No matter how many security software tools a company has, their best line of defense will always be educated employees. As most security incidents originate from employee errors, an informed and alert workforce can protect organizations from the ever-growing list of cybersecurity threats.
However, given the complex technical nature of the subject, cybersecurity can be daunting for even the most tech-savvy employees. The list below contains the critical cybersecurity terms all employees should know.
1. Backdoor: A secret digital entry that hackers can use to access software or hardware. Backdoors allow hackers to gain access into a system undetected and do a variety of damage, such as installing malware or accessing private data. Often, backdoors are created by system admins so they can quickly make edits to code. Unfortunately, cybercriminals prefer them because they provide quick and undetectable access to networks.
2. Brute Force Attack: This is a cyber-attack where hackers try to force their way into accounts by trying as many passwords as possible. There are many software programs that let even novice computer users hack accounts by inputting 1000’s of passwords per second into login credentials. These programs have billions of combinations of frequently-used words, numbers, and phrases, which enable the attacker to try an almost endless list of password combinations. A secure password is the best defense as it can extend the time it takes to hack accounts from a few seconds to thousands of years.
3. BYOD: This acronym stands for “Bring Your Own Device.” It refers to the growing trend of employees utilizing their personal devices (laptops, tablets, smartphones, USB drives, etc.) at work. This is part of the larger trend that is often referred to as “Shadow IT” or the “Consumerization of IT.” BYOD poses a variety of security risks and challenges for most organizations. For one, they enable employees to access and/or transfer company information, data, and systems to their personal devices. Secondly, they open-up an organization to host of vulnerabilities as user devices may be corrupted with malware and other security risks.
4. DDoS Attack: DDos is short for “Distributed Denial-of-Service,” which is a cyber-attack that uses many hacked computer systems to attack a target and knock it offline. A hacker, or group of hackers, will use malware to gain access to a host of machines that will then flood a website’s server with so much traffic that it makes it impossible for people to load the page, thus effectively taking it offline.
5. Malware: Malware is short for malicious software. It’s a broad term that encompasses any software that is created to harm. This can include, but is not limited to: adware, botnets, keyloggers, spyware, trojans, and viruses.
6. Password Manager: A password manager is a software application that generates and stores strong passwords. The power of password managers is that they can store an infinite number of strong, secure passwords; something that is impossible for humans to do. Password managers require you to create a single master password that is used to access all the secure passwords you have stored.
7. Phishing: Phishing is an attempt by hackers to get people to turn over personal data, often usernames and passwords, by posing as a legitimate entity. The attackers will use credentials, email accounts, names, and designs to mimic actual people and institutions. When successful, they convince users to provide them with the information they request, usually by clicking a link and voluntarily entering in the requested information. Most of the time hackers cast a wide net and use this tactic against a larger number of potential victims. In certain cases, referred to as “spear phishing,” they will go after specific individuals.
8. Ransomware: Ransomware is a form of malware that prevents users from accessing their systems until they pay a ransom. This new and popular modern form of attack usually involves a hacker using software that encrypts all the files on your system with only a private key that only the hacker knows. The hacker will deny access to the system until they receive the ransom payment, which is usually remitted with the anonymous cryptocurrency Bitcoin.
9. Social Engineering: This sneak attack is when cybercriminals create profiles, targeted fake emails, and other devious schemes to trick you into giving them the information they want. They will use open-source information to pretend to be a relative, co-worker, or friend they think you would provide information to under the right circumstances. Many times, they’ll pretend to be someone you’re familiar with and send you an urgent request to provide them details to help in an emergency. As such, it’s critical to pay attention to all the online communications you receive. When in doubt, never click on suspicious links or provide personal or company data; it’s always easy to call someone to see if they’ve emailed you.
10. Two-Factor Authentication: Also known as 2-FA or multi-factor, this process requires users to enter two different forms of authentication to access an account. The additional level of security makes it more difficult for hackers to access accounts as they need more than just a password. The most common form of 2-FA is to receive codes via text message, but it can also include additional software and hardware options.
About the Author
Ryan is a Senior Manager for the New York-based password manager Dashlane.
Dashlane makes identity management and online checkouts simple with its password manager and digital wallet. Users can securely manage their password, credit cards, IDs, and other important information via advanced encryption and local storage. The company has over 8 million users in 150 countries, and has been won critical acclaim from top publications, including: The New York Times, The Wall Street Journal, and USA Today.
Dashlane Business, the company’s enterprise offering, is trusted by 7,000+ companies to create, enforce, and track effective access management, and features the only patented security architecture in the industry.
Prior to Dashlane, Ryan worked for Fab.com and helped develop it into the fastest growing e-commerce site in the world. Before entering the world of technology, he managed a US congressional campaign in his hometown of Dallas, Texas. Ryan has also published two books on college admissions, and has degrees from Columbia and Georgetown.
Outside of Dashlane he enjoys Latin American cuisine and producing music.