Cybersecurity Glossary

To implement effective cybersecurity solutions built for the digital world, it’s important to understand common industry concepts and definitions. This glossary provides you with cybersecurity terms to be aware of as you look to protect your organization against cyber threats.

MX record

A mail exchange (MX) record exists within your DNS (Domain Name System) and is responsible for the delivery of emails to your email server. The MX record establishes which mail server to route emails to on behalf of a domain. MX records are an important security vulnerability with traditional email security solutions. Secure email gateways (SEGs) require you to update your MX records to match that of the SEG. Because MX records are publicly visible, this alerts cybercriminals to the type of email security you are using—making you more vulnerable to a bypass attempt by hackers.

Natural Language Processing

Natural Language Processing (NLP) is a field of computer science that uses Machine Learning to teach computers to process and understand human language. Natural Language Processing analyzes text and is used in cybersecurity to detect threats. NLP algorithms can identify the urgent language used in social engineering attempts, as well as the flag words and phrasing typically used in spear-phishing attacks, also known as business email compromise (BEC).

Network Vector Rendering (NVR)

Network vector rendering (NVR) is a type of remote browser isolation (RBI) that leverages Skia, the graphics library that works across many browsers, hardware, and software platforms. Unlike pixel pushing or DOM reconstruction, NVR streams Skia commands—rather than website code—to the user’s local device. While less costly than some pixel pushing solutions, NVR leaves the risk of exposure to cyberthreats as it uses partial web isolation.

On-path browser attack

Also known as a man-in-the-browser (MiTB) attack, an on-path browser attack deploys a Trojan Horse to capture and manipulate calls made from the browser to its security mechanisms. MiTB attacks most commonly facilitate financial fraud without alerting the user to nefarious activity.

Patch management

Patch management is an essential part of any cybersecurity strategy and involves running regularly scheduled system updates—or patches—to address vulnerabilities or new cybersecurity threats. Automated patch management software streamlines this process by automatically updating the software on a regular cadence to reduce down time and ensure organizations have the most updated cybersecurity protection available.

Personally identifiable information (PII)

Personally identifiable information, or PII, is information that can be used to identify an individual. PII can include direct identifiers, such as passport information, driver’s license information, or birth certificates, or it can be made up of a variety of indirect identifiers, such as race, occupation, and location. In the wake of increasing cyberattacks that have jeopardized countless individuals’ sensitive information, measures have been put in place to ensure PII is being safely protected and secured in order to keep identities confidential and secure.

Petya

Petya is a type of ransomware that spreads through phishing emails and infects the master boot record of Microsoft Windows-based devices. A user that clicks a malicious link containing Petya ransomware enables the virus to overwrite the master boot record in order to encrypt the user’s hard drive. Once encrypted, users are required to enter an encryption key, typically obtained for a ransom, in order to retrieve their data. After Petya first emerged in 2016, a new variant surfaced called NotPetya, which made headlines for crippling business operations worldwide. Unlike the original form of the virus, NotPetya uses several propagation techniques to quickly spread within and across networks. In order to protect your organization against Petya and its variants, it’s important to educate your employees on phishing email detection to avoid potential compromise.

Pharming

Pharming is a type of cyberattack that redirects users away from a trusted website to a fraudulent one. Through malicious code already embedded on a user’s device, pharming pushes website traffic towards fake sites, where users provide sensitive information for cybercriminals to harvest.

Similar to phishing attacks, a pharming cyberattack relies on a user not knowing that they’ve been redirected to an illegitimate site so that they freely provide personally identifiable information (PII) or login credentials without realizing foul play. As is the case with many cyberattacks, pharming prevention starts with familiarizing your employees with suspicious-looking emails and websites so that they can detect pharming attempts before handing over sensitive information.

Phishing

Phishing is the most common form of social engineering carried out by email. Unlike cyberattacks on systems and software, it requires little to no hacking expertise, making it a quick and easy way for cybercriminals to get access to a business’s most sensitive data.

Read more ›
Phishing awareness training

Phishing awareness training works to educate employees on how to detect, prevent, and report phishing attempts in order to protect themselves and their organization. Through computer-based training, simulated phishing exercises, and classroom-style training, phishing awareness training sheds light on how cybercriminals operate, and ensures that when employees are faced with a real phishing attempt, they’re able to detect it before any harm is done. Phishing awareness training is crucial for organizations that need their employees to know the telltale signs of a phishing attempt, and should be carried out on a regular basis to ensure individuals know how to prevent phishing attacks.

Ready to choose Vade for M365?