To implement effective cybersecurity solutions built for the digital world, it’s important to understand common industry concepts and definitions. This glossary provides you with cybersecurity terms to be aware of as you look to protect your organization against cyber threats.
Data privacy refers to the ability for online users to control their personal information, including to what extent it gets shared with third parties. This personal information is tracked and stored by websites and online applications to carry out services, such as personalizing user experiences. Because this information could be exploited by cybercriminals and other third parties, laws such as General Data Protection Regulation (GDPR) and Health Insurance Portability and Accountability Act (HIPAA) govern data privacy. They regulate the kinds of personal information third parties can collect, ensure proper safeguards are implemented to protect personal information, and hold third parties accountable to rules and standards.
Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email authentication protocol that prevents unwanted parties from sending spam or phishing emails to an organization.
Working in tandem with DKIM and SPF, DMARC enables companies to publish a DMARC policy into a DNS record, thus establishing a policy for how to handle emails that fail both SPF and DKIM.
DNS spoofing, short for Domain Name System spoofing and also referred to as DNS cache poisoning, is a type of cyberattack in which domain name servers are compromised via fake data to redirect users to harmful websites. Common targets for DNS spoofing attacks are places with unprotected public Wi-Fi, as hackers have an easy time abusing these DNS servers’ weak security posture and introducing fake data. DNS spoofing attacks come in a variety of shapes and sizes—including man-in-the-middle attacks and DNS server compromise—making it increasingly difficult for organizations to effectively detect and prevent them.
EDR, or endpoint detection and response, is technology used for endpoint protection. EDR systems detect security threats by monitoring endpoint activity for suspicious behaviors, block and contain malicious threats, and facilitate incident response and investigation activities. Organizations often use EDR systems as part of a multi-faceted approach to cybersecurity, pairing the technology with other systems such as XDR (Extended Detection and Response), SIEM (Security Information and Event Management), and AI threat detection and response solutions.
Email archiving is the process of preserving and storing email communications in a manner that is safe, organized, and accessible for future use. Organizations depend on email archiving for a variety of reasons, including compliance with laws, internal audits, potential litigation, and more. Safe and effective email archiving requires email security to protect sensitive email communications against cyberthreats and bad actors.
Email filtering refers to the classification of both inbound and outbound email traffic based on certain criteria. Email filtering analyzes email content for potential spam or phishing risks, and ensures those emails are properly classified and placed in the appropriate folders, such as spam or junk. Email filtering ensures malicious emails don’t end up in an individual’s main inbox, which in turn lowers the likelihood of a successful cyberattack.
Email Gateways, or Secure Email Gateways (SEGs), are used to detect and block malicious email content before it reaches a corporate email server. While email filtering sorts through nefarious content once it reaches an individual’s inbox, email gateways prevent possible phishing attacks from reaching a mail server in the first place.
Secure email gateways rely on signature and reputation-based detection to protect against known email threats. While once regarded as a safe defense against cybercriminals, secure email gateways are vulnerable to many modern threats, including those that remain unknown. They also require MX record changes that hackers can see via an MX record query. In the event a malicious email bypasses the gateway, SEGs also can’t remediate or remove the threat post-delivery.
A superior alternative to email gateways are cybersecurity solutions that offer predictive defense against known and unknown threats. These solutions rely on artificial intelligence (AI) to conduct behavioral and heuristic analyses of malicious emails, detect anomalies and abusive patterns, and remediate email threats post-delivery.
Email security refers to the standards, best practices, and technologies used to protect personal and corporate email accounts and communications.Read more ›
Email spoofing is a technique used in phishing and spear phishing attempts in which a person attempts to pass off a fraudulent email as a legitimate one that closely resembles a message an individual would typically receive.Read more ›
Emotet, or Emotet malware, is a type of malware that was originally designed to compromise financial data via banking trojans. But today, Emotet has evolved into a major threat that targets all types of organizations. After avoiding anti-virus detection software and infiltrating a user’s device or network, Emotet malware infects the original device, before sending itself via spam emails to a user’s contact list.
Typically, Emotet malware is transferred via email links that appear to be authentic. Once a user clicks the nefarious link, the Emotet malware is automatically downloaded onto the user’s device. Once Emotet has been downloaded, a user can experience data theft, loss of access to sensitive data, and critical damage to their company’s IT infrastructure as a whole.
Designed to evade detection, Emotet malware is difficult to prevent. Only through the right combination of AI-based cybersecurity measures, such as anti-phishing and anti-malware solutions, and user awareness training can your organization avoid a successful Emotet attack.