Talk the Talk!
Learn the Cyber-Tech Lingo the Pros Use
- AV: Antivirus
- BOTNET: Robot Network
- CERT: Computer Emergency Response Team
- CMMC: Cybersecurity Maturity Model Certification
- CSP: Cloud Service Provider
- DDoS: Distributed Denial-of-Service
- DNS: Domain Name Server
- EDR: Endpoint Detection and Response
- HIPAA: Health Information Portability and Accountability Act
- HTTPS: Hypertext Transfer Protocol Secure
- IAM: Identity and Access Management
- IDS: Intrusion Detection System
- IoT: Internet of Things
- IP Address: Internet Protocol Address
- IPS: Intrusion Prevention System
- IRP: Incident Response Plan
- LAN: Local Area Network
- MDR: Managed Detection and Response
- MFA: Multi-factor Authentication
- MSSP: Managed Security Service Provider
- NIST: National Institute of Standards and Technology
- PII: Personally Identifiable Information
- SIEM: Security Information and Events Management
- SOC: Security Operations Center
- SSL: Secure Socket Layer
- SSO: Single Sign-On
- VPN: Virtual Private Network
- WAP: Wireless Application Protocol
- WAS: Web Application Security
- ZTNA: Zero Trust Network Access
What Does IT All Mean?
Defining the Cyber-Tech Lingo the Pros Use
AV: Antivirus
Antivirus is software installed on a system or network in order to detect, quarantine, and/or block malware from operating on devices. It works in conjunction with network defense and device configurations. The reason AV is so important is because it will help protect your devices and network from getting infected by malware or ransomware, which can result in the theft of intellectual property, ransoming of data, or the disruption of services your organization provides.
BOTNET: Robot Network
A BOTNET is a group of connected computers infected and controlled by malware under the control of a single attacking party, which is known as the “bot-herder.” Each machine under the control of the bot-herder is known as a “bot.” Common BOTNET actions are email spam, DDoS attacks, financial breaches, or targeted intrusions. For example, a bot-herder will send a bot via a malicious email to an unsuspecting recipient, who opens a link or file attachment in the email on their device. The bot then communicates back to the bot-herder, who can then dictate commands to the infected device. BOTNET attacks are suitable for long-term intrusions.
CERT: Computer Emergency Response Team
CERT is a group of security experts who respond to incidents and report on those incidents. Not only do they respond to emergency incidents, but also protect against and detect them as they come along. You will need a CERT to both protect and prevent incidents as well as deal with emergencies as they arise in your business or organization.
CMMC: Cybersecurity Maturity Model Certification
CMMC is a third-party verification that ensures that proper levels of cybersecurity controls and processes are in place to protect data on a network. There are five multiple maturity levels: the first is basic cyber hygiene; the second is intermediate cyber hygiene; the third is good cyber hygiene; the fourth is proactive; and the fifth is advanced or progressive. “Cyber hygiene” refers to cybersecurity best practices that help protect and promote the “health” of your business or organization.
CSP: Cloud Service Provider
A CSP is a third-party organization or company that offers platforms, infrastructures, applications, and/or storage services on the cloud. Cloud-based services as these are valuable in that they are not limited by the physical servers that might be onsite as well as provide opportunity for reducing redundancies, as a whole business might have access to the cloud-based services and so not have files or folders squirreled away in some virtual nook or cranny.
DDoS: Distributed Denial-of-Service
A DDoS is when an attacker attempts to slow or stop traffic on a server or network and tries to make a service or operation unserviceable, often by drowning one system with requests from multiple systems. A DoS is a Denial-of-Service and, like a DDoS, seeks to slow or stop up a server, but with only one system to send the bad data, rather than multiple systems.
DNS: Domain Name Server/System
DNS is the protocol that makes the internet able to be used by allowing for the use of domain names, instead of long and hard-to-remember IP addresses. A DNS translates the name of a website, or domain, to a machine-readable IP address. The importance of DNS Security is a critical component of network security and can be achieved by monitoring and analyzing your DNS traffic, looking out for things such as indicators of compromise, infected hosts, or lookalike domains.
EDR: Endpoint Detection and Response
EDR, also known as Endpoint Thread Detection and Response (ETDR), is an integrated and layered endpoint technology solution that combines real-time constant monitoring and collection of endpoint data with rules-based automated response and analysis capabilities. It then analyzes this data to identify threats and threat patterns as well as respond to those threats by removing or containing them and notifying security personnel. EDR is deployed to protect a particular endpoint of a network system. EDR is often deployed along with MDR.
HIPAA: Health Information Portability and Accountability Act
HIPAA is a U.S. federal regulation begun in 1996, developed to protect the privacy and security of certain health information as well as Personally Identifiable Information (PII). Any of that information on a network is virtual data and is protected under HIPAA. Thus, cybersecurity agencies must protect such data from any prying eyes, as cybercriminals who might want to exploit such data.
HTTPS: Hypertext Transfer Protocol Secure
HTTPS is a secure version of HTTP, which came before it. HTTPS is also known as SSL (Secure Socket Layer) and is a protocol for secure communications over a network, specifically the internet. HTTPS encrypts data in order to securely transfer that data. When using the internet, make sure that the sites you use and visit are encrypted by checking the web address and making sure that it begins with HTTPS, not merely HTTP.
IAM: Identity and Access Management
IAM is the practice of the enablement of access to data and resources at the right times for the right reasons. It is an essential part of an overall IT management system that manages digital identities and user access. It enhances security, mitigates risks, increases operational efficiencies, and improves compliance. A fun way to think of it is “IAM supposed to access this data right now in this way!”
IDS: Intrusion Detection System
The IDS is a network system security technology that monitors network traffic for any vulnerabilities that might be exploited by malicious activity and requires a human to examine any threats detected. As opposed to an Intrusion Prevention System (IPS), an IDS primarily detects and records cyberthreats when and as they occur.
IoT: Internet of Things
The IoT is a network of physical objects or things that are web-related and that collect and transfer data over systems and devices on the internet. The “things” of the IoT are the devices, as computers and servers in server rooms, that connect to networks online.
IP Address: Internet Protocol Address
The IP Address is a unique string of numbers, called an “address,” assigned to each device on a local network or the internet. It is the set of rules that govern the way in which data is sent over the internet or a local network. Essentially, it is the identifier that allows information or data to be transferred between devices on a network or on the internet. Each address is a string of numbers separated by periods, looking something like 123.123.1.12, with numbers ranging from 0 to 255. Additionally, IP Addresses are not random, but are mathematically produced and allocated by a ruling agency.
IPS: Intrusion Prevention System
IPS is like IDS, but instead of reacting to cyber intrusions or attacks, it is a network security technology and control system that prevents intrusions or attacks. It does this by monitoring network traffic for vulnerabilities that might be exploited for malicious activity and automatically allows or denies the detected traffic based on preestablished ruleset. It is proactive in dealing with intrusions by preventing them from entering a system network.
IRP: Incident Response Plan
An IRP is a written document, formally approved by leadership, that helps your organization or business before, during, and after a cybersecurity incident has occurred, whether confirmed or suspected. It should clarify roles and responsibilities as well as provide guidance on key activities and duties to be executed. It is the plan of how your organization or business will respond to an incident when such occurs.
LAN: Local Area Network
A LAN connects devices in a local or limited and specific area. It is used largely in small spaces and helps manage all the data in one centralized location, making it easier to keep data secure as well as transfer that data over computers in the network. A LAN requires internal security protocols, as antivirus or antimalware security as well as firewalls, to be installed in order to best secure the network.
MDR: Managed Detection and Response
Much like EDR, MDR is a service that provides organizations with threat hunting services and responds to threats once they are discovered. While EDR is automated and protects a particular endpoint of an organization, MDR provides security monitoring and management across an organization’s entire network system with live personnel 24/7/365. MDR often deploys EDR in its scope of protection of an organization’s network as well as a Security Operations Center (SOC), run by live personnel.
MFA: Multi-factor Authentication
MFA is a way to verify a person’s identity at login, ensuring that it is the user who is the actual user who is logging into an account. It is a layered approach to securing data and applications, requiring a user to provide a combination of two or more credentials. It increases security because even if one credential becomes compromised, the user still has control over who accesses their account, as the other credential(s) will need to be entered in order to access the account.
MSSP: Managed Security Service Provider
An MSSP is a complete outsourced security solution for an organization. MSSPs provide security monitoring and incident response for an organization’s networks and endpoints, as well as support for such platforms as cloud-based infrastructure as well as general IT support. While Managed Service Providers (MSPs) deliver general network and IT support, MSSPs mainly provide security services. The difference with Total Secure Technology is that, as an MSSP, we provide not only cybersecurity services, but also comprehensive IT services, including managed IT compliance, security, support, backup and recovery, and VoIP Telephony.
NIST: National Institute of Standards and Technology
NIST was founded in 1901 to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology. The aim of NIST is to enhance economic security and improve people’s quality of life. It is known for their Cybersecurity Framework, which is a set of guidelines for U.S. companies to follow and use in the event of a cyber incident.
PII: Personally Identifiable Information
PII is any personal data that can be used to identify an individual, such as name, social security number, address, medical and health information, biometric identifiers, account numbers, vehicle identification number, license, and the like.
SIEM: Security Information and Events Management
A solution software that collects and analyzes data and activity from various resources across an entire network infrastructure in real-time, SIEM provides a thorough and centralized view of how secure a network is. SIEM combines Security Information Management (SIM) and Security Event Management (SEM) to offer a security solution that helps organizations and businesses to recognize potential and actual threats and vulnerabilities in their network systems before they disrupt business operations.
SOC: Security Operations Center
A SOC is a centralized unit with dedicated personnel, utilizing technology and processes that detect, monitor, investigate, prevent, and respond to cyberthreats and improve an organization’s security around the clock, 24/7/365. A SOC will monitor and protect an organization’s assets, as intellectual property, PII, business systems, brand integrity, and the like. It acts as the central point of collaboration in a coordinated effort to provide these security services.
SSL: Secure Socket Layer
An SSL is a security certificate used to encrypt data across the internet, protecting sensitive data. It is a protocol that ensures the privacy, authentication, and integrity of data in online communications. It is the predecessor to the current TLS encryption of today. A website that utilizes SSL/TLS has “HTTPS” in its URL, instead of merely “HTTP.”
SSO: Single Sign-On
SSO is a user authentication tool that enables users to securely authenticate themselves and sign in one time to access all services and applications. This helps reduce “password fatigue” while maintaining online security. It is best to pair SSO with MFA to doubly verify a user’s identity and secure accounts. Additionally, it is important to implement strong passwords, as over 80% of data breaches are caused by compromised, weak, and recycled or reused passwords or credentials (Verizon DBIR, pp. 37, 75).
VPN: Virtual Private Network
A VPN is a private network that encrypts and protects data over a public network and online. By encrypting data, a VPN disguises data, as your identity, in real-time, so that it is more difficult for third parties to track your activities or steal your data. It works by hiding your IP Address, thus allowing you to work with secure encryption, to disguise your whereabouts, to access regional content, and to engage in secure data transfer.
WAP: Wireless Application Protocol
WAP is the specification of communication protocols that enables wireless devices, as mobile phones or laptops, to access the online resources, as websites, email, or instant messaging. WAP enables communication to occur between a wireless device and WAP software, such as a WAP-enabled web browser or network technology. It translates webpage and site requests from wireless devices into a format that the wireless device can receive and understand.
WAS: Web Application Security
WAS is a number of protocols and tools used to ensure security against cyberthreats within websites, web applications, or various web services. It allows sites to function as expected, even when under attack. It does this by utilizing a number of protocols and security tools and controls engineered into the web application to protect its data from potentially malicious activity.
ZTNA: Zero Trust Network Access
ZTNA, also known simply as “Zero Trust,” is a cybersecurity solution that provides secure remote access to an organization’s specific applications, data, and services based on clearly defined access protocols. It differs from a VPN in that it grants access to specific services or applications, while a VPN grants access to an entire network.
Walk the Walk?
Implement the Cyber-Tech Lingo the Pros Use
Hopefully, this whole list of cyber-tech lingo defined helps you understand a bit more what we IT, cyber-tech experts are talking about when we go into “cyber-tech lingo!”
All this lingo can be a bit much, though, to say the least. For you to implement all of these practices, protocols, and concepts in your organization or business would require that you become…well…an IT, cyber-tech, cybersecurity company! You have enough on your plate, running your business and achieving the bottom line.
But we can help!
Need Help?
We’re the Cyber-Tech Lingo Pros who Help!
Total Secure Technology is here to help! We have seasoned professionals who know their stuff who can help make sure that your company complies with cybersecurity protocols and mandates, so that you can focus on running your business. Contact us today to find out how we can help!
#IT4Good!