The A-Z of all things Cyber

B

Backdoor
A backdoor is used to describe a hidden method of bypassing security to gain access to a restricted part of a computer system.

Backup
To make a copy of data stored on a computer or server to reduce the potential impact of failure or loss.

Baiting
Online baiting involves enticing a victim with an incentive.

BEC attacks
Business Email Compromise attacks (also see Whaling)

Behaviour Monitoring
Recording the events and activities of a system and its users to ensure they comply with security policy.

Bitcoin
A cryptocurrency, a form of electronic money.

Black Hat Hacking
A person who attempts to find vulnerabilities and exploit them for personal financial gain or other malicious reasons.

Blacklist
A security mechanism that prohibits the execution of programs on a known malicious or undesired list of software.

Blended attack
A form of cyber attack that is made up of multiple attack vectors. Such attacks often cause severe damage to the intended victim.

Bluetooth
Bluetooth is a wireless technology for exchanging data over short distances.

Bot
A software application that runs automated tasks over the Internet.

Botnet
A botnet is a collection of internet-connected devices, which may include PCs, servers and mobile devices that are infected and controlled by a common type of malware.

Bring your own device (BYOD)
The policy of permitting employees to bring personally owned devices to their workplace, and to use those devices to access privileged company information and applications.

Broadband
High-speed data transmission system where the communications circuit is shared between multiple users.

Browser
A browser is software that is used to access the internet. The most popular web browsers are Chrome, Firefox, Safari, Internet Explorer, and Edge.

Browser Hijack
A form of unwanted software that modifies a web browser's settings without a user's permission, to inject unwanted advertising into the user's browser.

Brute Force Attack
An attacker using trial and error in order to hopefully guess your password or passphrase.

Bug
A bug refers to an error, fault or flaw in a computer program that may cause it to unexpectedly quit or behave in an unintended manner.

Business Continuity Planning (BCP)
A plan to help ensure that business processes can continue during a time of emergency or disaster. Also see Incident Response planning.

Byte
A unit of digital information that most commonly consists of eight bits, representing a binary number.

C 

CAPTCHA
A test to determine whether the user is a human.

Ciphertext
The unintelligible data created as a result of encryption.

Clickjacking
A technique used by an attacker to inject malicious code in clickable content in websites.

Cloud Computing
The practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer.

Cloud Security
Protection of data, infrastructure and applications involved in cloud computing.

Code Obfuscation
Code obfuscation takes well-engineered code and makes it difficult for an attacker to understand. A cyber criminal’s first step of an attack is to analyze code and gain an understanding of your app logic—with code obfuscation, hackers can’t get started.

Command and Control Servers
Machines that an attacker uses to communicate with a botnet and control compromised computers in the network.

Compromise
Also known as data compromise or data breach. Occurs when a security system has been bypassed maliciously or accidently.

Compromise Assessment
Evaluation to determine if systems have been breached.

Computer Network Defence (CND)
The establishment of a security perimeter and of internal security requirements with the goal of defending a network against cyberattacks, intrusions and other violations.

Conficker
A computer worm targeting the Microsoft Windows operating system that was first detected in November 2008.

Configuration Build Review
Assessment of system configurations to ensure security best practices.

Console
A screen and keyboard which permits access and control of a server, mainframe computer or other system type in a networked environment.

Content Spoofing
Is when an attacker tricks their victims into visiting a fake website that looks like the real one.

Continuous Threat Exposure Management (CTEM)
A proactive approach to cyber security that continuously identifies, prioritises, and helps remediate exposures across an organisation’s digital environment. CTEM integrates threat intelligence, asset discovery, and risk context to help security teams focus on what matters most—reducing real-world attack paths before they can be exploited.

Cookie
Cookies are small files which are stored on a user’s computer.  Cookies provide a way for the website to recognize you and keep track of your preferences.

Critical Update
A fix for a specific problem that addresses a critical, non-security-related bug in computer software.

Cross site scripting
A technique used by hackers to plant a malicious code into a genuine website allowing them to gather a user’s information and use it for nefarious purposes.

Crypto worm
A form of malware that spreads in the form of a worm and encrypts victims' data.

Cryptocurrency
A form of digital currency where encryption techniques are used to regulate the generation of currency and verify its transfer, independent of a central bank.

Cyber Maturity Assessment
Evaluation of an organisation's cyber security posture and capabilities.

Cyber security
The protection of computer systems from the theft of or damage to their hardware, software, or electronic data.

Cyber Warfare
When nation states use information technology to penetrate other nations’ networks to cause damage or obtain sensitive information.

CyberConnect360
Resource placement service providing skilled technical professionals for specific durations.

Cybercrime
A crime that involves a computer and a network.

Cybercrime as a service
The practice of facilitating illegal activities for cybercriminals through the provisioning of services.

Cyberespionage
The unethical act of violating the privacy and security of an organisation in order to leak data or disclose internal/private/confidential information.

D

Dark Web/Net
The part of the internet that isn’t indexed by search engines such as Google.

Data
Information processed or stored by a computer.

Data breach
The release of private or confidential information either done intentionally, or unintentionally.

Data Loss Prevention (DLP)
A security strategy and set of tools designed to detect and prevent the unauthorised sharing, transmission, or leakage of sensitive data. DLP helps protect intellectual property, personal data, and confidential information by monitoring user activity, enforcing policies, and blocking risky actions across endpoints, networks, and cloud environments.

Data migration
The process of selecting, preparing, extracting, and transforming data and permanently transferring it from one computer storage system to another.

Data mining
The process of discovering patterns in large data sets.

Data Theft
The act of stealing data.

Database
An organised collection of data and structured information.

Decrypt/Decryption
The act that transforms ciphertext produced by the cryptographic function of encryption back into its original plaintext or cleartext form.

Default account
An account that is predefined in a system, application, or device to permit initial access when the system is first put into service.

Default password
A standard pre-configured password for a device. Integrity360 Tip: Default passwords are notoriously weak and should be changed as quickly as possible.

Denial of Service (Dos) attack
A malicious attempt to disrupt normal traffic of a targeted server, network or service by overwhelming the target with a flood of internet traffic.

Differential privacy
A method that allows researchers to investigate data without revealing confidential information.

Digital Certificate
A digital passport or stamp of approval that proves the identity of a person, website or service on the internet.

Digital Forensics
Investigation and analysis of digital evidence following security incidents.

Digital Forensics
The recovery and investigation of material found in digital devices, often in relation to cybercrime.

Digital Rights Management
The use of technology to control and manage access to copyrighted material.

Digital Transmission Content Protection (DTCP)
Is a digital rights management technology that restricts digital home technologies including DVD players and televisions by encrypting interconnections between devices.

Disk encryption
A technology which protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people.

Distributed Denial of Service (DDoS) attack
Occurs when multiple systems flood the bandwidth or resources of a targeted system. Such an attack is often the result of multiple compromised systems such as a botnet flooding the targeted system with traffic.

DNS (Domain Name System)
The main function of DNS is to translate domain names into IP Addresses, which computers can understand.

DNS hijacking
An attack in which DNS queries are wrongly resolved in order to unexpectedly send users to malicious sites.

Digital Operational Resilience Act (DORA)
An EU regulation aimed at strengthening the IT security and resilience of financial institutions. DORA requires firms to ensure they can withstand, respond to, and recover from all types of ICT-related disruptions and threats. It mandates risk management, incident reporting, resilience testing, third-party oversight, and compliance with a unified framework across the EU.

Drive by download
The unintentional downloading of malicious code to your computer or mobile device that leaves you open to a cyberattack.

E

Emergency Incident Response
Immediate action and support during active security breaches.

Emulator Detection
to detect if an application is being run on an emulator.

Emulators
are used by hackers to prepare attacks against apps and businesses. Taking an app out of its secure environment and running code on a desktop computer makes it easier for criminals to analyze code and exploit vulnerabilities.

Encode
The process of converting data from one form to another.

Encryption
The process of converting information or data into a code. Normally used to prevent unauthorised access.

End-to-end encryption
A type of encryption where data gets scrambled or encrypted at one end and gets decrypted at the other end.

Endpoint
An Internet-capable computer hardware device.

Endpoint Detection and Response (EDR)
A cyber security solution focused on detecting, investigating, and responding to threats on endpoint devices such as laptops, desktops, and servers. EDR continuously monitors activity, records endpoint data, and uses analytics to identify suspicious behaviour. It enables rapid containment and remediation of threats before they can spread across a network.

Environmental checks
A way to search for and find risks in software in various environments.

Ethical Hacking (also referred to as Penetration Testers)
Locating vulnerabilities and weaknesses of a computer or system by duplicating the acts of a malicious hacker.

Evil Access Points
Evil access points are fake WI-FI hotspots which look like similar ones in the area. Once you are connected your data will be stolen. Integrity360 Tip: Always check to see if there are multiple hotspots with the same name close to each other. If you are unsure, use a VPN or tether to your phone.

Exfiltration
Occurs when malware and/or a malicious actor carries out an unauthorised data transfer from a computer. A form of data theft.

Exploit
A piece of software, data or commands that take advantage of a vulnerability to cause harm or theft.

Exploit kit
A collection of exploits, which is a simple one-in-all tool for managing a variety of exploits altogether. They make it easier for non-technical people to commit criminal or harmful acts.

External Scanning
An external vulnerability assessment that attempts to verify whether the individual controls covering the Internet-facing perimeter network have been implemented correctly, and that obvious vulnerabilities are not present.

F

Fake Malware (Scareware)
Malware used to scare users into downloading and installing unnecessary software.

Fileless Malware
A type of malicious software that uses legitimate programs to infect a computer. It does not rely on files and leaves no footprint, making it challenging to detect and remove.

Firewall
A network security system which monitors incoming and outgoing network traffic. This is based on predetermined security rules.

Form grabbing
Malware that works by capturing data in a web form before the form is submitted.

G

Gateway
A device used to connect two different networks together.

GCHQ
The Government Communications Headquarters provides security intelligence to the British armed forces and the British government.

GDPR
The General Data Protection Regulation is a regulation in EU law on data protection and privacy for all individual citizens of the European Union and the European Economic Area. Even though the UK voted to leave the EU in 2016, it adopted GDPR.

GDPR Services
Support for compliance with the General Data Protection Regulation.

Gigabyte
a unit of data storage capacity that is roughly equivalent to 1 billion bytes.

Governance
The common rules, policies and procedures that allow the Internet to function.

Green Hat Hacker
Green hats are the novices of the hacker world but are actively working on developing their skills. Typically, they are unaware of the consequences of their actions, making them dangerous in their own right.

Grey Hat Hacker
A grey hat hacker is a hacker or expert who may choose to break the law or ethical standards without the same intent as a typical black hat hacker.

H

Hacker
Someone who explores different methods of breaching and exploiting weaknesses in a security network.

Hacktivism
A movement of people who seek to promote a political agenda by defacing websites, stealing information, redirecting traffic and launching denial-of-service attacks in support of their cause.

Hacktivist
A hacker that commits cybercrime to further or protest a political cause.

Hashing
The generating of a value or values from a string of text using a mathematical function.

Honeypot
A tactic used by cyber security teams to lure hackers into a computer system with the aim of capturing malware, detecting attacks or monitoring the motives and tactics of hackers.

Host
A computer connected to a computer network.

Host intrusion Prevention
Proactively identifies and prevents malicious network intrusions.

Hotspot
A physical location where people are able to obtain an internet connection. You’ll normally find these in bars, restaurants and hotels. Integrity360 Tip: be careful with what you share online via a public network/hotspot. This includes inputting personal details and bank details. Always ensure your device has VPN enabled to protect yourself against hackers.

HTTP
Acronym for “hypertext transfer protocol.” Open internet protocol to transfer or convey information on the World Wide Web.

HTTPS
Acronym for “hypertext transfer protocol over secure socket layer. HTTPS is more secure than HTTP as it is designed for security-sensitive communication.

I

ID
Identifier for a user or application.

IDS
Acronym for Intruder detection system. Software or hardware that alerts a user to intrusion attempts on a network.

Incident
A breach of an organisation’s security rules – see cyber-attack and/or data breach.

Incident Response Preparedness
Proactive planning and readiness for potential security incidents.

Incident Response Retainer
Pre-arranged agreements for rapid incident response services.

Information security
The protection of information.

Information security management system
A framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes.

Insider vulnerabilities
The potential for employees to either deliberately or accidentally bring harm to an organisation.

Internet of Things (IoT)
The extension of Internet connectivity into physical devices and everyday objects. From smartphones to fridges, anything that is connected to the internet is an IoT device.

Intrusion Prevention System (IPS)
A network security tool that actively monitors traffic and blocks malicious activity in real time. IPS solutions detect threats such as exploits, malware, and unauthorised access attempts, and automatically take action to stop or quarantine suspicious traffic before it can cause harm.

IP
Acronym for internet protocol.

IP Address
An IP address is an Internet Protocoled Address which is a number assigned to each device connected to a computer network. An IP Address serves two functions – host or network interface identification and location addressing.

IP Address Spoofing
An attack technique used to gain unauthorised access to networks or computers.

ISO
Acronym for International Organisation of Standardisation, the body responsible for promoting international standards. ISO27001 for example is a specification for an information security management system.

ISO 27001/27018/27701 Services
Assistance with achieving and maintaining ISO certifications for information security.

J

Jailbreak detection
The process by which you can figure out if an app is running on a jailbroken device or not.

Java
A general-purpose programming language.

JavaScript
A programming language commonly used in web development.

JPEG
A popular image file format.

Jump Box
Used to access separate parts of a network. Pen testers/attackers like these while pivoting to achieve higher privileged access, in an effort to steal your IP/data.

K

Key Stroke Logger
Someone who records the keys struck on a keyboard. Most of the time, people using the keyboard are unaware. This can then lead to data being retrieved by the person operating the logging programme.

L

Least Privilege
The minimum access and/or privileges necessary to perform a role or job function.

Legacy Software/Hardware
Software and/or hardware no longer supported by their original creators.

Linux
An operating system which can be used alternatively to Windows.

Local Area Network (LAN)
A group of computers and/or other devices that share a common communications line in a building or several buildings.

M

Machine Learning
An application of artificial intelligence (AI) that provides systems the ability to automatically learn and improve from experience without being explicitly programmed.

Mainframe
Computers designed to handle very large volumes of data input and output and primarily used for bulk data processing.

Malware
Any software which has been designed to cause damage to a computer, server, computer network or client. The main types of malware are viruses, trojan horses, spyware or worms. Integrity360 tip: always ensure that your antivirus is kept up to date.

Man-in-the-Middle
An attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.

Managed Cloud Native Application Protection Platform
Security services for cloud-native applications.

Managed Darktrace SOC (dSOC)
Integration of Darktrace's AI-driven threat detection with SOC services.

Managed Data Loss Prevention (DLP)
Solutions to prevent unauthorised data exfiltration.

Managed Detection & Response (MDR)
A fully managed service providing real-time threat detection, rapid containment, and expert-led remediation.

Managed Endpoint Security
Protection for endpoint devices against cyber threats.

Managed Firewall
Firewall management services to protect networks from unauthorised access.

Managed Identity Security
Services to manage and protect user identities and access.

Managed PAM
Privileged Access Management services to control and monitor privileged accounts.

Managed SD-WAN
Software-defined networking services to optimise and secure wide-area networks.

Managed Service Provider (MSP)
A company that remotely manages a customer's IT infrastructure and/or end-user systems, typically on a proactive basis and under a subscription model.

Managed SIEM
Security Information and Event Management services that collect and analyse security data to detect threats.

Managed SOC
Security Operations Centre services offering 24/7 monitoring and response to security incidents.

Managed SSE/SASE
Security Service Edge and Secure Access Service Edge solutions integrating networking and security functions.

Managed Vulnerability Management
Continuous identification and remediation of system vulnerabilities.

Megabyte
A measure of computer processor storage and real and virtual memory.

Melissa Virus
An infamous type of malware discovered in 1999 that infected over 100,000 computers and caused an estimated $1.1 billion worth of damage to businesses worldwide.

Metadata
A set of data which describes and gives information about other data. The main types are descriptive metadata, rights metadata and technical metadata.

Microsoft
A global technology company best known for its Windows operating system, Microsoft 365 productivity suite, Azure cloud platform, and a wide range of enterprise and security solutions. In cyber security, Microsoft provides tools for identity protection, endpoint security, threat detection, and compliance management—often integrated through Microsoft Defender and Sentinel.

Mirai
A type of malware that turns networked devices running Linux into remotely controlled "bots" that can be used as part of a botnet in large-scale network attacks.

Mitigation defence
Software that doesn’t stop hacking from happening, but will mitigate the effects.

Multi-Tenant
means that a single instance of the software and its supporting infrastructure serves multiple customers. Each customer shares the software application and also shares a single database. Each tenant's data is isolated and remains invisible to other tenants.

N

NCSC
The National Cyber Security Centre is an organisation of the United Kingdom Government that provides advice and support for the public and private sector in how to avoid computer security threats.

Network
A group of computer systems connected. This includes LANs and WANs.

Network administrator
Personnel responsible for managing the network within an entity.

Network Detection and Response (NDR)
A security solution that uses advanced analytics and machine learning to detect suspicious activity and threats across network traffic. NDR provides real-time visibility, detects lateral movement, and supports incident response by monitoring east-west traffic and uncovering threats that evade traditional perimeter defences.

Network Monitoring
The constant monitors the computer networks and notifies the administrator if there are any outages or other troubles.

NIS2 Directive
An EU-wide legislation aimed at improving the cyber resilience of essential and important entities across sectors such as energy, transport, healthcare, and digital infrastructure. NIS2 expands the scope of the original NIS Directive, introduces stricter security requirements, mandatory incident reporting, and greater oversight. It applies to more organisations, including some based outside the EU if they operate within its market.

NIST Cyber Security Framework Services
Implementation of the NIST framework to improve cyber security risk management.

NotPetya
A family of encrypting ransomware that was first discovered in 2016. The attack infected devices in the UK, France, Germany, Italy, Poland and the USA. The majority of infections however, were reported in Russia, and 80% in Ukraine.

O

Open Source
Any programme whose source is available to be used or modified as a developer sees fit

Operating system
Software of a computer system that is responsible for the management and coordination of all activities and the sharing of computer resources.

Operational Technology (OT)
Hardware and software systems that monitor and control physical processes, devices, and infrastructure. Commonly used in industries like manufacturing, energy, and transportation, OT includes industrial control systems (ICS), SCADA, and PLCs. As these systems become more connected, they are increasingly targeted by cyber threats, making OT security a critical concern.

P

Passphrase
Contains symbols, numbers and doesn’t make grammatical sense. Passphrases are normally longer than passwords and therefore can be harder for a hacker to retrieve.

Password
A secret word or phrase used to log in to a private account.

Patch
An update to existing software to add functionality or to correct a defect.

Patch Management
An area of systems management that involves acquiring, testing, and installing multiple patches (code changes) to an administered computer system.

Payment Tokenization
the process of protecting sensitive data by replacing it with an algorithmically generated number called a token.

Penetration test
An attempt by an individual or “Ethical Hacker” to exploit a company’s system using, as close as possible, the methods employed by real hackers.

Penetration Testing
Simulated cyber attacks to identify and address vulnerabilities.

Phishing
An illegal attempt to obtain sensitive information. This can include your passwords and credit card details. Integrity360 tip – Phishing remains the most common form of cyber-attack. Always check the source of an email and avoid clicking on emails and attachments that don’t look legit. Look out for misspellings and grammar issues in the messages as this is a common sign of a phishing attempt.

Piracy
the practice of downloading and distributing copyrighted content digitally without permission, such as music or software.

Policy
Organisation-wide rules that govern the acceptable use of computing resources, security practices, and guiding development of operational procedures.

Port
When referring to a network or the Internet, a software or network port is a location where information is sent. When referring to a physical device, a hardware port or peripheral port is a hole or connection found on the front or back of a computer.

Private Network
Is any connection within a specified network wherein restrictions are established to promote a secured environment.

Privileged Access Management (PAM)
A security solution that controls and monitors access to critical systems and sensitive information by privileged users such as IT administrators. PAM enforces least privilege, audits sessions, and helps prevent the misuse or compromise of high-level credentials. It is essential for protecting organisations from insider threats and external attackers targeting elevated access.

Privileged user
A user account with greater than basic access privileges.

Project Management
Management of cyber security projects to ensure timely and effective delivery.

Proxy Server
A server that acts as an intermediary between an internal network and the Internet.

Public Network
A network established by a telecoms provider to provide data transmission services to the public. Integrity360 Tip – It’s strongly advised not to use such networks as data over public networks can be intercepted, modified, and/or diverted while in transit. E.g. the Internet.

Q

QAZ
A network worm spreading under the Win32 systems with backdoor abilities. This worm was reported “in the wild” in July – August 2000.

QWERTY
The standard layout on English-language typewriters and keyboards.

R

Ransomware
Ransomware is a type of malware which threatens to publish data unless a ransom is paid.

ReCAPTCHA
A service from Google that works to protect websites from spam and abuse caused by robots.

Red Hat Hacker
The vigilantes of the hacker world. They’re like White Hats in that they halt Black Hats, but use more extreme measures to stop them actively wanting to harm them.

Red Team Exercise – Advanced testing involving simulated attacks to assess security defences.

Remote Access
The ability to access a computer or a network remotely through a network connection.

Remote Access Trojan (RAT)
A malware program that includes a back door for administrative control over the target computer.

Removable electronic media
A form of computer storage that is designed to be inserted and removed from a system.

Reverse Engineering
the process of analyzing a compiled app to extract information about its source code. A hacker’s main goal in reverse engineering is to comprehend your code in order to execute an attack.

Risk assessment
A systematic process of evaluating the potential risks that may be involved in an activity or undertaking.

Root Detection
Attackers use rooting as a means to better understand how your app executes, to modify your app’s behavior while it runs or to steal sensitive data.

Rooting
the term used to describe the process of gaining root access or privileged control over devices, most commonly Android smartphones and tablets.

Rootkit
A type of malicious software that when installed without authorisation, can conceal its presence and gain administrative control of a computer system.

Router
A router is a networking device that forwards data packets between computer networks.

S

SAAS
Acronym for software as a service

Sandbox
Increasing security by isolating processes and browser tabs from one another and the rest of the computer.

Script
A simple form of code.

Script Kiddie
A script kiddie is a person who lacks the expertise to write their own computer scripts, so will use existing ones to hack into computers.

Secure Access Service Edge (SASE)
A cloud-native security framework that combines network connectivity and security functions—such as SWG, CASB, ZTNA, and SD-WAN—into a unified service. SASE enables secure, scalable access to applications and data from any location or device, supporting modern hybrid work environments.

SEO
Acronym for Search Engine Optimisation, the practice of making adjustments to certain aspects of a website in an effort to improve its ranking on search engines.

Security Information and Event Management (SIEM)
A system that collects, analyses, and correlates data from various sources across an IT environment to detect potential security threats. SIEM provides real-time alerts, supports compliance reporting, and enhances incident investigation by centralising log data and applying analytics to uncover suspicious activity.

Shamoon
A dangerous disk wiping malware that has struck in three iterations. The first in 2012, the second in 2016 and the most recent and possibly most destructive form in December 2018.

Social Engineering
The psychological manipulation for people to perform actions or expose confidential information.

Social Media
Websites and applications that enable users to create and share content or to participate in social networking.

Software
The programs and other operating information used by a computer.

Software-Defined Wide Area Network (SD-WAN)
A virtual WAN architecture that enables enterprises to securely connect users to applications using any combination of transport services including broadband, MPLS, and LTE. SD-WAN improves performance, increases agility, and reduces costs by intelligently directing traffic based on business policies and real-time network conditions.

Spam
Unsolicited email messages sent for marketing or potentially malicious purposes

Spear Phishing
An email phishing attack that targets a specific organisation or individual, seeking unauthorised access to sensitive information.

Spoofing
A cyber attack where a person or programme disguises itself as something else in order to trick or win over someone’s trust.

Spyware
Malware used to gain access to a user’s systems and monitor their data, files, and behaviour.

SQL injection
a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It is one of the most common forms of cyber-attack.

State Sponsored
Operations that include direct nation-state activity and proxy activity carried out by criminals and so-called hacktivists.

Stuxnet
The malware infamous for being used in one of the most sophisticated cyber-attacks in history where it was used to attack Iran’s nuclear programme.

T

Tabletop Exercise
A discussion-based simulation used to test an organisation’s incident response and crisis management plans. Participants walk through a hypothetical cyber attack or disruption scenario to evaluate decision-making, communication, and coordination. Tabletop exercises help identify gaps in preparedness and improve readiness for real-world incidents.

Talent Acquisition
Services to recruit skilled cyber security professionals.

Technical Consulting & Architectural Design
Expert advice on designing and implementing secure IT architectures.

Terrabyte
A unit of data storage capacity that is roughly equivalent to one trillion bytes.

Third Party Risk Management
Assessment and management of risks associated with third-party vendors.

Trojan
A form of malware that disguises itself as a harmless computer program but allows hackers to execute a variety of attacks or steal information.

Two Factor Authentication
Also known as 2FA is a subset of MFA (Multi-Factor Authentication). 2FA is a two-step authentication method to confirm your identity. The first stage will typically be a password, followed by another form of identity.

U

URL
URL is the Uniform Resource Locator which is used to specify address on the web. Integrity360 Tip: if you are sent a URL, always check how the URL has been configured. You can do this by checking for incorrect spelling, letters replaced by characters, special characters inserted, an unusual ending to the URL or an IP address inserted.

V

Virtual Private Network
A VPN allows you to create a secure connection to another network over the internet.

Virus
The most common term used to describe malicious software that replicates itself by modifying other computer programmes and inserting its own code. Once it succeeds, the areas are said to be infected.

Vulnerability Scanning
A computer program designed to assess computers, networks or applications for known weaknesses. Integrity360 Tip: Vulnerability scans should be carried on a regular basis. With new threats emerging all the time you shouldn’t just scan once a year.

W

Wannacry
Ransomware crypto worm that targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.

Waterhole
The setting up of a fake website in order to exploit unaware visitors.

WEP
Acronym for Wired Equivalent Privacy, a wireless security protocol.

Whaling
A type of phishing attack that targets an organisations leader (the big fish) or executives. A whaling attack is also known as a C-level fraud and BEC (business email scams).

White hack Hacking
Also known as Ethical Hacking/Penetration Testing.

Whitelisting
approved applications for use in an organisation.

Wi-Fi
a facility allowing computers, smartphones, or other devices to connect to the Internet or communicate with one another wirelessly within a particular area.

WPA
Acronym for Wi-Fi protected access.  A security standard for users of computing devices equipped with wireless internet connections.

X

XDR
A unified security solution that collects and correlates data across multiple security layers—such as endpoints, networks, servers, and cloud workloads—for improved threat detection and response. XDR provides broader visibility, faster investigations, and more efficient incident response by integrating security tools into a single platform.

XHTML
eXtensible HyperText Markup language. A hybrid of XML and HTML to display web pages on portable and network devices.

XMT (Transmit)
Used to send data to an alternative device.

Y

Y2K
A big security scare in the lead up to the year 2000. Also known as the millennium bug.

Ymodem
Sends data in 1024-byte blocks which allows for simultaneous file transmissions and can reduce file sizes for poor connections

Z

Zero Day
Discovered vulnerabilities not yet known to vendors or antivirus companies, that hackers can exploit.

Zero Trust
A security framework that assumes no user, device, or application whether inside or outside the network can be trusted by default. Access is granted based on strict identity verification, least privilege principles, and continuous monitoring. Zero Trust helps prevent lateral movement across networks and is especially effective in hybrid and remote work environments.

Zombie
A computer connected to the internet which has been compromised and can be used to perform malicious tasks.