Glossary

Cybersecurity Glossary of Terms

The world of Cybersecurity is full of terms acronyms that that can be difficult to keep track of. We created this growing list of terms of the most commonly used cybersecurity terminology

  • Adware

    Adware is software that automatically displays or downloads advertising material (often unwanted) when a user is online.
  • Artificial Intelligence (AI)

    Artificial Intelligence is the reproduction and demonstration of natural human intellect through machines.
  • Computer Network Defense (CND)

    Computer Network Defense is a form of cybersecurity that secures the military and government computer systems.
  • Data Loss Prevention (DLP)

    Data loss prevention is the process of installing software and implementing processes to monitor, verify, and protect data.
  • Distributed Denial of Service (DDoS) Attack

    denial-of-service attack occurs when a cyber criminal makes a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
  • Endpoint Detection and Response (EDR)

    Endpoint detection and response is technology that continuously responds to cyber threats by monitoring endpoint and network events.
  • Enterprise Resource Planning (ERP)

    Enterprise resource planning is the integrated management of main business processes, often in real-time and mediated by software and technology.
  • Enterprise Risk Management (ERM)

    Enterprise risk management involves the planning, organization, leading, and controlling of an organization’s activities in order to minimize security risks.
  • File Integrity Monitor (FIM)

    File integrity monitoring, or change monitoring, is a system that involves examining files for changes and logging said changes. It tracks changes, who has made those changes, what the changes are made for, and whether they were even authorized in the first place.
  • Firewall

    A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the Internet.
  • General Data Protection Regulation (GDPR)

    The General Data Protection Regulation (GDPR) is a strict set of EU regulations that governs how data should be protected for EU citizens.
  • Internet of Things (IoT)

    The Internet of Things is he interconnection via the Internet of computing devices embedded in everyday objects, enabling them to send and receive data.
  • Intrusion Detection and Prevention Systems (IDPS)

    IDS and IPS systems are two parts of network infrastructure that detect and prevent intrusions by hackers. Both systems compare network traffic and packets against a database of cyber threats.
  • Local Area Network (LAN)

    A computer network that links devices within a building or group of adjacent buildings.
  • Malware

    Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. A wide variety of types of malware exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, and scareware.
  • Machine Learning (ML)

    Machine learning is the study of computer algorithms that improve automatically through experience. It is seen as a subset of artificial intelligence.
  • Managed Detection Response (MDR)

    Managed Detection and Response (MDR) is an advanced managed security service that provides threat intelligence, threat hunting, security monitoring, incident analysis, and incident response.
  • Managed Security Services Provider (MSSP)

    Managed Security Services Provider is an individual agency that provides IT security services to existing companies.
  • Managed Services

    Managed services is the practice of outsourcing the responsibility for maintaining, and anticipating need for, a range of processes and functions in order to improve operations and cut expenses.
  • Phishing

    Phishing traditionally refers to the practice of sending out fraudulent emails in order to get an individual to reveal personal information, such as passwords or credit card information.
  • Pen Testing

    A pen test, also known as penetration testing, is a pre-authorized cyberattack on a computer system that is performed to evaluate the security of the system.
  • Public Key Infrastructure (PKI)

    A public key infrastructure is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.
  • Ransomware

    Ransomware refers to a kind of malicious software that blocks access to a computer until a certain amount of money is paid to the cyber criminal.
  • Security Operations Center (SOC)

    A security operations center is an information security team that is dedicated to monitoring and mitigating security issues.
  • Security Information and Event Management (SIEM)

    Security Information and Event Management is used to collect data that is relevant to security analysts and operatives. A SIEM platform collates this data and stores it in a standardized format.
  • Security Orchestration, Automation and Response (SOAR)

    SOAR is Security Orchestration, Automation and Response. SOAR assists security operatives in managing the ever increasing number of security alerts. SOAR platforms orchestrate various security solutions and translate data to be accessed and stored more easily.
  • Supervisory Control and Data Acquisition (SCADA)

    Supervisory control and data acquisition is a control system architecture comprising computers, networked data communications and graphical user interfaces for high-level process supervisory management.
  • Software-as-a-Service (SaaS)

    Software as a Service is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.
  • Security Incident Response Plan

    security incident response plan sets out steps for how to counteract a cybersecurity attack or data breach.
  • Spear Phishing

    Spear Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication.
  • Multi-Factor Authentication (MFA)

    Multi-factor authentication is an additional level of security that requires users to present two pieces of information to log in to a program.
  • User Behavior Analytics/Entity Behavior Analytics (UBA/UEBA)

    User Behavior Analytics are cybersecurity processes about detection of insider threats, targeted attacks, and financial fraud.
  • Virtual Private Network (VPN)

    A virtual private network extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.

A Security “Team of One” Seeks Help from BitLyft

Staying up-to-date with the latest cybersecurity policies and procedures is a challenge for many organizations. Add in an extra layer of industry-specific compliance standards and the average IT department’s job becomes even more complex. For organizations in the utility and energy space, cybersecurity is a critical component to getting the job done right and ensuring the safety of our utility infrastructure. BitLyft Cybersecurity protects the energy and utility providers with increased visibility, detection, and response to their environment. To learn more about how BitLyft can protect your organization

What Our Partners Say About BitLyft

“Before we had BitLyft helping us, we would spend hours with multiple departments working on each individual account compromise. With the help of BitLyft, we’ve been able to come up with a process that has narrowed that down to reaction before the compromise even happens.”

Director of Infrastructure Operations,
Higher Education

What Our Partners Say About BitLyft

"At the end of the day, it's IT's job to enhance the business, so we can spend our time making the business more profitable instead of worrying about if we're compromised or if there is a breach somewhere we don't know about, is incredibly valuable."

IT Director,
Manufacturing

What Our Partners Say About BitLyft

"When we had the issue where we discovered suspicious network activitiy we called BitLyft and they were here. I don't think we would have gotten this level of service from any other resource."

General Manager,
Critical Infrastructure
Disclaimer - Why you don’t see customer logos or specific names:
Most websites will list the logos of their clients to help sell their products and services. We don’t believe in using our customers' logos to easily inform threat actors about your tech stack. Your privacy and security matters, even in our marketing. If you’re interested in learning about who we work with, let’s start a conversation.