As you read or listen to the news about the increase in cybercrime—or as you evaluate your organization’s cybersecurity posture–you may come across some unfamiliar terminology. While you do not have to become a cybersecurity expert, having at least a basic knowledge of cybersecurity terms can be an advantage in today’s cybersecurity ecosystem.
Read on to learn more about some of the cybersecurity terms that you have likely come across.
5 Cybersecurity Terms You Should Know
1.Blockchain is the technology that makes digital currencies like Bitcoin possible. Blockchain is a continuous record of cryptographically encrypted transactions that are duplicated and distributed across a network. Individual records are referred to as blocks, and when combined, they form a chain. Each transaction is timestamped, which allows those with access to confirm individual transactions. First created in 2008, blockchain technology can be used for other applications where a secure ledger of transactions is required.
The creation of blockchain and the emergence of cryptocurrencies has spurred an increase in ransomware. Since blockchain technology is exceptionally secure, cryptocurrencies make it easier for cybercriminals to evade law enforcement.
2. Domain Spoofing is a form of phishing in which cybercriminals impersonate a legitimate source to gain access to a secure system. The criminals employ false domains that appear legitimate to trick users into divulging details to allow hackers to access a secure network. FINRA recently shared a warning about bad actors sending out emails with fake domains that look legitimate but were not.
3. Data Exfiltration is the illicit transfer of data from within an organization’s systems to an external location. This transfer can be completed via hacking, phishing, other social engineering tactics, malware, or even a USB device. Frequently, organizations never even become aware that sensitive data has been exposed or later learn due to ransomware or other cyberattacks.
Cybercriminals are increasingly using data exfiltration as a tactic to pressure victims into complying with ransom demands by threatening to publicly release sensitive data, like proprietary information or confidential client data. Even enterprises with a robust data backup and recovery system could feel pressured to pay to keep sensitive data from being made public. The best defense is to not become a victim in the first place by implementing a strong cybersecurity posture.
4. Pen Test, or penetration testing, is a cybersecurity evaluation method performed by cybersecurity professionals to determine the effectiveness of an organization’s cybersecurity protections. A pen test is an advanced form of security assessment that looks for flaws very much in the same way that hackers do, but with the expressed purpose of strengthening an organization’s network. Coretelligent offers penetration testing as a service to clients utilizing CoreArmor.
5. RaaS, or Ransomware as a Service, is a business model in which a criminal group creates and leases malware to other cybercriminals who then use it to hack a victim organization’s data, encrypt that data and demand a ransom. The ransomers pay for the use of the malware, just like a legitimate business might pay for a subscription to use Salesforce, Microsoft, or Amazon Web Services.
Led by world-class technology experts, Coretelligent offers best-in-class services covering a full range of technology needs: 360 Support, Unified Cloud Management, CoreBDR, and CoreArmor. Top-tier organizations in the financial services, life sciences, technology, legal, and professional services sectors rely on Coretelligent to maximize their technology return on investment.