CYBER SECURITY PRIMER

mergertreelogoyouritdepartment

Cyber Security Terminology Primer

Access

The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains or to control system components and functions.

Blacklist

A list of entities that are blocked or denied privileges or access

BOT

A computer connected to the Internet that has been surreptitiously/secretly compromised with malicious logic to perform activities under the remote command and control of a remote administrator.

Business Continuity Plan

Business continuity planning is when a business has a back-up plan of how it will operate in the event that something happens that disables the business. Examples of these events include terrorist attacks, natural disasters and internal conflicts with management or employees, cyber-attacks and pandemics.

Cloud Computing

A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Critical Infrastructure

The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment or any combination of these matters.

Cyber Attack

An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources, its data or its operations.

Cryptography

The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication and data origin authentication.

Cyber Criminals

  • Cyber criminals interested in making money through fraud or from the sale of valuable information
  • Industrial competitors and foreign intelligence services, interested in gaining an economic advantage for their own companies or countries
  • Hackers who find       interfering with computer       systems an enjoyable challenge
  • Hacktivists motives; who wish to attack companies for political or ideological
  • Employees, or those who have legitimate access, either by accident or deliberate misuse

Cyber Space

The interdependent network of information technology infrastructures, which includes the Internet, telecommunications networks, computer systems and embedded processors and controllers.

Data Breach

The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.

Digital Forensics

The processes and specialized techniques for gathering, retaining and analyzing system-related data (digital evidence) for investigative purposes.

Disaster Recovery Plan

A plan for business continuity in the event of a disaster that destroys part or all of a business’s resources, including IT equipment, data records and the physical space of an organization. The goal of a Disaster Recovery Plan is to resume normal computing capabilities in as little time as possible.

Enterprise Risk Management

A comprehensive approach to risk management that engages people, processes and systems across an organization to improve the quality of decision making for managing risks that may hinder an organization’s ability to achieve its objectives.

Information Assurance

The measures that protect and defend information and information systems by ensuring their availability, integrity and confidentiality.

Intrusion Detection

The process and methods for analyzing information from networks and information systems to determine if a security breach or security violation has occurred.

Key

The numerical value used to control cryptographic operations, such as decryption, encryption, signature generation or signature verification.

Malware

Software that compromises the operation of a system by performing an unauthorized function or process.

NIST

The NIST 800 Series is a set of documents that describe United States federal government computer security policies, procedures and guidelines. NIST (National Institute of Standards and Technology) is a unit of the Commerce Department.

Passive Attack

An actual assault perpetrated by an intentional threat source that attempts to learn or make use of information from a system but does not attempt to alter the system, its resources, its data or its operations.

Penetration Testing

An evaluation methodology whereby assessors search for vulnerabilities and attempt to circumvent the security features of a network and/or information system.

Phishing

A digital form of social engineering to deceive individuals into providing sensitive information.

Ransomware

A type of malicious software designed to block access to a computer system until a sum of money is paid.

Root

A set of software tools with administrator-level access privileges installed on an information system and designed to hide the presence of the tools, maintain the access privileges and conceal the activities conducted by the tools.

Software Assurance

The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software functions in the intended manner.

Virus

A computer program that can replicate itself, infect a computer without permission or knowledge of the user and then spread or propagate to another computer.

Whitelist

A list of entities that are considered trustworthy and are granted access or privileges.

More on phishing?

Phishing – as in fishing for confidential information – is the name given to the practice of sending emails at random purporting to come from a genuine company operating on the Internet. The emails are an attempt to trick individuals into disclosing personal information at a false websites which may later be used to commit fraud and/or identity theft.

In a typical case, the individual receives an email appearing to originate from a financial institution that requests personal or financial information. The email often indicates that the individual should provide immediate attention to the situation described by clicking on a link. The provided link appears to be the Web site of the financial institution. However, in “phishing” scams, the link is not to an official website, but rather to a phony website.

Once inside that website, the individual may be asked to provide a Social Security number, account numbers, passwords or other information used to identify the individual, such as the maiden name of the individual’s mother or the individual’s place of birth. When the individual provides the information, those perpetrating the fraud can begin to access individual accounts or assume the person’s identity.

How can I prevent becoming a victim of phishing?

The key thing to remember is that you should remain alert and be suspicious of all unsolicited or unexpected emails you receive, even if they appear to originate from a trusted source. Follow the simple rule to never disclose your password or complete confidential personal information to any site which asks you for it by email.