An SMB's Glossary of Basic Cyber Security Terminology

Summary: This 3-minute article introduces basic cyber security terminology for small to midsized businesses. These basic cyber security terms will help an SMB owner understand and discuss cyber threats with IT experts. Contact DIGIGUARD CYBER SECURITY at 833-33-CYBER (833-332-9237) or visit www.DIGIGUARDsecurity.com to schedule a cyber risk analysis and discuss the best cyber protection possible for your small to midsized business.

Owners of small to midsized businesses are expected to have a certain level of expertise in the product or service their company provides. However, they are not necessarily versed in cyber security terminology related to protecting their networks, websites, and endpoint devices. With the increase in our remote access workforce, cybercriminals have targeted SMBs more than ever. Hackers consider smaller businesses to be the “low hanging fruit” of their target landscape, ripe for cyberattacks because they have the false belief that cybercriminals won’t be interested in them. Even worse, 60% of all SMBs go out of business within six months after a cyberattack.

There is a large volume of terminology related to cyber security. As a result, there are many cyber security definitions business owners need not know. However, to protect your business’s hard-earned data, there are some security terms you need to know.

A Brief Cyber Security Glossary

• Virus – A virus is any malicious code that alters the operation of a computer.
• Phishing – A phishing attack (sometimes called “Spoofing)” is when a hacker poses as someone the user knows or a trusted source in an email, text or phone call to trick the user into sharing private or sensitive data. Cyber thieves have become skilled in presenting an appearance or domain name that looks legitimate at first glance.
  • IP Spoofing – a type of phishing attack in which the hacker modifies a source address of a header to disguise the sender’s identity and or launch a Distributed Denial of Service or DDoS attack.
  • Anti-Phishing – Refers to any security methods used to block phishing attacks. In addition, to the software required, anti-phishing must be addressed at the user level by teaching all employees cyber security awareness training. It is essential for all your company’s users to be on the same page and adopt the mantra, “Think before you click!”
• Encryption – Encryption is a process used for encoding data or converting it to secret codes that may only be deciphered and read by authorized recipients.
• Malware – Malware is short for malicious software. Malicious software is as threatening as it sounds. It is specifically designed to enable unauthorized access to or cause disruptive damage to a computer system.
• Ransomware – Ransomware is malware that encrypts files, making them inaccessible to users. Once encrypted, the hacker holds the data hostage until a ransom is paid. Responding to such an attack requires the participation and expertise of IT experts.
• Firewall – A firewall is one of the many layers of cyber security on a network used to block and filter out unauthorized parties from gaining access to your private data stored on your devices. Note: A firewall alone is no longer sufficient to ensure your data is safe. It is just one of many protections which should be installed on a network.
• Data Breach – Any unauthorized access to any data is considered a data breach.
• DoS and DDoS Attacks – DoS or Denial of Service is a hack in which a website is flooded with malicious traffic causing it to slow down or malfunction, causing the website to become unavailable to legitimate visitors. This attack could manifest as a slow connection and eventually cause the website to go down completely.
  • DDoS Attack – A Distributed Denial of Service is when cybercriminals use multiple computers to launch the attack, thereby increasing the magnitude of the illicit traffic.
• Spyware – Spyware is malware created to secretly collect private data about an individual or company to sell to a third party.
• Bots and Botnets – Botnets are networks of computers that have been taken control of by a single attacker. Bots are individual infected machines that are part of a botnet.
• VPNs – (Virtual Private Networks) – VPNs are encrypted internet connections that use “tunneling technology” to create a private network within your network. VPNs hide the IP address and location of your network and your online activities.

Understanding some basic cyber security terms is essential to operating any SMB as online security has become a top priority for every business. Cybercriminals have pushed the workplace toward a position of Zero Trust.

What is Zero Trust?

Zero Trust is an approach used by companies that allows the restriction of networks and applications from a position of trusting nothing. Zero trust aims to create restrictions and protections to block unauthorized access while permitting authorized users unhindered access. Zero trust means just what it says, “Don’t trust anyone or anything.”

In the current cyber threat climate, SMBs must focus more on cyber security as one of their top-line items. IT experts can help you prevent or reduce the incidence of costly social engineering cyberattacks. Professional IT security consulting is the best way to ensure you have the proper layers of cyber security in place to protect your SMB. They can perform a cyber risk assessment to see what action needs to be taken to protect your business data better. The most prolific hackers can eventually breach most cyber protections with enough time and resources. However, with robust cyber security in place, cyberattacks of all kinds can be spotted early, mitigated and contained before data is breached and extensive damage is done to your business network and all its endpoint devices.

Unfortunately, cyber protection against hacks has become too complex for amateurs. Many essential considerations are far beyond the expertise of the most tech-savvy users. Professional IT security consulting is the best way to protect your business fully. In addition, IT pros can help you devise a detailed cyber incident response plan.

DIGIGUARD Cyber Security is an IT security service specializing in cyber threat protection for small to midsized companies. In addition, DIGIGUARD can provide your SMB with powerful layers of security, making it more difficult for hackers to access your network. Therefore, your company’s data will be safer and less likely to be breached in the face of our expanding mobile work environment. Furthermore, DIGIGUARD can assess your cyber vulnerability and work with you to ensure you have the best network and data protection solutions for your business.

Contact DIGIGUARD CYBER SECURITY at 833-33-CYBER (833-332-9237) or visit www.DIGIGUARDsecurity.com to explore prevention strategies to guard against deadly cyberattacks and other cyber defense strategies and protocols to best protect your SMB’s hard-earned data.