In case you are new to the world of cybersecurity and are struggling to learn or understand some of the new terms you are hearing, don’t worry, we’re here to help! Some concepts have been around for years, but many are gaining traction right now due to high-profile data breaches, advances in cyber technology, and more sophisticated hackers. At Ostendio we are fluent in the language of cybersecurity experts. Here are the top 16 terms we’re hearing from our customers right now.
CMM |
Capability Maturity Model - a methodology used to develop and refine an organization's software development process. |
Credential Stuffing |
A type of cybersecurity breach which allows hackers to take information from a previous breach to gain access to other accounts |
Cyber Hygiene |
Performing basic tasks to protect digital assets. For example, use strong passwords, do not write them down for others to see, and change them frequently. Validate the sender before clicking on links/URLs within email or text messages. Do not send a Social Security number or bank account number to another person via email. |
Cybersecurity |
The state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this |
Data Breach |
A security incident in which information is accessed without authorization |
Data Mining |
The practice of examining large databases in order to generate new information |
Data Governance |
The overall management of the availability, usability, integrity and security of data used in an enterprise. |
Honeypot |
A decoy computer system for trapping hackers or tracking unconventional or new hacking methods |
Insider Threat |
A malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. |
Integrated Risk Management |
A set of practices and processes supported by a risk-aware culture and enabling technologies, that improves decision making and performance through an integrated view of how well an organization manages its unique set of risks. |
Malware |
Software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system |
MyVCM |
My Virtual Compliance Manager - our platform that’s helping customers build, operate and showcase compliance to over 100 standards globally. |
Phishing |
The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers |
SCF |
Secure Controls Framework - a series of documented processes used to define policies and procedures around the implementation and ongoing management of information security controls in an enterprise environment. |
Spoofing |
When a hacker impersonates another device or user on a network in order to steal data, spread malware, or bypass access controls. |
Spyware |
Software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive. |
There are also a lot of standards and regulations that we cover with MyVCM. Some of the more popular ones are:
Have you heard any terms that I’ve missed? Drop me a note and share your favorite cybersecurity phrases. And if you have any questions about how we help companies with their cybersecurity programs, or where to start on your cybersecurity journey, I’m happy to help! You can contact me at cmassei@ostendio.com or schedule an Ostendio MyVCM demo here.