Cybersecurity Glossary

To implement effective cybersecurity solutions built for the digital world, it’s important to understand common industry concepts and definitions. This glossary provides you with cybersecurity terms to be aware of as you look to protect your organization against cyber threats.

Cloud Email Security Supplement

Cloud Email Security Supplements, or CESSs, provide additional security measures specific to phishing-related attacks. They are typically utilized in particular use cases where organizations are regularly facing specific yet sophisticated threats that are hard to detect. CESSs are beneficial for organizations that need real-time scanning of inboxes or require enhanced detection and remediation methods for email-related cyberattacks. With the right CESSs in place, organizations can benefit from an additional layer of security that specifically addresses threats that are prevalent to their business.

Cloud Security

Cloud security, also referred to as cloud computing security, is the discipline of protecting cloud-based systems from cyberthreats, including their data, infrastructure, and applications. Cloud security encompasses a collection of technology solutions, processes, and controls used by cloud service providers to defend against internal and external threats. With the growing popularity of cloud services and applications, cloud security, particularly for enterprises, has increased in importance.

Read more ›
Cousin domain

A cousin domain—also referred to as a lookalike domain—is a domain that deceptively resembles the name of another website. Cousin domains use common typos ( or numbers ( in an effort to trick fast-moving Internet users into thinking they’re on a legitimate website. Once users land on the cousin domain, the hackers begin carrying out phishing attacks on the user.

Credential harvesting

Credential harvesting is a specific type of cyber attack targeting login credentials such as usernames and passwords. Popular credential harvesting tactics include email phishing, malicious websites, or browser extensions. Once the credentials are obtained, cybercriminals then use them to gain access to sensitive information—leaving organizations susceptible to security threats and fraudulent activity.  

Credential stuffing

Credential stuffing is a form of cyberattack that involves using breached login credentials to try to access other unrelated services and applications. For example, if there is a data breach at a major retail chain, hackers may use the credentials obtained in the breach for attempted logins for a financial services application.


Cryptojacking is a type of cyberattack in which hackers infiltrate a user’s device and secretly use computing resources to mine cryptocurrencies. Cryptocurrency mining demands significant computing power, but offers hackers the reward of earning cryptocurrency or traditional currency. While cryptojacking occurs without the knowledge of the victim, it often diminishes the performance of the infected device, causing it to run slowly, crash, or heat up. Cryptojacking continues to rise in popularity with the growth of digital currencies. Cryptojacking schemes often begin with a phishing email.


CryptoLocker is a ransomware variant and type of malware that targets Windows computers and encrypts files. As with other forms of ransomware, once an infection takes place, hackers demand a ransom in exchange for a decryption key. CryptoLocker first arrived on the scene in 2013. Delivered via phishing emails, hackers dupe victims into downloading malicious attachments containing Trojans. Defenses against CryptoLocker include firewalls, anti-virus programs, anti-phishing solutions, anti-malware solutions, and user awareness training.


A cyberattack is any attempt by nefarious individuals to target an organization’s IT infrastructure, networks, systems, or devices to either steal, expose, or destroy information or assets. When carried out successfully, cyberattacks impact your business in more ways than one. From increasing the likelihood of a future cyberattack to putting your organization in legal jeopardy, cyberattacks have the ability to inflict serious harm across your organization if left unchecked.

Some of the more common types of cyberattacks include denial-of-service (DoS), man-in-the-middle (MITM), business email compromise (BEC), phishing, spear phishing, ransomware, and DNS spoofing. In order to prevent cyberattacks, it’s important to educate your staff on cybersecurity best practices. Utilizing AI-based cybersecurity solutions can also enhance your security posture and make it easier to detect and neutralize threats before they cause damage.


Cybersecurity is the collection of technologies, best practices, and processes used to protect your IT infrastructure, systems, networks, and devices from harmful threats. It relies on employees to know how to detect and address cyberattacks, as well as sophisticated technologies that make it more difficult for individuals to infiltrate your IT infrastructure.

With a global workforce that has become increasingly remote, cybersecurity has been a pressing concern for many organizations. Effectively securing devices and networks that are outside an organization’s IT infrastructure is crucial in order to fortify your cybersecurity measures and keep your organization out of harm’s way.

Considering the average data breach costs organizations $3.8 million (USD) globally, the need for effective cybersecurity solutions has never been more important. As cyberattacks become increasingly sophisticated and harder to detect, organizations must lean on AI-based cybersecurity solutions to automate the prevention, detection, and remediation of cyberattacks in order to effectively curb threats before it’s too late.

Data Loss Prevention

Data Loss Prevention (DLP) is the process of protecting sensitive data from getting lost, destroyed, or exfiltrated through unwanted and unauthorized means. DLP refers to a set of tools and processes used to protect confidential and critical data through protective measures such as alerts, encryption, and continuous monitoring. DLP solutions oversee activity on networks, endpoints, and cloud applications. They’re also used for reporting and compliance, as well as incident response.  

Ready to choose Vade for M365?