Cybersecurity Glossary

To implement effective cybersecurity solutions built for the digital world, it’s important to understand common industry concepts and definitions. This glossary provides you with cybersecurity terms to be aware of as you look to protect your organization against cyber threats.

Email Security

Email security refers to the standards, best practices, and technologies used to protect personal and corporate email accounts and communications.

Read more ›
Email Spoofing

Email spoofing is a technique used in phishing and spear phishing attempts in which a person attempts to pass off a fraudulent email as a legitimate one that closely resembles a message an individual would typically receive.

Read more ›

Emotet, or Emotet malware, is a type of malware that was originally designed to compromise financial data via banking trojans. But today, Emotet has evolved into a major threat that targets all types of organizations. After avoiding anti-virus detection software and infiltrating a user’s device or network, Emotet malware infects the original device, before sending itself via spam emails to a user’s contact list.

Typically, Emotet malware is transferred via email links that appear to be authentic. Once a user clicks the nefarious link, the Emotet malware is automatically downloaded onto the user’s device. Once Emotet has been downloaded, a user can experience data theft, loss of access to sensitive data, and critical damage to their company’s IT infrastructure as a whole.

Designed to evade detection, Emotet malware is difficult to prevent. Only through the right combination of AI-based cybersecurity measures, such as anti-phishing and anti-malware solutions, and user awareness training can your organization avoid a successful Emotet attack.


Encryption is the process of converting data in its original form, also known as plaintext, into an encoded form that makes it harder for unintended users to understand. This alternative form is known as ciphertext. Encryption is a commonly used technique by organizations that wish to scramble their data and protect it so that only authorized individuals are able to convert the ciphertext into plaintext and interpret the sensitive information.

The two main types of encryption are symmetric encryption and asymmetric encryption. While symmetric encryption only utilizes one secret key, asymmetric encryption utilizes two separate keys for encryption and decryption, respectively.

Encryption is a vital component of cybersecurity, as it keeps sensitive information out of the hands of individuals who either don’t need access to it or plan to expose it. Used to both protect a user’s privacy and secure an organization’s sensitive information, encryption is a simple yet effective way of preventing others from obtaining confidential information.


GDPR, short for General Data Protection Regulation, is a collection of data privacy laws that establishes guidelines for the handling of personal information of people who live in the European Union. Approved in 2016, GDPR aims to ensure individuals have control over their personal data, and holds organizations accountable for how they collect and process personal information.

For companies that collect, process, or store personal data, adhering to GDPR standards is vitally important and should be kept top of mind. Penalties for companies that do not adhere to GDPR guidelines include being fined up to €20 million or 4% of worldwide annual revenue for the preceding financial year, whichever is higher.


Graymail refers to email content that an individual opted in to receive at one point, but no longer wants. These emails come from legitimate sources and usually promote newsletter, promotions, or educational content to keep the subscriber up to date on their business. While graymail doesn’t inflict the same harm as a cyberattack, they can begin to clutter your inbox over time and make it more difficult to spot emails that are actually nefarious.


A honeypot is a cybersecurity tool used to trick cybercriminals into believing that they’ve gained access to an organization’s actual IT infrastructure. A honeypot is a recreation of an organization’s actual systems or networks that acts as a decoy for cybercriminals and is used to attract cyberattacks.

Honeypots can be helpful in keeping cybercriminals’ attention away from your actual assets, in addition to providing insightful information into the effectiveness and security of your legitimate IT infrastructure. Setting up a honeypot can help you glean information on the way cybercriminals operate, as well as provide you with details on where there might be gaps in your current cybersecurity measures.

Incident Response

Incident response is how an organization responds to a successful cyberattack or breach. This includes minimizing the negative impact, addressing the root causes, and preventing further damage and cyberattacks in the future. Incident response works to limit both the tangible repercussions of a cyberattack, such as costs and time, as well as minimize damage to elements like brand reputation and consumer trust.

Insider Threat

An insider threat is typically a current or former employee of an organization that has the means to cause damage to the organization’s internal systems or leak sensitive information. Insider threats can also be former contractors, vendors, or partners who are able to access the organization’s sensitive data. An effective way to avoid insider threats is to ensure people who no longer require login credentials have their access to internal systems and data platforms revoked.


Keylogger, also referred to as keystroke logging, is a tool used by cybercriminals to track and record a user’s computer activity in order to gain access to sensitive information. A form of spyware, keyloggers record every keystroke made by a user. Cybercriminals use keyloggers to steal user credentials, record sensitive information such as credit card numbers, track online browsing activity, and more. Keyloggers are often used to carry out malicious activities and can be difficult to detect, but with effective user awareness training and sophisticated cybersecurity solutions in place, your organization can minimize the likelihood of keyloggers exploiting your users.

Ready to choose Vade for M365?