What These 9 Cyber Security Buzzwords And Jargon Terms Really Mean

Click here to view original web page at www.forbes.com

By Sue Poremba

Hybrid cloud. BYOD. Big Data. Internet of Things. These are terms that have become part of the daily lexicon, not only within the information technology (IT) and cyber security world but also in the main stream. Jargon is integral to IT. They make complicated terms more accessible to the non-technical person, even if they aren’t easier to understand.

Buzzwords are commonplace in IT security, as well, but are they truly understood? As Frank Ohlhorst writes in Tech Republic, “it seems that IT security managers are giving too much power to terms and buzzwords, letting them dictate security best practices.” Ohlhorst goes on to point out that while BYOD is just an acronym that means, simply, Bring Your Own Device (such as when a company allows its employees to use their personally-owned phones, laptops, and other devices to access the network for work purposes), security professionals see it as Bring Your Own Disaster and the beginning of a security nightmare.

Some security buzzwords and jargon are to the point, like ransomware or phishing, while others, like cloud security or compliance, are a little more ambiguous. Here are a few popular terms and what they really mean for security.

Cloud security. It’s easy to lump all security within cloud computing under one term, but it differs between public clouds and private clouds. Private cloud security is approached in the same manner as any other in-house network security, while public cloud security will involve a third-party vendor. In basic terms, Ari Zoldan CEO, Quantum Networks, breaks down “cloud security” as a component of computer security which deals with the policies, technologies, and controls put into place to protect data, applications, and the associated infrastructure of cloud computing, but for IT security professionals, it really needs to be disseminated based on the type of cloud.

Compliance. It seems like everyone wants to have their company become compliant with all types of rules and regulations meant to keep data secure. That’s a good thing. But for many companies, “compliant” is doing the bare minimum toward data security while claiming the company meets regulatory standards. Real compliance is an on-going process to do everything possible to prevent breaches and other threats.

Let’s take a closer look at 9 cyber security terms and uncover their true definitions.

Cyber espionage. This is the act of stealing secrets from one company or individual via the Internet with the intent on using them for personal, or more often, political or military, gain. Often this term is used when individuals or groups representing a country or organization infiltrate an “enemy’s” network. Countries like China and Russia and groups like the Syrian Electronic Army are often accused of cyber espionage. This buzzword shouldn’t be confused with cyberwarfare, which consists of different types of threats, including cyber espionage, conducted specifically by nation states.

Data Loss Prevention. Data Loss Prevention (DLP) is often the term used to describe the last point of defense against a cyberattack, but it is actually the strategy and software the security team develops to protect data.

Endpoint Protection Platforms. Gartner explains endpoint protection platforms (EPP) as “a solution that converges endpoint device security functionality into a single product that delivers antivirus, anti-spyware, personal firewall, application control and other styles of host intrusion prevention (for example, behavioral blocking) capabilities into a single and cohesive solution.” It’s an essential need for information security, as every device we use – from our computers to smartphones – is considered an endpoint and needs to be secured. The problem it helps to solve is protecting the overwhelming number and types of devices now being connected to networks.

Privacy. When it comes to data security, privacy is tricky because what it means to one person (say the employee using BYOD) isn’t what it means to another (say the NSA). For the IT security professional, however, data privacy is ensuring that sensitive information, such as personally identifiable information of customers and others, remains hidden and inaccessible to network intruders.

Ransomware. This is malware, but a very specific type of malware that requires some sort of ransom payment to either remove the malware or to retrieve files that had been encrypted by the malware. Ransomware has been around for a long time, but it made news this year when Cryptolocker encrypted files and then demanded payment in Bitcoin.

Risk management. This is jargon that gets thrown around a lot, as in “we must develop a risk management program.” But what exactly is risk management? The Information Systems Audit and Control Association describes it this way: “Information risk management defines the areas of an organization’s information infrastructure and identifies what information to protect and the degree of protection needed to align with the organization’s tolerance for risk. It identifies the business value, business impact, compliance requirements and overall alignment to the organization’s business strategy. Once this information has been identified, it can be presented to the business leadership to make decisions about the level of investment (both financial and resource) that should be utilized to create appropriate information protection and risk management capabilities.”

Phishing. Phishing is one of the oldest forms of malicious social engineering, but it remains one of the most effective because spammers do a good job at luring users to click on malicious links or open malware-laden attachments. It is a specific form of social engineering used to gather personally identifiable information. Phishing emails appear to come from a trusted source, such as a friend or a well-known business. Over time, phishing has evolved to include spear phishing (targeted attempts highly personalized for a specific target) and whaling (phishing scams that target high-profile users and decision makers).

The buzzwords and jargon discussed here are just the tip of the security iceberg, but they represent the terms that are used and often misunderstood within IT security.

Sue Poremba is an information security writer based in Central Pennsylvania and the author of The Phillies Fan’s Little Book of Wisdom.

Related must reads:

1. Cyber Security Professionals Forecast Concerns For 2015
2. How To Conduct An Information Security Gap Analysis
3. Information Security Exposure: Is Your Company’s Information Running Around Naked?

Hybrid cloud. BYOD. Big Data. Internet of Things. These are terms that have become part of the daily lexicon, not only within the information technology (IT) and cyber security world but also in the main stream. Jargon is integral to IT. They make complicated terms more accessible to the non-technical person, even if they aren’t easier to understand.

Buzzwords are commonplace in IT security, as well, but are they truly understood? As […]

cinerama

Illuminati, Mason, Anonymous I'll never tell. I can tell you this, global power is shifting and those who have the new intelligence are working to acquire this new force. You matter naught except to yourself, therefore prepare for the least expected and make your place in the new world order.

Disqus Comments Loading...
Share
Published by
cinerama
Tags: one

Recent Posts

  • Bitcoin Business

Jimmy Nguyen talks Bitcoin SV and how it’s changing the commerce world

Jimmy Nguyen , the president of the Bitcoin Association, traveled recently to Colombia in order to spread the word on… Read More

1 hour ago
  • Bitcoin Business

Alleged Silk Road Drug Dealer Arrested For Using Bitcoin For Money Laundering

Silk Road , a dark web drug market founded by Ross Ulbricht under the pseudonymous nickname “Dread Pirate Roberts” has… Read More

1 hour ago
  • Bitcoin Business

The first new decentralized fair payment system for masternodes

Overview of the new Decentralized Fair Payment System (dFPS) Masternodes are typically a node that can be ran on certain… Read More

1 hour ago
  • Bitcoin Business

Bitcoin Hyper Launches the World’s Fastest Bitcoin, a Cryptocurrency for Real World Use

SLIEMA, Malta, July 23, 2019 /PRNewswire/ -- Bitcoin Hyper ("BHY"), an innovative new cryptocurrency that provides consumers with the ability… Read More

1 hour ago
  • Bitcoin Business

Trader Predicts Ripple to Dump by 60% Against Bitcoin Before It Moons

Ripple (XRP/BTC) is down 66% YTD. An analyst on Twitter predicts that it will fall further before launching a massive… Read More

1 hour ago
  • Bitcoin Business

Pantera CEO: $42,000 Bitcoin Price By The End Of 2019 ‘A Good Shot’

A historical Bitcoin price chart on a logarithmic scale. In a recent episode of her Unchained podcast , Laura Shin… Read More

1 hour ago

This website uses cookies. We use these cookies to collect data about your interaction with our website for the purpose of continuously improving your experience with our site. For more information we encourage you to read our privacy policy.

Read More