While a cybersecurity program is important to protect your company’s devices, apps and data, it’s worth your while to first understand the language of cybersecurity (and the IT industry in general).
This blog post provides a list of the top cybersecurity terms to help you better understand the industry. Some of them might be obvious, as they’ve been in use for some time; others, perhaps not so much.
Here we go:
Zero Standing Privilege
A strategy to improve cybersecurity by removing standing privileges to accounts that have administrative rights associated with them. The existence of such accounts carries significant risk because the persistence of elevated privileges increases the attack surface for bad actors to exploit.
Zero Trust Model
A network security philosophy affirming that no individual, app or device, whether inside or outside the network, should be trusted. Zero trust assumes that every attempt to access the network or an application is a threat, and the only trust is in the processes used to establish identity before the network or applications can be accessed.
Privilege Access Management (PAM)
A system that assigns higher permission levels to accounts with access to critical resources and admin-level controls.
A subset of Identity and Access Management (IAM), or the set of tools and processes that authorize and authenticate users, PAM defines and controls who or what has the authority to make changes to a network or device. PAM also establishes policies and practices to ensure the security of sensitive data and administrative accounts.
A strategy that involves the implementation of security early in the application development life cycle to minimize potential vulnerabilities. DevSecOps stands for Development, Security, and Operations, and it’s an approach to culture, automation and platform design that integrates security as a shared responsibility throughout the entire software development lifecycle (SDLC).
DevSecOps highlights the need to invite security teams and partners at the outset of development initiatives to determine risk tolerance, conduct a risk/benefit analysis, set a plan for security automation, and help developers code with security in mind,
Incident Response (IR) + Disaster Recovery (DR) = Data Loss Protection
A strategy of using software to detect and protect against instances of data loss, destruction and unauthorized access. Data loss prevention leverages technology that automatically discovers and controls sensitive data.
Incident response (IR) is a systematic approach to addressing and managing the aftermath of a security breach or cyberattack. The goal is to limit damage and reduce recovery time and costs.
Similar to IR, disaster recovery (DR) is responding to and recovering from a negative event — which could be a cyberattack. The goal of DR methods is to enable the organization to regain access to and use of critical IT infrastructure as soon as possible after the event occurs.
Security Information and Event Management (SIEM) A system that first gathers security-related information from servers, devices, networking equipment and applications, then sorts that data into categories. When a potential security issue is identified, the system can send an alert or respond in some way, enabling security teams to identify breaches or incidents in the early stages and respond before damage is done.
Infrastructure as Code
The managing and provisioning of infrastructure (networks, software, tools) through code instead of through manual processes. Configuration files are created containing infrastructure specifications, ensuring that teams can provision the same environment every time.
A software package that includes infrastructure, system tools, system libraries, dependencies, the development environment and runtime so that applications can be developed and tested separately from other computing environments. The images, hosts, runtimes, registries and orchestration platforms within containers need to be secured, making container security highly complex and subject to vulnerabilities.
A set of policies put in place to restrict access to an organization’s data, software, hardware or physical locations.
The number of all possible points, or attack vectors, where an unauthorized user can gain access to a system.
The process of confirming the identity of a user.
- Multifactor Authentication (MFA) — A security measure requiring users to provide two or more authentication factors to access an application, account or virtual private network (VPN).
- Single Sign-On (SSO) — An identification method that enables users to log in to multiple applications and websites with a single set of credentials, reducing the stress of managing multiple usernames and passwords across various accounts and services.
- OAuth2 — Also known as open authorization, a framework that lets you authorize an application to interact with another without having to reveal your password. It does this by providing access tokens to third-party services without exposing user credentials. OAuth1 has been deprecated; OAuth2 provides authorized access to application programming interfaces (APIs) and encrypts the tokens in transit, so there is no need for encryption at the end points.
A form of data security in which data is rendered unreadable to an unauthorized party. Encryption converts information to ciphertext; only authorized people who have the key can decipher the code and access the original plaintext information.
Network Access Control
Also known as network admission control, this is the process of restricting unauthorized users and devices from gaining access to a corporate or private network.
Whew! Now that you know all of these terms, what’s your next move? Are you ready to start implementing some of these strategies to strengthen your organization’s security perimeter or reduce your attack surface?
The Migus Group is a systems integrator that provides expert advice and intel on DevOps, IAM and IPAM. The Migus Group believes that the combination of software engineering, security and management consulting is a powerful one that helps build better software solutions to meet users’ needs. With over 20 years of experience in software architecture and engineering and defensive cybersecurity and over a decade of experience in digital identity and management consulting, The Migus Group has broad industry knowledge and diverse expertise that can help businesses plan and execute holistic, strategic roadmaps for integrating products with the third-party applications and platforms that customers already use.
Get in touch with our team to learn more about our custom solutions to protect your company’s devices, apps and data.
Jake Wengroff writes about technology and financial services. A former technology reporter for CBS Radio, he covers such topics as security, mobility, e-commerce and the Internet of Things.