Cybersecurity Glossary

To implement effective cybersecurity solutions built for the digital world, it’s important to understand common industry concepts and definitions. This glossary provides you with cybersecurity terms to be aware of as you look to protect your organization against cyber threats.

Cyberattack

A cyberattack is any attempt by nefarious individuals to target an organization’s IT infrastructure, networks, systems, or devices to either steal, expose, or destroy information or assets. When carried out successfully, cyberattacks impact your business in more ways than one. From increasing the likelihood of a future cyberattack to putting your organization in legal jeopardy, cyberattacks have the ability to inflict serious harm across your organization if left unchecked.

Some of the more common types of cyberattacks include denial-of-service (DoS), man-in-the-middle (MITM), business email compromise (BEC), phishing, spear phishing, ransomware, and DNS spoofing. In order to prevent cyberattacks, it’s important to educate your staff on cybersecurity best practices. Utilizing AI-based cybersecurity solutions can also enhance your security posture and make it easier to detect and neutralize threats before they cause damage.

Cybersecurity

Cybersecurity is the collection of technologies, best practices, and processes used to protect your IT infrastructure, systems, networks, and devices from harmful threats. It relies on employees to know how to detect and address cyberattacks, as well as sophisticated technologies that make it more difficult for individuals to infiltrate your IT infrastructure.

With a global workforce that has become increasingly remote, cybersecurity has been a pressing concern for many organizations. Effectively securing devices and networks that are outside an organization’s IT infrastructure is crucial in order to fortify your cybersecurity measures and keep your organization out of harm’s way.

Considering the average data breach costs organizations $3.8 million (USD) globally, the need for effective cybersecurity solutions has never been more important. As cyberattacks become increasingly sophisticated and harder to detect, organizations must lean on AI-based cybersecurity solutions to automate the prevention, detection, and remediation of cyberattacks in order to effectively curb threats before it’s too late.

Data Loss Prevention

Data Loss Prevention (DLP) is the process of protecting sensitive data from getting lost, destroyed, or exfiltrated through unwanted and unauthorized means. DLP refers to a set of tools and processes used to protect confidential and critical data through protective measures such as alerts, encryption, and continuous monitoring. DLP solutions oversee activity on networks, endpoints, and cloud applications. They’re also used for reporting and compliance, as well as incident response.  

Data Privacy

Data privacy refers to the ability for online users to control their personal information, including to what extent it gets shared with third parties. This personal information is tracked and stored by websites and online applications to carry out services, such as personalizing user experiences. Because this information could be exploited by cybercriminals and other third parties, laws such as General Data Protection Regulation (GDPR) and Health Insurance Portability and Accountability Act (HIPAA) govern data privacy. They regulate the kinds of personal information third parties can collect, ensure proper safeguards are implemented to protect personal information, and hold third parties accountable to rules and standards.

DMARC

Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email authentication protocol that prevents unwanted parties from sending spam or phishing emails to an organization.

Working in tandem with DKIM and SPF, DMARC enables companies to publish a DMARC policy into a DNS record, thus establishing a policy for how to handle emails that fail both SPF and DKIM.

DNS Spoofing

DNS spoofing, short for Domain Name System spoofing and also referred to as DNS cache poisoning, is a type of cyberattack in which domain name servers are compromised via fake data to redirect users to harmful websites. Common targets for DNS spoofing attacks are places with unprotected public Wi-Fi, as hackers have an easy time abusing these DNS servers’ weak security posture and introducing fake data. DNS spoofing attacks come in a variety of shapes and sizes—including man-in-the-middle attacks and DNS server compromise—making it increasingly difficult for organizations to effectively detect and prevent them.

EDR

EDR, or endpoint detection and response, is technology used for endpoint protection. EDR systems detect security threats by monitoring endpoint activity for suspicious behaviors, block and contain malicious threats, and facilitate incident response and investigation activities. Organizations often use EDR systems as part of a multi-faceted approach to cybersecurity, pairing the technology with other systems such as XDR (Extended Detection and Response), SIEM (Security Information and Event Management), and AI threat detection and response solutions.

Email Archiving

Email archiving is the process of preserving and storing email communications in a manner that is safe, organized, and accessible for future use. Organizations depend on email archiving for a variety of reasons, including compliance with laws, internal audits, potential litigation, and more. Safe and effective email archiving requires email security to protect sensitive email communications against cyberthreats and bad actors.

Email Filtering

Email filtering refers to the classification of both inbound and outbound email traffic based on certain criteria. Email filtering analyzes email content for potential spam or phishing risks, and ensures those emails are properly classified and placed in the appropriate folders, such as spam or junk. Email filtering ensures malicious emails don’t end up in an individual’s main inbox, which in turn lowers the likelihood of a successful cyberattack.

Email Gateway

Email Gateways, or Secure Email Gateways (SEGs), are used to detect and block malicious email content before it reaches a corporate email server. While email filtering sorts through nefarious content once it reaches an individual’s inbox, email gateways prevent possible phishing attacks from reaching a mail server in the first place.

Secure email gateways rely on signature and reputation-based detection to protect against known email threats. While once regarded as a safe defense against cybercriminals, secure email gateways are vulnerable to many modern threats, including those that remain unknown. They also require MX record changes that hackers can see via an MX record query. In the event a malicious email bypasses the gateway, SEGs also can’t remediate or remove the threat post-delivery.

A superior alternative to email gateways are cybersecurity solutions that offer predictive defense against known and unknown threats. These solutions rely on artificial intelligence (AI) to conduct behavioral and heuristic analyses of malicious emails, detect anomalies and abusive patterns, and remediate email threats post-delivery.

Ready to choose Vade for M365?