View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Busting cybersecurity jargon: 20 need-to-know terms to protect your enterprise

Laurance Dine, Managing Principal at Verizon Enterprise Solutions, goes from detection deficits to VERIS in this guide to cybersecurity jargon.

By Ellie Burns

Do you know what a detection deficit is? Do you know the difference between a malware and crimeware? These cybersecurity terms might not mean much to you now, but when your enterprise organization is faced with a potential data breach (and it’s typically not a matter of if you get breached, but when), you will want to be able to understand what’s going on.

To help, here are 20 key cybersecurity terms that you should know to secure your enterprise systems.

Detection deficit – Time it takes to discover a breach from the time of compromise.

Malware – Categorical term for various forms of malicious software designed to damage or access computers without knowledge of the owner.

Crimeware – A specific classification of malware designed for the sole purpose of conducting illegal activity.

RAM-scraping malware – Memory-scraping malware that helps attackers find sensitive data that isn’t available through other processes.

Keylogger malware – This malware installs as a result of clicking when browsing the web or downloading software. Once installed, it tracks all of the user’s keystrokes and sends that information to a remote service. This may include logins, emails and anything else typed in to the keyboard.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Exploit kits – Think of it as a pre-packaged cyberattack for dummies. Varying in complexity and targeted vulnerability the key characteristic is the easy-to-use nature of the kit. Unsophisticated attackers who lack expertise in IT or cybersecurity will typically find a user-friendly interface to initiate and manage the attack.

CVE – Common Vulnerabilities and Exposures is a dictionary of publicly known information about security vulnerabilities and exposures.

CVSS – Common Vulnerability Scoring System is designed to provide an open and standardized method for rating IT vulnerabilities.

JBOH – Java-Script-Binding-Over-HTTP, which enables an attacker to execute code remotely on Android devices that have affected apps.

IDS or IPS – Intrusion Detection Systems or Intrusion Prevention Systems may come in the form of a software application or device used to monitor a specific system or network for signs of malicious activities.

VERIS – Vocabulary for Event Recording and Incident Sharing is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner.

POS intrusions -Point-of-sale intrusions are attacks that occur on the device transacting a sale. The device may be various forms of digital cash registers used across many industries.

Payment Card Skimmers – Malicious card readers that cybercriminals place on payment terminals, ATM’s or anywhere a credit card swipe occurs to copy the data from the magnetic strip on the card.

Web App Attack – A web-based cyberattack that can take various forms but is commonly defined by its use of the https or http protocol. The attack typically targets the website’s security or performance and, in some cases, can take the entire site down.

DDoS Attack – A distributed denial-of-service attack is an attempt to make an online resource unavailable to users by overwhelming the resource with maliciously generated traffic.

Phishing – An attempt to fraudulently obtain confidential information by posing as a legitimate company, usually a financial organization, via an email message.

Cyberespionage – The act of stealing confidential information digitally stored on computers or networks within a government or organization.

Botnet – Malware infected computers grouped together to form a network and controlled remotely. These networks can be recruited by the controller in a DDoS attack or to send spam emails.

Ransomware – Malware specifically designed to block access to systems or information until a ransom is paid.

Clickfraud – The act of registering artificially inflated clicks within a pay-per-click (PPC) online advertising campaign. Clicks are typically generated through the use of a person or computer program.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.