Cybersecurity Glossary

Patch management is an essential part of any cybersecurity strategy and involves running regularly scheduled system updates—or patches—to address vulnerabilities or new cybersecurity threats. Automated patch management software streamlines this process by automatically updating the software on a regular cadence to reduce down time and ensure organizations have the most updated cybersecurity protection available.

Personally identifiable information, or PII, is information that can be used to identify an individual. PII can include direct identifiers, such as passport information, driver’s license information, or birth certificates, or it can be made up of a variety of indirect identifiers, such as race, occupation, and location. In the wake of increasing cyberattacks that have jeopardized countless individuals’ sensitive information, measures have been put in place to ensure PII is being safely protected and secured in order to keep identities confidential and secure.

Petya is a type of ransomware that spreads through phishing emails and infects the master boot record of Microsoft Windows-based devices. A user that clicks a malicious link containing Petya ransomware enables the virus to overwrite the master boot record in order to encrypt the user’s hard drive. Once encrypted, users are required to enter an encryption key, typically obtained for a ransom, in order to retrieve their data. After Petya first emerged in 2016, a new variant surfaced called NotPetya, which made headlines for crippling business operations worldwide. Unlike the original form of the virus, NotPetya uses several propagation techniques to quickly spread within and across networks. In order to protect your organization against Petya and its variants, it’s important to educate your employees on phishing email detection to avoid potential compromise.

Pharming is a type of cyberattack that redirects users away from a trusted website to a fraudulent one. Through malicious code already embedded on a user’s device, pharming pushes website traffic towards fake sites, where users provide sensitive information for cybercriminals to harvest.

Similar to phishing attacks, a pharming cyberattack relies on a user not knowing that they’ve been redirected to an illegitimate site so that they freely provide personally identifiable information (PII) or login credentials without realizing foul play. As is the case with many cyberattacks, pharming prevention starts with familiarizing your employees with suspicious-looking emails and websites so that they can detect pharming attempts before handing over sensitive information.

Phishing is the most common form of social engineering carried out by email. Unlike cyberattacks on systems and software, it requires little to no hacking expertise, making it a quick and easy way for cybercriminals to get access to a business’s most sensitive data.

Phishing awareness training works to educate employees on how to detect, prevent, and report phishing attempts in order to protect themselves and their organization. Through computer-based training, simulated phishing exercises, and classroom-style training, phishing awareness training sheds light on how cybercriminals operate, and ensures that when employees are faced with a real phishing attempt, they’re able to detect it before any harm is done. Phishing awareness training is crucial for organizations that need their employees to know the telltale signs of a phishing attempt, and should be carried out on a regular basis to ensure individuals know how to prevent phishing attacks.