Cybersecurity Glossary

To implement effective cybersecurity solutions built for the digital world, it’s important to understand common industry concepts and definitions. This glossary provides you with cybersecurity terms to be aware of as you look to protect your organization against cyber threats.

Malware

Malware, short for malicious software, is any firmware or software that’s designed to infect or steal information from one or multiple computer systems.

Read more ›
Man in the Middle Attack

A man in the middle attack (MitM) is when someone intercepts sensitive information or data by either eavesdropping on a conversation or data transfer between two parties or impersonating one of the parties. A person carrying out a MitM attack may be undetectable to the legitimate participants, which enables them to obtain sensitive information or pass on malicious links without triggering any red flags.

Managed Service Provider (MSP)

Managed service providers (MSPs) are third-party organizations hired by companies to manage one or more of their IT functions. MSPs offer a range of services, including IT consulting, cloud services, remote monitoring and management of information systems, and security services. Managed security is one of the fastest growing service areas for MSPs, as cyberattacks on businesses continue to sharply rise.

Multi-Factor Authentication

Multi-factor Authentication (MFA) is a security measure that uses at least two different login methods to verify a person’s identity. As opposed to logging in via username and password, MFA uses tools such as security questions, unique codes sent to phones or email addresses, or fingerprint technology to further secure an individual’s account. MFA helps organizations protect individual corporate accounts and defend against unauthorized access, data breaches, and more.

Personally Identifiable Information

Personally Identifiable Information, or PII, is information that can be used to identify an individual. PII can include direct identifiers, such as passport information, driver’s license information, or birth certificates, or it can be made up of a variety of indirect identifiers, such as race, occupation, and location. In the wake of increasing cyberattacks that have jeopardized countless individuals’ sensitive information, measures have been put in place to ensure PII is being safely protected and secured in order to keep identities confidential and secure.

Petya

Petya is a type of ransomware that spreads through phishing emails and infects the master boot record of Microsoft Windows-based devices. A user that clicks a malicious link containing Petya ransomware enables the virus to overwrite the master boot record in order to encrypt the user’s hard drive. Once encrypted, users are required to enter an encryption key, typically obtained for a ransom, in order to retrieve their data. After Petya first emerged in 2016, a new variant surfaced called NotPetya, which made headlines for crippling business operations worldwide. Unlike the original form of the virus, NotPetya uses several propagation techniques to quickly spread within and across networks. In order to protect your organization against Petya and its variants, it’s important to educate your employees on phishing email detection to avoid potential compromise.

Pharming

Pharming is a type of cyberattack that redirects users away from a trusted website to a fraudulent one. Through malicious code already embedded on a user’s device, pharming pushes website traffic towards fake sites, where users provide sensitive information for cybercriminals to harvest.

Similar to phishing attacks, a pharming cyberattack relies on a user not knowing that they’ve been redirected to an illegitimate site so that they freely provide personally identifiable information (PII) or login credentials without realizing foul play. As is the case with many cyberattacks, pharming prevention starts with familiarizing your employees with suspicious-looking emails and websites so that they can detect pharming attempts before handing over sensitive information.

Phishing

Phishing is the most common form of social engineering carried out by email. Unlike cyberattacks on systems and software, it requires little to no hacking expertise, making it a quick and easy way for cybercriminals to get access to a business’s most sensitive data.

Read more ›
Phishing Awareness Training

Phishing awareness training works to educate employees on how to detect, prevent, and report phishing attempts in order to protect themselves and their organization. Through computer-based training, simulated phishing exercises, and classroom-style training, phishing awareness training sheds light on how cybercriminals operate, and ensures that when employees are faced with a real phishing attempt, they’re able to detect it before any harm is done. Phishing awareness training is crucial for organizations that need their employees to know the telltale signs of a phishing attempt, and should be carried out on a regular basis to ensure individuals know how to prevent phishing attacks.

Ransomware

As its name suggests, ransomware is a type of malware that blocks a user’s access to company files until a ransom is paid.

Read more ›

Ready to choose Vade for M365?