Cybersecurity Glossary

Endpoint security protects networks from cyberattacks by securing all network entry-points (e.g. laptops, cellphones, etc.). Endpoint security has become increasingly important with the adoption of remote and hybrid work, since there are no longer traditional security perimeters in place. Endpoint security also protects against email-borne threats through incident response and scanning.

GDPR, short for General Data Protection Regulation, is a collection of data privacy laws that establishes guidelines for the handling of personal information of people who live in the European Union. Approved in 2016, GDPR aims to ensure individuals have control over their personal data, and holds organizations accountable for how they collect and process personal information.

For companies that collect, process, or store personal data, adhering to GDPR standards is vitally important and should be kept top of mind. Penalties for companies that do not adhere to GDPR guidelines include being fined up to €20 million or 4% of worldwide annual revenue for the preceding financial year, whichever is higher.

Graymail refers to email content that an individual opted in to receive at one point, but no longer wants. These emails come from legitimate sources and usually promote newsletter, promotions, or educational content to keep the subscriber up to date on their business. While graymail doesn’t inflict the same harm as a cyberattack, they can begin to clutter your inbox over time and make it more difficult to spot emails that are actually nefarious.

A heuristic analysis of email uses algorithms to recognize malicious patterns in emails, email attachments, or webpages. Heuristic analysis applies both practical and problem-solving methods to cybersecurity, using a set of guidelines that’s continually optimized. While signature-based protection relies on the characteristics of known threats, heuristic analysis can detect threats based on behavior. In order to be most effective, new heuristic rules need to be created regularly in an effort to thwart the latest threats. 

A honeypot is a cybersecurity tool used to trick cybercriminals into believing that they’ve gained access to an organization’s actual IT infrastructure. A honeypot is a recreation of an organization’s actual systems or networks that acts as a decoy for cybercriminals and is used to attract cyberattacks.

Honeypots can be helpful in keeping cybercriminals’ attention away from your actual assets, in addition to providing insightful information into the effectiveness and security of your legitimate IT infrastructure. Setting up a honeypot can help you glean information on the way cybercriminals operate, as well as provide you with details on where there might be gaps in your current cybersecurity measures.

Incident response is how an organization responds to a successful cyberattack or breach. This includes minimizing the negative impact, addressing the root causes, and preventing further damage and cyberattacks in the future. Incident response works to limit both the tangible repercussions of a cyberattack, such as costs and time, as well as minimize damage to elements like brand reputation and consumer trust.

An insider threat is typically a current or former employee of an organization that has the means to cause damage to the organization’s internal systems or leak sensitive information. Insider threats can also be former contractors, vendors, or partners who are able to access the organization’s sensitive data. An effective way to avoid insider threats is to ensure people who no longer require login credentials have their access to internal systems and data platforms revoked.

Keylogger, also referred to as keystroke logging, is a tool used by cybercriminals to track and record a user’s computer activity in order to gain access to sensitive information. A form of spyware, keyloggers record every keystroke made by a user. Cybercriminals use keyloggers to steal user credentials, record sensitive information such as credit card numbers, track online browsing activity, and more. Keyloggers are often used to carry out malicious activities and can be difficult to detect, but with effective user awareness training and sophisticated cybersecurity solutions in place, your organization can minimize the likelihood of keyloggers exploiting your users.

Machine Learning is a subset of Artificial Intelligence (AI) to enable machines to simulate intelligent human behavior as it relates to learning and decision making. Machine Learning algorithms learn to make observations, classify information, and uncover patterns. Over time, the insights gleaned from this process help algorithms become incredibly proficient at their respective tasks. Many email security programs rely on Machine Learning to perform real-time analysis of emails and protect against phishing attempts.