Dictionary

A

Application Delivery Controller (ADC) ensures safe and efficient access.

Adware displays ads and may collect user data without consent.

Alert fatigue occurs with high alarm frequency.

Antivirus detects, prevents, and removes malware from devices.

An API is an interface that connects systems securely.

Arctic Wolf protects organizations from cyber threats.

Artificial general intelligence (AGI)

AGI can perform all intellectual tasks humans can.

Artificial intelligence (AI)

AI enables computers to perform human tasks.

Authentication verifies identity and secures access.

Azure is Microsoft’s cloud platform that consists of over 200 products and cloud services.

Azure Policy ensures control and compliance in cloud environments.

Azure Resource Manager

ARM enables consistent management of Azure resources with security controls.

B

Baiting lures victims with tempting offers.

Beste praksis streber etter høyest mulig sikkerhet

Bicep is Azure's native declarative language for infrastructure as code.

Biometrics enable secure authentication without passwords.

A blackhat is a hacker who attacks systems without permission.

Blue team protects systems with real-time response

Bluejacking sends unsolicited messages via Bluetooth.

Botnet are infected computers controlled by attackers.

Brute force attack

Brute force attack tests all password combinations.

Bug bounty rewards ethical hackers for vulnerability findings.

C

Carding is fraud with stolen credit card information.

CI/CD enables secure and fast code delivery through automation.

CISO as a service

CISO as a service is outsourced security leadership without hiring a CISO.

CISO-for-hire offers temporary security expertise.

CISOaaS is outsourced security leadership delivered as a flexible service.

Cloud offers scalable IT services with shared security responsibility between customer and provider.

Compliance ensures IT solutions meet legal requirements.

A computer virus is malware that infects files and systems

A computer worm is malware that spreads automatically between computers.

Conditional Access

Conditional Access provides context-based access control in Entra ID based on identity, device and risk.

Credential stuffing

Credential stuffing uses stolen usernames and passwords from attacks to gain access to new accounts.

Cyber insurance

Cyber insurance provides financial protection against cyberattacks.

Cyber Kill Chain

Cyber Kill Chain breaks down cyberattacks into seven phases.

A cyberattack is a digital assault on systems, networks, or data.

Cybersecurity protects against digital attacks.

D

Dark web requires special software for access.

A data breach is when sensitive information is exposed or stolen.

A data lake stores large amounts of data in its original form.

Data security protects information from loss, change, and exposure.

DDoS attacks paralyze servers with heavy traffic.

Decryption makes encrypted information readable again.

Deep packet inspection (DPI)

DPI analyzes and filters network traffic at a deep level.

Deep web is not indexed by search engines like Google.

DevOps combines development and operations for better collaboration.

DevSecOps means security is part of the full development process

Digital identification

Digital identification verifies identity online.

Digital security

Digital security protects systems, data, and users from cyber threats.

Digital twin security

Digital twin security protects virtual models of physical systems.

DLP (Data Loss Prevention)

DLP blocks leaks with proactive security measures.

DORA protects financial companies from digital threats.

Dumpster diving

Dumpster diving is searching through trash for sensitive information.

E

Eavesdropping attack

Eavesdropping attacks threaten data confidentiality.

Encryption protects data.

Entra ID, formerly Azure AD, provides central authentication with advanced security features.

Expert systems (AI)

Expert systems (AI) follow predefined rules.

Exploit kits exploit vulnerabilities to infect systems with malware.

F

F5 protects applications and APIs from risks and threats.

Feedback loops collect and analyze information.

FIDO2 enables authentication with security keys, biometrics, or mobile devices.

Fileless malware

Fileless malware uses system processes without files.

A firewall is a barrier between internal and external networks.

FQDN is the complete name of a computer or host.

G

GDPR gives more control over personal data.

GDPR compliance

GDPR compliance means handling personal data securely and lawfully in the EU.

GIAC certifications are highly recognized in cybersecurity.

Global Secure Access (GSA)

GSA combines network, identity, and endpoint security.

A grayhat finds vulnerabilities without permission but avoids harm.

H

Hacking is compromising digital devices and networks.

Hacktivism uses hacking for political or social goals.

Hash turns data into a fixed-length string.

Honeytoken uses fake data to reveal unauthorized access.

I

IaC provides repeatable infrastructure with potential for consistent security controls.

Identity security

Identity security protects resources with identity management, authentication, and access.

IIoT links machines to networks and introduces new risks.

IoT refers to physical devices that communicate via the internet.

IPS blocks malicious activity in real-time.

IRT handles security incidents and limits damage.

ISO/IEC27001 sets requirements for information security.

IT security is about protecting data, systems, and users.

J

Juice jacking transfers malware via USB charging stations.

K

Kerberos uses tickets for secure communication.

L

Least privilege

Least privilege means users only get access to what they truly need.

M

Machine learning (AI)

Machine learning uses data to learn and improve.

Malware is software that harms, steals, or disrupts systems.

Man-in-the-middle (MITM) attack

MITM attacks intercept or manipulate communication.

MDR protects organizations from cyber threats with technology and expertise.

Microsegmentation

Microsegmentation limits threats by dividing the network.

Microsoft is known for Windows, Office, Xbox, Azure, and Surface.

Microsoft Intune

Intune protects access and data on devices.

Multi-factor authentication (MFA)

MFA protects against unauthorized access even when passwords are compromised.

N

Network Access Control (NAC)

Network Access Control controls who and what can access a network.

Neural networks and deep learning (AI)

Neural networks and deep learning mimic brain functions.

NIS2 strengthens information security in the EU and EEA.

NSM strengthens Norway’s digital and national security.

NTLM vulnerabilities in Windows are serious and require immediate response.

O

O3 Cyber protects and enhances cloud infrastructure.

Operational technology (OT) digitally controls machines and processes.

OT security ensures the operation of critical infrastructure.