Staying cyber resilient is so important to your business and yet, the terminology can be rather intimidating. At Police CyberAlarm we are fully committed to making all things cyber-related more digestible for small businesses so that they are better armed with the knowledge to effectively protect company assets.

To get you started, below is a list of the most frequently used and essential cyber terms and what they mean, helping you to navigate the complexities of cyber threats and defences. Thus, ensuring your business’s digital safety.

2FA or MFA– Two-factor or multi-factor authentication requires the user to provide two or more verification factors to gain access to an account.For example, using a username/password but also a one-time passcode by text message.

Anti-virus - Software that is designed to detect, stop and remove viruses and other kinds of malicious software.

Breach/data breach - An incident in which data, computer systems or networks are accessed or affected in a non-authorised way.

BOTNET – A group of computers or devices which have been infected by malware and have come under the control of a malicious actor. Used to perform Distributed Denial-of-Service attacks, steal data, send spam, and allow the attacker to access the device and its connection.

DDoS (Distributed Denial-of-Service attacks) – A malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

Encryption - A mathematical function that protects information by making it unreadable except for those with the key to decode it.

Firewall - A firewall is a network security device that monitors traffic to or from your network. It allows or blocks traffic based on a defined set of security rules (see also Ports). IDS (Intrusion Detection System) – A monitoring system that detects suspicious activities and generates alerts.

IPS (Intrusion Protection system) - A security tool that continuously monitors a network for malicious activity and takes action to prevent it.

Malware - Malicious software is a term that includes viruses, trojans, worms or any code or content that could have an adverse impact on devices if infected.

Patching - Applying updates to firmware or software to improve security and/or enhance functionality.

Phishing - A cybercrime in which a target(s) is contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

Ports – Part of the transport protocol for network data, helping computers sort the traffic they receive. Each port is associated with a particular type of traffic. For example, Port 25 for email, Port 80 for web traffic, Port 3389 Remote Desktop Protocol. Firewalls monitor and block traffic using the wrong ports.

Ransomware - Malicious software that makes data or systems unusable until the victim makes a payment.

Router – Hardware devices used to direct and route traffic around a network.

Smishing - Phishing via SMS: mass text messages sent to users asking for sensitive information (e.g. bank details) or encouraging them to visit a fake website.

Social engineering - Manipulating people into carrying out specific actions, or divulging information, that's of use to an attacker.

Spyware - Atype of malware designed to collect and steal sensitive information without the victim’s knowledge. Trojans, adware and system monitors are different types of spyware. Spyware monitors and stores the victim’s internet activity (keystrokes, browser history, etc.) and can also harvest usernames, passwords, financial information and more. It can also send this confidential data to servers operated by cyber criminals so it can be used in consequent cyberattacks.

Virus – Malicious software that spreads between computers and networks infecting software and systems a form of malware (A “Worm” virus can self-replicate and spread across networks and computers).

VPN – A virtual private network (VPN) is a secure network connection, that encrypts all traffic between two endpoints or devices, often created to allow secure connections for remote users or for an organisation with offices in multiple locations.

Vulnerability - A weakness, or flaw, in software, a system or process. An attacker may seek to exploit a vulnerability to gain unauthorised access to a system.

WAP - Wireless Access Points (WAPs)emit a wireless signal, in order to extend the wireless coverage of an existing network and router, for example WiFi Hotspots that you find in public areas such as cafes, restaurants and libraries. .

If you would like to find out more about receiving regular security updates and reports to help you gain a better understanding of current threats, register on our website: https://nationalcrcgroup.co.uk/regional-centres/