Cyber threats are constantly evolving, and staying informed about key cyber security terms is crucial for professionals and enthusiasts alike. Whether you’re new to the field or looking to refresh your knowledge, this glossary covers fundamental and emerging concepts in cyber security.
Core Cyber Security Terms
1. Antivirus
Software designed to detect, block, and remove malicious programs like viruses, worms, and trojans from computers and networks.
2. Botnet
A network of compromised devices (bots) controlled by an attacker to launch large-scale cyber attacks, such as DDoS attacks, without the owners’ knowledge.
3. Bring Your Own Device (BYOD)
A corporate policy allowing employees to use personal devices (laptops, smartphones) for work, introducing security challenges like data leakage and unauthorized access.
4. Cyber Attack
A malicious attempt to breach, disrupt, or destroy computer systems, networks, or data. Common types include phishing, ransomware, and SQL injection.
5. Cloud Security
The protection of data, applications, and infrastructure in cloud environments (like AWS, Azure, or Google Cloud) from cyber threats.
6. Cyber Security
The practice of defending systems, networks, and data from digital attacks through technologies, processes, and user awareness.
7. Denial of Service (DoS/DDoS)
An attack that overwhelms a system with excessive traffic, making it unavailable to legitimate users. Distributed Denial of Service (DDoS) uses multiple sources.
8. Digital Footprint
Traces of data left behind from online activities, including social media posts, cookies, and login histories, which attackers can exploit.
9. Encryption
The process of converting data into a coded form to prevent unauthorized access. Only those with a decryption key can read the information.
10. Endpoint Security
Protecting end-user devices (laptops, mobile phones) from cyber threats using antivirus, firewalls, and EDR (Endpoint Detection and Response) solutions.
Advanced Cyber Security Terms
11. Firewall
A security barrier (hardware or software) that monitors and controls incoming/outgoing network traffic based on predefined rules.
12. Honeypot / Honeynet
A decoy system designed to lure attackers, allowing security teams to study their tactics. Multiple honeypots form a honeynet.
13. Hacker
A person who exploits weaknesses in systems. Categories include:
- Black Hat: Malicious hackers
- White Hat: Ethical hackers
- Grey Hat: Operates between legal and illegal hacking
14. Internet of Things (IoT) Security
Securing smart devices (cameras, thermostats) connected to the internet, often vulnerable due to weak default passwords.
15. Malware
Malicious software, including:
- Viruses: Self-replicating programs that infect files
- Trojans: Disguised as legitimate software
- Ransomware: Encrypts data for ransom
- Spyware: Secretly monitors user activity
16. Phishing / Spear-Phishing
- Phishing: Fraudulent emails/messages tricking users into revealing sensitive data.
- Spear-Phishing: Highly targeted attacks impersonating trusted entities.
17. Penetration Testing (Pentest)
Authorized simulated cyber attacks to identify vulnerabilities before hackers exploit them.
18. Zero-Day Exploit
An attack targeting an unknown vulnerability (zero-day) before developers can patch it.
19. Virtual Private Network (VPN)
Encrypts internet traffic to ensure privacy and secure remote access to networks.
20. Zero Trust Security
A modern security model where no user or device is trusted by default, requiring continuous verification.
Emerging Cyber Security Terms
21. AI-Powered Cyber Attacks
Hackers using artificial intelligence to automate attacks, bypass security, and create deepfake scams.
22. Supply Chain Attack
Compromising a vendor/third-party software to infiltrate a target organization (e.g., SolarWinds attack).
23. Dark Web Monitoring
Tracking illegal marketplaces where stolen data (credentials, credit cards) are traded.
24. Multi-Factor Authentication (MFA)
Requiring multiple verification methods (password + SMS code + biometrics) for secure logins.
25. Threat Intelligence
Collecting and analyzing data on emerging threats to proactively defend against attacks.
Network & Infrastructure Security Terms
26. Intrusion Detection System (IDS)
A monitoring system that detects suspicious activity and alerts administrators but does not block threats.
27. Intrusion Prevention System (IPS)
An advanced version of IDS that actively blocks detected threats in real-time.
28. Secure Sockets Layer (SSL) / Transport Layer Security (TLS)
Encryption protocols that secure data transmitted over the internet (e.g., HTTPS websites).
29. Man-in-the-Middle (MitM) Attack
When an attacker secretly intercepts and possibly alters communications between two parties.
30. Virtual Local Area Network (VLAN)
A segmented network that enhances security by isolating traffic between different user groups.
31. Network Segmentation
Dividing a network into smaller parts to limit an attacker’s movement if a breach occurs.
32. Port Scanning
A technique used to identify open ports and services on a network, often used by attackers to find vulnerabilities.
33. Packet Sniffing
Capturing and analyzing data packets transmitted over a network, which can be used maliciously to steal sensitive information.
34. Demilitarized Zone (DMZ)
A separate network segment that acts as a buffer between an internal network and the internet, hosting public-facing services securely.
35. Secure Shell (SSH)
A cryptographic network protocol for securely accessing and managing systems over an unsecured network.
Data Security & Privacy Terms
36. Data Breach
Unauthorized access, exposure, or theft of sensitive data (e.g., customer records, passwords).
37. Personally Identifiable Information (PII)
Data that can identify an individual (e.g., name, SSN, email), requiring strict protection under laws like GDPR.
38. General Data Protection Regulation (GDPR)
A strict EU regulation governing data privacy and security for individuals.
39. Data Masking
Hiding original data with modified content (e.g., fake credit card numbers in test databases).
40. Tokenization
Replacing sensitive data with non-sensitive placeholders (tokens) to prevent exposure.
41. Data Loss Prevention (DLP)
Tools and policies to prevent sensitive data from being leaked or stolen.
42. End-to-End Encryption (E2EE)
Ensures only the sender and recipient can read messages (used in WhatsApp, Signal).
43. Keylogger
Malware that records keystrokes to steal passwords, credit card details, and other sensitive input.
44. Data Exfiltration
The unauthorized transfer of data from a system, often performed stealthily by attackers.
45. Right to Be Forgotten
A legal concept allowing individuals to request the deletion of their personal data from online platforms.
Threat Detection & Response Terms
46. Security Information and Event Management (SIEM)
A system that collects and analyzes security logs in real-time to detect threats.
47. Extended Detection and Response (XDR)
An advanced security platform integrating multiple tools (EDR, email security, firewalls) for better threat detection.
48. Incident Response Plan (IRP)
A documented strategy for handling cyber attacks, including roles, communication, and recovery steps.
49. Cyber Kill Chain
A model (by Lockheed Martin) outlining the stages of a cyber attack (recon, weaponization, delivery, exploitation, etc.).
50. Threat Hunting
Proactively searching for hidden threats in a network before they cause damage.
51. Indicators of Compromise (IoC)
Evidence of a cyber attack, such as unusual login attempts or malware signatures.
52. Sandboxing
Isolating suspicious files or programs in a secure environment to analyze their behavior safely.
53. Rootkit
A stealthy malware that grants attackers persistent access while hiding from detection.
54. Blue Team vs. Red Team
- Blue Team: Defenders who protect systems.
- Red Team: Ethical hackers who simulate attacks to test defenses.
55. Purple Teaming
Collaboration between red and blue teams to improve security defenses.
Future Cyber Security Terms
56. Quantum Cryptography
Using quantum computing principles to create unhackable encryption methods.
57. Deepfake Attacks
AI-generated fake audio/video used for social engineering or disinformation.
58. Ransomware-as-a-Service (RaaS)
A criminal business model where hackers sell ransomware tools to less-skilled attackers.
59. Cyber Insurance
Policies that help businesses recover financially after a cyber attack.
60. Zero-Click Exploit
An attack that requires no user interaction (e.g., an iPhone iMessage exploit).
61. API Security
Protecting application programming interfaces (APIs) from abuse and data breaches.
62. DevSecOps
Integrating security into the DevOps (development + operations) pipeline.
63. Biometric Security
Using fingerprints, facial recognition, or iris scans for authentication.
64. Homomorphic Encryption
A method of processing encrypted data without decrypting it first.
65. Cyber Resilience
An organization’s ability to withstand and recover from cyber attacks.
Conclusion
Understanding these cyber security terms helps individuals and organizations stay ahead of threats. As technology advances, new risks emerge, making continuous learning essential.
Did we miss any key terms? Let us know in the comments!
References:
- National Cyber Security Centre (NCSC) Glossary
- NIST Cybersecurity Framework
- OWASP Top 10
