Cybersecurity Glossary

To implement effective cybersecurity solutions built for the digital world, it’s important to understand common industry concepts and definitions. This glossary provides you with cybersecurity terms to be aware of as you look to protect your organization against cyber threats.

Cybersecurity Remediation

Cybersecurity remediation refers to your organization’s ability to quickly and effectively address cyberattacks after they’ve occurred. Whether it’s remedying a data breach, malware attack, or security lapse, cybersecurity remediation seeks to detect and neutralize attacks before they inflict more harm. This is important to ensure that cyberattacks don’t cause further damage to your IT infrastructure after they occur. Successful cybersecurity remediation relies on continuous visibility of your systems, networks, and devices, as well as the proper upkeep of software and hardware to ensure they’re equipped with the latest security patches.

Remote Access Trojan

A Remote Access Trojan, or RAT, is a type of malware that enables a cybercriminal to fully take control of a user’s device remotely in order to carry out a variety of malicious actions. Typically downloaded as seemingly innocuous files or programs, RATs have become increasingly difficult to detect and remove from a user’s device. Once an RAT attack has been carried out, the cybercriminal can access sensitive data, make payments, delete files, and more.

Sandbox Security

Sandbox security is a form of cybersecurity that uses an isolated environment (sandbox) to analyze a potential threat for malicious behavior. The sandbox, which mimics an actual operating environment, safely executes the suspicious code without risk to the true network. Unlike signature- or reputation-based solutions, sandbox security protects against unknown threats, not only those with a recognized fingerprint or blacklisted IP address. Despite this additional layer of protection, sandbox security presents limitations. For instance, phishing emails may deliver sophisticated, environmentally aware malware, which can detect sandboxes, go dormant when analyzed, and execute malicious code upon reaching the target environment.

Security Awareness Training

Security awareness training educates employees on how to prevent and mitigate cyberattacks.

Read more ›
Security Information and Event Management

Security Information and Event Management, also known as SIEM, is a collection of technologies and services designed to improve the security of an organization’s IT infrastructure. Using SIEM tools, organizations can better track, manage, and analyze security threats while ensuring compliance across their systems and networks. Common functionalities of SIEM tools include:

  • Log collection of all activities within an infrastructure
  • Real-time analysis of security events
  • Incident management
  • Centralized dashboard for security monitoring

With the right combination of SIEM tools, organizations can consolidate large amounts of security-related information and analyze it quickly and efficiently. This in turn enables them to proactively monitor security threats and neutralize them before any harm is done.

Sender Policy Framework

A Sender Policy Framework (SPF) is used to authenticate email senders and weed out individuals attempting to send emails on behalf of your domain. SPF is an effective email-authentication method that enables an organization to only permit authorized mail servers to send emails. This ensures individuals receiving emails can be confident that the content is from a trustworthy source.

Sendmail

Sendmail is a server application that enables organizations to send email using the simple mail transfer protocol (SMTP). Sendmail facilitates the transfer of outgoing email messages from the sender to the recipient, including authenticating messages and also queuing them in the event the recipient is not available immediately. Sendmail is often combined with other email applications that enable email users to receive messages, since sendmail can’t perform this function.

Shadow IT

Shadow IT is the use of information technology systems, devices, software, applications, and services without approval of the IT department. Shadow IT has become increasingly common and problematic for organizations in recent years, with cloud computing making it easier for users to engage in this practice. Shadow IT presents significant cybersecurity risks, including compromised devices, data breaches, regulatory violations, and more.

Smishing

Smishing is a form of phishing that uses text messaging to launch a malicious attack. Hackers impersonate a brand and send victims a text message to induce them to tap a malicious link or divulge personal information such as social security numbers or credit card information. The rise of smishing follows the growth of smartphones and popularity of texting as a form of communication. Defense against smishing attacks starts with user awareness training.

Social Media Threats

Social media threats are attacks carried out by cybercriminals in order to compromise an individual’s personal information. Given the widespread use and popularity of social media in today’s world, these platforms are effective vehicles for social engineering attacks. Cybercriminals will often impersonate a well-established brand or person to trick individuals into handing over sensitive data. This can lay the foundation for a larger phishing, social engineering, or malicious attack. For organizations, it’s important to educate employees on the prevalence of social media threats to ensure their online activities don’t pose a cybersecurity risk to themselves or the company.

Ready to choose Vade for M365?