Common Cybersecurity Terms
At Omnistruct, we believe in making cybersecurity accessible to everyone. The best way to do that is to demystify the terms used by cybersecurity professionals.
What is a Black Hat Hacker?
These are your stereotypical illegal hacking groups portrayed in popular culture. Black hat hackers break into secure networks and systems with the motive of destroying, modifying, or stealing some sensitive data, or to make the networks unusable for authorized network users. Essentially, these are the bad guys.
What is a Cybercrime?
Cybercrime is a broad category of crime that includes ransomware, man-in-the-middle attacks, data theft, wire fraud, social engineering such as phishing, and many other crimes that are perpetuated with computers.
What is Cybersecurity Compliance?
Cybersecurity compliance is the practice of building and operating a functioning security program in an organization. Many organizations are being asked to continually prove their compliance and their cybersecurity maturity to either win or keep business. The closer you are to your customers’ data the more compliance you will be asked to provide.
What is a Cybersecurity Threat?
A threat is a perceived or real possibility of loss or misuse. Threats are what happens every day against every company. There are software, hardware, and process options to help deal with many threats but you must have the basics covered. If you get breached and can’t prove that you had reasonable security your insurance carrier can deny your coverage.
What is the Darkweb?
Although the term Dark Web emerged in 2009, it is unknown when it actually came into being. The difference between the surface web (the web most people use) and the Dark Web is custom software is required to access the Dark Web. Also known as Darknet websites, these sites are accessible only through networks like The Onion Routing project (TOR) and others specifically created for the Dark Web. The identities and locations of users stay anonymous and remain encrypted. The technology routes data through a large number of intermediate servers thereby keeping users on both ends anonymous. This is how illegal and black market data, information, and files are transmitted.
What is Data Classification?
Data classification is a way to tag and segregate data that may contain specific information. Sensitive data that contains private information or classified data needs to be handled differently than regular data. There is a requirement to encrypt the data at rest, as well as in transit (across the wires), limit who has access to the data, log who attempts to access the data, and other important controls to keep the data safe.
What is Data Mining?
Data mining is a buzzword used to extract patterns and knowledge from large data sources. It doesn’t entail extracting information from the data itself. The term can be applied to any form of data or information processing such as collection, extraction, warehousing, analysis, and statistics. It is also used to describe any application of things such as artificial intelligence (also known as machine learning) and business intelligence.
What is Data Privacy?
Data or information privacy is the public expectation that they can be guaranteed privacy for personal or classified information they provide to companies who hold that information.
What is Data Protection?
Data protection is how privacy and integrity is ensured. This entails using set processes and strategies and is sometimes called data or information security. Any organization that collects, stores or handles sensitive data should have an extensive data protection strategy.
What is a Firewall?
These days we refer to these as hacker speed bumps because many of them are configured in ways that allow Virtual Private Network (VPN) traffic or other things through without sniffing it out. A firewall is like a digital version of a building security team that, at minimum, sniffs out anything sketchy going in and out of your digital environments to/from the Internet and denies passage if things look suspicious. Curiously, many of these firewalls are set up to only inspect and stop sketchy things coming in the door as opposed to sketchy things leaving your digital world.
What is NIST?
National Institute of Standards and Technology, one of the US nation’s oldest physical science laboratories focused on advancing measurement science, standards, and technology; that includes setting cybersecurity, privacy, and risk guidelines and standards in the USA. Omnistruct believes the NIST Cybersecurity Framework will become the standard for measuring business cybersecurity in the USA.
What is a VPN?
Virtual Private Network… In English, it simply means you have a piece of software, or an entire network, that when VPN is running, makes sure that everything you send or receive to your device (ie: computer or smartphone) across the internet is done so in a really, really, really hard to decode version of computer “Pig Latin” just in case a hacker has tapped into the wired or wireless you are using for internet service.
What is a Wifi Pineapple?
A Wi-Fi Pineapple is a portable device originally designed to help defend against cyberattacks but is now being used as a tool to commit cyber crimes such as Man-in-the-Middle attacks. The tool works by allowing cyber criminals to steal data shared on public Wi-Fi networks. That is why it is always recommended to never share private information on a publicly-accessible Wi-Fi network.
What is a White Hat Hacker?
A White Hat hacker is a term applied to computer security experts who employ ethical hacking techniques such as penetration testing (simulated cyberattacks) to suss out the vulnerabilities in an information system. They are the “good guys” to the Black Hat Hackers “bad guys.”