Cybersecurity Glossary
To implement effective cybersecurity solutions built for the digital world, it’s important to understand common industry concepts and definitions. This glossary provides you with cybersecurity terms to be aware of as you look to protect your organization against cyber threats.
CEO fraud is when a hacker impersonates a senior executive within an organization and attempts to dupe employees into providing sensitive company information, sharing account credentials, or transferring funds.
Read more ›Clone phishing uses a duplicate or “clone” copy of an email from a trusted source to deceive the recipient. Instead of creating their own email, the hacker duplicates an existing email from a well-established brand to lure their victims. The email is typically either one the recipient has received in the past or at least isn’t surprised to be receiving. The legitimacy of the cloned email tricks recipients into clicking on malicious links or giving up sensitive information.
Read more ›A cloud access security broker, or CASB, protects companies using cloud-hosted services and applications. CASBs act as a firewall between enterprise users and their cloud applications—managing and protecting the data being accessed and stored there. Cloud access security brokers can either be on-premise or cloud-based and fill any gaps in security to allow a company’s security policy to extend beyond their own infrastructure to cloud-based applications.
Read more ›Cloud email—such as Gmail—is email hosted by a cloud-based email service provider. It’s an alternative solution for organizations that don’t want to host email services on their own infrastructure. Since cloud email is stored and hosted in the cloud, its major benefit is the ability for users to access their email from anywhere—without needing to connect to a server.
Read more ›Cloud email security supplements, or CESSs, provide additional security measures specific to phishing-related attacks. They are typically utilized in particular use cases where organizations are regularly facing specific yet sophisticated threats that are hard to detect. CESSs are beneficial for organizations that need real-time scanning of inboxes or require enhanced detection and remediation methods for email-related cyberattacks. With the right CESSs in place, organizations can benefit from an additional layer of security that specifically addresses threats that are prevalent to their business.
Read more ›Cloud security, also referred to as cloud computing security, is the discipline of protecting cloud-based systems from cyberthreats, including their data, infrastructure, and applications. Cloud security encompasses a collection of technology solutions, processes, and controls used by cloud service providers to defend against internal and external threats. With the growing popularity of cloud services and applications, cloud security, particularly for enterprises, has increased in importance.
Computer Vision is a field of computer science that uses Artificial Intelligence (AI) to understand visual data (imagery). If AI is used to “think” by analyzing and interpreting data inputs, Computer Vision is used to “see” by analyzing and interpreting visual inputs.
Read more ›A cousin domain—also referred to as a lookalike domain—is a domain that deceptively resembles the name of another website. Cousin domains use common typos (www.facabook.com) or numbers (goog1e.com) in an effort to trick fast-moving Internet users into thinking they’re on a legitimate website. Once users land on the cousin domain, the hackers begin carrying out phishing attacks on the user.
Read more ›Credential harvesting is a specific type of cyber attack targeting login credentials such as usernames and passwords. Popular credential harvesting tactics include email phishing, malicious websites, or browser extensions. Once the credentials are obtained, cybercriminals then use them to gain access to sensitive information—leaving organizations susceptible to security threats and fraudulent activity.
Read more ›Credential stuffing is a form of cyberattack that involves using breached login credentials to try to access other unrelated services and applications. For example, if there is a data breach at a major retail chain, hackers may use the credentials obtained in the breach for attempted logins for a financial services application.
Read more ›