromised website page.
An attacker who secretly intercepts and possibly modifies messages between two parties.
Documentation of the cybersecurity risks in an organization.
A method of verifying a user’s identify that relies on more than one set of security credentials.
A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data.
Social engineering through emails using known information about the target to acquire other data such as user names, passwords, or financial information.
An in-depth test to identify and patch vulnerabilities in an organization’s networks and IT.
The publicly-disclosed component of a pair of cryptographic keys used for asymmetric cryptography.
Encryption system that uses two mathematical "keys." One, the public key, is known to everyone and used to encrypt a message. The second, the private key, is known only to the recipient and used to decrypt a message.
A type of malware that restricts access to data and demands that a payment be made to the attacker to restore access.
An unsecure Wi-Fi network that is often created by bad actors to steal or compromise sensitive data. These networks are easily avoided by using VPNs and end-to-end security.
Unauthorized access to assets, such as data, networks, and devices.
IT solutions used in an organization that haven’t been approved and secured by the IT department.
An umbrella term encompassing several kinds of network technology aimed at making the network as agile and flexible as the virtualized server and storage infrastructure of the modern data center.
Software-over-the-air/firmware-over-the-air, in which updates, settings, and other digital programming are transmitted wirelessly to networked devices.
An email scam that uses social engineering to steal information or install malicious software on a system.
A meeting to discuss a simulated emergency situation.
A method used to improve security by requiring two separate items for access to a resource. These usually include something the user knows (password or PIN), something a user has (access card), or something attached to the user (fingerprint or retina to scan).
Malware that appears to be a benign and useful application to encourage users to run the program, which installs the destructive payload.
Computer security experts who penetrate networks to warn companies of gaps that a malicious attacker could exploit. They are often employed by the companies themselves to test the durability of their systems.
A new type of cyberattack that hasn’t been seen before.