Skip to content

IT Glossary of Cyber Security Terms

In this digital age, a reality that businesses of all sizes must grapple with is cyber crime. Cyber attackers operate through a variety of pathways, perpetrating their attacks using a multiplicity of methods. To protect your business fully, it is important to understand the nature of cyber security and cyber threats in their various forms. With this knowledge, you are better equipped to evaluate whether your company is doing everything possible to defend against cyber attacks. To help elevate your cyber security literacy, we’ve compiled the following list of key cyber security terms.


Access refers to the capacity to communicate with an IT system, to use its resources to gain information about its contents, and to control its functions.

Active Attack

An active attack is one that is deliberately executed by a threat actor with an intention to alter or disrupt the targeted IT system.

Air Gap

Air gap is the process of physically separating a system from other systems or networks.

Antivirus Software

Antivirus software is a program that is used to monitor a computer for malicious code, and which prevents malware incidents by removing or neutralizing the malicious code.


Authentication is a process that facilitates verification of a user, and verification of the source of data along with its integrity.


A bot is a computer that is connected to the internet that has been compromised by malicious code and can be operated remotely by a threat actor without the owner’s knowledge.


A botnet is a group of bots that is used by a threat actor, or bot master, to carry out unauthorized activities.

Cloud Computing

Cloud computing is the delivery of on-demand computer system resources over the Internet.

Critical Infrastructure

Critical infrastructure consists of the systems and assets, both physical and virtual, that are of such vital importance to society that substantial public harm would occur if they were compromised.

Cyber Attack

A cyber attack is an attempt to gain unauthorized access to an IT system or an attempt to degrade the integrity of an IT system.

Cyber Resilience

Cyber resilience is the ability to prepare for, withstand, and recover successfully from cyber incidents.

Cyber Security

Cyber security is a blanket term that refers to all activities taken to reduce the likelihood of unauthorized access or damage to IT systems by threat actors, as well as cyber incident response and remediation strategies.

Data Breach

A data breach has occurred when an organization’s sensitive or confidential information is shared with or taken by an unauthorized party.

Data Loss

Data loss refers to the accidental deletion or misplacement of sensitive data, or the exposure of such information to an unauthorized party.

Denial of Service (DoS)

A denial of service or DoS attack occurs when a threat actor blocks authorized parties from accessing an IT system, often as precursor to bribery or extortion.

Distributed Denial of Service (DDoS)

A distributed denial of service or DDoS attack is a denial of service attack that is perpetrated by multiple systems (i.e., a botnet) at once.


Encryption is the conversion of data into a form that is not usable or understandable by unauthorized users.


Endpoint is a term used to refer to devices (e.g., laptops, mobile phones, tablets) that are connected to IT networks.

Endpoint Security

Endpoint security is the combination of security practices and solutions that are used to safeguard an organization’s endpoints from cyber attacks.


The term exploit refers to deliberate efforts to breach an IT system’s security.


A firewall is an IT network security system that limits traffic between networks based on an established set of security rules.


Hacker is a term that refers to an individual who gains unauthorized access to an IT network or attempts to gain such access.


An incident is an occurrence that adversely affects, or has the potential to adversely affect, an IT system and/or the data it contains.

Incident Response & Remediation

Incident response and remediation consists of a coordinated set of activities that contain the adverse effects of a cyber incident on a short-term basis, and restore the IT system to full capacity on a long-term basis.

Customer Relationship Management (CRM)

A customer relationship management or CRM software or application helps businesses manage relationships with current and prospective clients by organizing tasks, deadlines, and data.

Information Security Policy

An organization’s information security policy is a set of rules, instructions, and practices that together govern how the organization manages and protects information.


Data or IT system integrity is present when the data or IT system is free from unauthorized alteration, damage, or disruption.


Malware is software that is deliberately designed to disrupt or compromise the functioning of an IT system by performing unauthorized actions.

Multi-Factor Authentication (MFA)

Multi-factor authentication or MFA is an authentication process that requires the user to present at least two verification factors to gain access to an IT system or application.

Passive Attack

A passive attack is one that is deliberately executed by a threat actor with an intention to gain information from the targeted IT system, but that does not alter or disrupt the IT system.


Patches are updates to operating systems or software that strengthen security by addressing identified vulnerabilities.

Penetration Testing

Penetration testing or pen testing refers to a cyber security assessment method in which the party conducting the test attempts to locate vulnerabilities in an IT system and thereby gain unauthorized access.


Phishing is a form of social engineering perpetrated via email, in which threat actors attempt to convince email recipients to divulge sensitive information, click on malicious links, or download malicious files.

Ransomware Attack

In a ransomware attack, threat actors immobilize an organization’s IT systems by using malware to encrypt its data, holding the compromised data hostage until the organization pays a ransom.


Redundancy refers to alternate IT systems or assets that may be put into use to maintain organizational functionality if elements of the primary IT system experience failure.

Security Alert

A security alert is a notification that a cyber attack was detected, or that a cyber attack was directed toward an organization’s IT systems.

Security Information Event Management (SIEM)

Security Information Event Management or SIEM is a cyber security solution that involves real-time activity monitoring and analysis, which allows a company to identify cyber threats before they can adversely affect the company’s IT systems.

Social Engineering

Social engineering is a broad term that refers to any attempt to gain unauthorized access to an IT system by psychologically manipulating authorized users into sharing credentials, or into unknowingly downloading malicious code by clicking on links or downloading files.


Spoofing is impersonating another party in email or other communications to gain unauthorized access to an IT system.


Spyware is software that is surreptitiously installed in an IT system, which is used to gather information on users’ activities.

Threat Actor

A threat actor is a person or group that perpetuates or intends to perpetrate cyber attacks.

Trojan Horse

A trojan horse is software that outwardly seems benign or useful, but that contains malicious code.

Unauthorized Access

Unauthorized access refers to any access to an IT system that is gained by circumventing its security mechanisms or otherwise violating the system’s security policies.


A virus is a form of malware that self-replicates and spreads to other devices, causing damage to software and data.


A vulnerability is a characteristic of an IT system or security procedures that creates susceptibility to exploitation by cyber attackers.

Vulnerability Scan

A vulnerability scan is a solution that is used to identify potential areas of weakness within an organization’s IT system that need to be addressed to improve its resilience to cyber threats.


A worm is similar to a virus, in that it can self-replicate and spread to other computers through vulnerabilities it identifies; unlike a virus, a worm can operate independently of a host computer.

As you probably recognized while reviewing this list, there is quite a bit to know about cyber security! When you are well versed in the cyber security lexicon, it becomes easier to identify gaps in your cyber security profile along with the corresponding steps your business could take to increase your cyber resilience.

NexusTek can assist with filling the holes in your company’s cyber security profile, with a range of plans to address your specific needs. Whether it’s cyber security awareness training for employees, proactive threat monitoring, or incident response support, we’ve got your cyber security needs covered.

Do You Have Questions About Your Company’s Cyber Security Needs?