Cybersecurity Glossary

Most of us have heard about viruses, hacking, the dark web, identity theft and phishing. But the lesser used cybersecurity terms form an entirely new language, that's completely foreign for most browsers. 

Here's a glossary of some general terms used in the online security industry to enable clear communication and a common understanding of cybersecurity definitions.

Cybersecurity Terminology

The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions

Access Control
The process of granting or denying specific requests for or attempts to obtain and use information and related information processing services

Active Attack
An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources, its data, or its operations

Air Gap
To physically separate or isolate a system from other systems or networks

A notification that a specific attack has been detected or directed at an organisation’s information systems

A list of entities that are considered trustworthy and are granted access or privileges

Antispyware Software
A program that specialises in detecting and blocking or removing forms of spyware

Antivirus Software
A program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents – sometimes by removing or neutralising the malicious code

The intentional act of attempting to bypass one or more security services or controls of an information system, to gain unauthorised access to system services, resources, or information, or an attempt to compromise system integrity

The process of verifying the identity, source and integrity of an entity (user, process, device or data)

A process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resource

Creating a duplicate copy of data onto a separate physical storage device or online / cloud storage solution, as insurance against digital loss

Blacklist / Blocklist
A security mechanism prohibiting the execution of those programs on a known malicious or undesired list of software, resulting in a list of specific files known to be malicious or unwanted (called the blacklist or blocklist)


A computer connected to the internet that has been surreptitiously / secretly compromised with malicious logic to perform activities under remote the command and control of a remote administrator (also a member of a larger collection of compromised computers known as a botnet)

Browser Hijacking
The process of changing the default home page or search engine in a web browser by a malicious program without permission

An unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device


Cryptographic algorithm

Data or information in its encrypted form

Cloud Computing
A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction

Computer Network Defence
The actions taken to defend against unauthorised activity within computer networks

A small text file which is placed on the device when visiting a website, allowing the site to track visitor details and store preferences – designed to be helpful and increase the website speed (also useful for advertisers who can match the ads to browser interest)

Cyberbullying is the use of electronic means, primarily messaging and social media platforms, to bully and harass a victim

Cyber Ecosystem
The interconnected information infrastructure of interactions among persons, processes, data, and information and communications technologies, along with the environment and conditions that influence those interactions

The activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and / or defended against damage, unauthorised use or modification, or exploitation

Cyberthreat Intelligence
The collecting, processing, organising, and analysing of data into actionable information that relates to capabilities, opportunities, actions, and intent of adversaries in the cyber domain to meet a specific requirement determined by and informing decision-makers

Dark Web
The dark web is encrypted parts of the internet that are not indexed by search engines, most notoriously used by all types of criminals, including paedophiles, illicit human and contraband traffickers, and cybercriminals, to communicate and share information without being detected or identified by law enforcement

Data Breach
The unauthorised movement or disclosure of sensitive information to a party, usually outside the organisation, that is not authorised to have or see the information

Data Loss
The result of unintentionally or accidentally deleting data, forgetting where it is stored, or exposure to an unauthorised party

Data Mining
The process or techniques used to analyse large sets of existing information to discover previously unrevealed patterns or correlations

Deep Web
Similar concept to the dark web, but not hidden – web content not indexed by traditional search engines, and preferred by certain groups for its increased privacy levels

Digital Certificate
A means by which to prove identity or provide authentication commonly by means of a trusted third-party entity known as a certificate authority – the public key of a subject signed by the private key of a certificate authority with clarifying text information such as issuer, subject identity, date of creation, date of expiration, algorithms, serial number and thumbprint

Event / Incident
An observable occurrence in an information system or network – sometimes provides an indication that an incident is occurring or at least raise the suspicion that an incident may be occurring

A hardware / software device or a software program that limits network traffic according to a set of rules of what access is and is not allowed or authorised

An unauthorised user who attempts to, or gains access to, an information system

Identity Fraud
A form of identity theft in which a transaction, typically financial, is performed using the stolen identity of another individual – due to the attacker impersonating someone else

Internet Service Provider (ISP)
The organisation that provides connectivity to the internet for individuals or companies – sometimes offering additional services above that of just connectivity, such as e-mail, web hosting and domain registration

Local Area Network (LAN)
An interconnection of devices (network) that is contained within a limited geographic area (typically a single building) – typically for which all of the network cables or interconnection media is owned and controlled by the organisation, unlike a Wide Area Network (WAN) where the interconnection media is owned by a third party

Malware / Malicious Code
Program code (software, firmware, and scripts) intended to perform an unauthorised function or process that will have an adverse effect on the confidentiality, integrity, or availability of an information system

Parental Controls
Parental Controls are features which may be included in digital television services, computer and video games, mobile devices and software that allow parents to restrict the access of content to their children

Passive Attack
An actual assault perpetrated by an intentional threat source that attempts to learn or make use of information from a system, but does not attempt to alter the system, its resources, data, or operations

A string of characters (letters, numbers, and other symbols) used to authenticate an identity or to verify access authorisation

An update or change or an operating system or application – often used to repair flaws or bugs in deployed code, as well as introduce new features and capabilities

Penetration Testing
An evaluation methodology whereby assessors search for vulnerabilities and attempt to circumvent the security features of a network and / or information system

Digitally deceiving individuals to gain access to sensitive information

The assurance that the confidentiality of, and access to, certain information about an entity is protected

Malicious programs designed to extort money from victims by blocking access to the computer or encrypting stored data – offering to restore the system / data in return for payment

Recovery / Restitution
The activities after a breach event, to restore essential services and operations in the short and medium term and fully restore all capabilities in the longer term

The potential for an unwanted or adverse outcome resulting from an incident, event, or occurrence, as determined by the likelihood that a particular threat will exploit a particular vulnerability, with the associated consequences

Risk Analysis / Assessment
The appraisal of the risks facing an entity, asset, system, or network, organisational operations, or individuals, which collects information and assigns values to risks for the purpose of informing priorities, developing or comparing courses of action, and informing decision making and includes determining the extent to which adverse circumstances or events could result in harmful consequences

Risk Management
The process of identifying, analysing, assessing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken – incudes conducting a risk assessment, implementing strategies to mitigate risks, continuous monitoring of risk over time, and documenting the overall risk management program

Scareware is malware that uses scare tactics, often in the form of pop-ups that falsely warn users they have been infected with a virus, to trick users into visiting malware containing websites

Security Policy
A rule or set of rules that govern the acceptable use of an organisation's information and services to a level of acceptable risk and the means for protecting the organisation's information assets

Software Assurance
The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its life cycle, and that the software functions in the intended manner

The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages

Faking the sending address of a transmission to gain illegal (unauthorised) entry into a secure system – including the deliberate inducement of a user or resource to take incorrect action (impersonating, masquerading, piggybacking, and mimicking are forms of spoofing)

Software that is secretly or surreptitiously installed onto an information system without the knowledge of the system user or owner

System Integrity
The attribute of an information system when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorised manipulation of the system

A circumstance or event that has or indicates the potential to exploit vulnerabilities and to adversely impact (create adverse consequences for) organisational operations, organisational assets (including information and information systems), individuals, or other organisations

Threat Analysis
The detailed evaluation of the characteristics of individual threats – identifying and assessing the capabilities and activities of cybercriminals, produces findings to help initialise or support counterintelligence investigations or activities

Trojan Horse
A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorisations of a system entity that invokes the program

Two-Factor Authentication
The means of proving identity using two authentication factors – passwords and PINS (type 1), smart cards and OTPs (type 2), or fingerprints and retina scans (type 3)

Unauthorised Access
Any access that violates the system / device owner’s security policy

A computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer

Virtual Private Network (VPN)
A communication link between systems or networks that is typically encrypted in order to provide a secured, private, isolate pathway of communications

A characteristic or specific weakness that renders an organisation or asset (such as information or an information system) open to exploitation by a given threat or susceptible to a given hazard

Whitehat / Blackhat
Terms to differentiate between "good and bad hackers" in the world of cybercrime – blackhats being hackers with criminal intentions and whitehats being hackers who use their skills and talents for good and work to keep data safe from other hackers by finding system vulnerabilities that can be fixed

A means to support network communication using radio waves rather than cables

A self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself

A term related to the malicious concept of a botnet – used to refer to the system that is host to the malware agent of the botnet or to the malware agent itself

Stay safe. Stay informed. 
Subscribe to our newsletter.

Sign Up