Cybersecurity Glossary

To implement effective cybersecurity solutions built for the digital world, it’s important to understand common industry concepts and definitions. This glossary provides you with cybersecurity terms to be aware of as you look to protect your organization against cyber threats.

Account Takeover

Account takeover (ATO) is when a hacker successfully takes ownership of one or multiple online accounts.

Read more ›
Advanced Persistent Threat

An Advanced Persistent Threat, or APT, is a type of cyberattack in which one or multiple threat actors gain unauthorized access to your systems or network for an extended period of time without being detected. Typical targets of APTs are large businesses and government organizations, since the scope of their systems is so large that detecting a seemingly small threat goes under their radar. Once an APT occurs, individuals can deepen their access to your systems and cause serious damage. Consequences of a successful APT include loss of sensitive information, intellectual property theft, malware viruses, and total site takeovers.

Botnet, short for “robot network,” is a compromised network of connected devices. The infected devices are controlled remotely by a threat actor to carry out malicious activities, such as launching distributed denial-of-service (DDoS) attacks, sending spam and phishing campaigns, carrying out brute force attacks, and more. Botnet attacks continue to rise with the growth of unsecured IoT devices, creating vulnerabilities for cybercriminals. Emotet, the infamous malware, is an example of a botnet.
Brute Force

Brute force refers to an attack that aims to gain unauthorized access to an account or encryption key. The attack method uses a trial-and-error approach in which hackers attempt to guess password combinations. Brute force attacks can be used to launch a host of malicious activities, such as harvesting data, spreading malware and ransomware, diverting website traffic, and more. While brute force attacks have existed for many years, they’ve grown more sophisticated with the aid of software that enhances the speed and accuracy of this kind of attack. Common protections against brute force attacks include anti-virus software, anti-phishing solutions, anti-malware and ransomware solutions, good cyber hygiene, and user awareness training.

Business Email Compromise

Business Email Compromise (BEC) is a type of spear phishing attack in which a person impersonates a well-known contact of an employee in an attempt to have them transfer funds, reveal sensitive information, or carry out other harmful actions.

Read more ›
CEO Fraud

CEO fraud is when a hacker impersonates a senior executive within an organization and attempts to dupe employees into providing sensitive company information, sharing account credentials, or transferring funds.

Read more ›
Cloud Security

Cloud security, also referred to as cloud computing security, is the discipline of protecting cloud-based systems from cyberthreats, including their data, infrastructure, and applications. Cloud security encompasses a collection of technology solutions, processes, and controls used by cloud service providers to defend against internal and external threats. With the growing popularity of cloud services and applications, cloud security, particularly for enterprises, has increased in importance.

Read more ›
Cloud Email Security Supplement

Cloud Email Security Supplements, or CESSs, provide additional security measures specific to phishing-related attacks. They are typically utilized in particular use cases where organizations are regularly facing specific yet sophisticated threats that are hard to detect. CESSs are beneficial for organizations that need real-time scanning of inboxes or require enhanced detection and remediation methods for email-related cyberattacks. With the right CESSs in place, organizations can benefit from an additional layer of security that specifically addresses threats that are prevalent to their business.


Cryptojacking is a type of cyberattack in which hackers infiltrate a user’s device and secretly use computing resources to mine cryptocurrencies. Cryptocurrency mining demands significant computing power, but offers hackers the reward of earning cryptocurrency or traditional currency. While cryptojacking occurs without the knowledge of the victim, it often diminishes the performance of the infected device, causing it to run slowly, crash, or heat up. Cryptojacking continues to rise in popularity with the growth of digital currencies. Cryptojacking schemes often begin with a phishing email.


CryptoLocker is a ransomware variant and type of malware that targets Windows computers and encrypts files. As with other forms of ransomware, once an infection takes place, hackers demand a ransom in exchange for a decryption key. CryptoLocker first arrived on the scene in 2013. Delivered via phishing emails, hackers dupe victims into downloading malicious attachments containing Trojans. Defenses against CryptoLocker include firewalls, anti-virus programs, anti-phishing solutions, anti-malware solutions, and user awareness training.

Ready to choose Vade for M365?