Cyber Security Jargon Buster

Posted on 17/01/2020

Share this post

The cyber security industry is filled with hard-to-understand and complex technical terms. From phishing and whaling, to the Internet of Things and the Dark Web, we’ve put together a Cyber Security Jargon Buster to help make a little more sense of the otherwise tricky terminology.


Software designed to detect and remove computer viruses.

Cyber attack

Any type of act that manipulates or destroys a computer, network, device or the information contained within them. The term ‘cyber attack’ is a blanket term covering everything from a hacked website to a spam email landing in your inbox.


Specific security standards and frameworks that demonstrate an organisation is following best practice in order to protect its data and users from a cyber attack or breach.

Dark web

Part of the world wide web that can only be accessed using specific software, configuration or authorisation. The dark web is used for selling illegal and black market products – including personal and business information and data files acquired by hackers. Dark Web Monitoring is the most effective method of detecting stolen or compromised credentials.

Device spoofing

Device spoofing occurs when a hacker impersonates a device or user on a network in order to bypass access controls and steal data or spread a virus.

External cyber threats

When an external source attempts to gain access to a network or device with malicious intent by exploiting vulnerabilities in the network’s defence. For example, hackers may look to manipulate out-of-date and unpatched security systems to access information within a network.


A secure network security system that establishes a barrier between the internal and external network. It monitors incoming and outgoing traffic based on security rules.


An individual who maliciously gains access to information stored within an account, device or network.

Incident response

A plan or action of response to a cyber security breach or attack. Incident response is required to quickly manage and mitigate damage, as well as recover and restore services following an incident.

Internal cyber threats

Threats posed to an organisation by its employees, who can intentionally or accidentally compromise security – for example, by downloading malicious files or sharing security information that lead to a breach. User awareness training is crucial to educating staff who are unaware of the risks.

Internet of Things (IoT)

The IoT is the interconnection between everyday objects via the internet, enabling them to share and receive data between one another.


Software used to facilitate unauthorised access and cause damage or disruption to a system. This is usually downloaded to a computer through a malicious website or unsafe link.

Managed Security Service Provider (MSSP)

A third party provider of managed cyber security services designed to reduce risk and protect against security breaches, whilst managing compliance with regulatory standards.

Multi-factor authentication (MFA)

A security authentication method requiring two or more steps to successfully access an account  or device. Typically, these elements are knowledge, inherence and possession.

Penetration testing (Pentest)

Penetration testing is a specialist form of assessment designed to identify vulnerabilities and security weaknesses within a network that cybercriminals could exploit. It can also be used to test an organisation’s security policy compliance, employee awareness and response time.


Phishing involves sending a hoax email impersonating a reputable company or person in order to get individuals to offer their personal information, such as bank details or passwords.


Malicious software used by hackers to lock a computer’s content and demand a ransom to regain access.

Security Operations Centre (SOC)

A team or unit of specialist information security experts that manage an organisation’s cyber security strategy and defence. Air Sec’s SOC-as-a-Service delivers next generation threat detection and incident response to safeguard from the latest threats.

Virtual Chief Information Security Officer (vCISO)

A vCISO is an external cyber security expert who takes on the role of Chief Information Officer within an organisation to develop and manage its strategy, budget and regulatory compliance.


Software that contains a malicious code or program designed to alter the way a computer operates. Aptly named, a virus will spread from computer to computer quickly, corrupting or destroying data.


Protecting your business from cyber crime

In today’s world, companies need to ensure they are taking appropriate precautions against the threats of cyber crime. Air Sec delivers next generation managed cyber security and incident response services, safeguarding from the very latest threats and ensuring regulatory compliance

If you would like to discuss your options and find out more about our services, get in touch to speak to a member of our team.

Share this post

Similar posts you might like

Find out how our Cyber Security specialists can help