What Does It Even Mean? A Cyber Jargon Buster

author profile picture

by Rebekah Valero-Lee on

The cyber world seems to be full of difficult to understand jargon and phrases. It’s difficult to know what protection you need (and against what) when you don’t actually know what any of it means. Let’s dive in to our cyber jargon buster and help you sort your SOCs out for CERT.

Common Phrases

Behavioural Monitoring
Behavioural monitoring is the part of a cyber security system that watches files on a network for any unusual or unprecedented changes or modification that might suggest that a piece of malicious software had made it into the system.
You could think of this as the cyber equivalent of CCTV. It won’t do much to stop an actual intrusion, but it can certainly let you know when there’s a burglar on your drive with one leg in your car.

Pen Test
Short for ‘penetration test’, this is a simulated attack on a computer system attempts to find vulnerabilities and weaknesses in that hope that they can be covered up and protected before being exploited by folk with more malicious intentions. Letting an ethical hacker have a pop at your system is a good way of judging your security.

Zero Day Attack
With a suitably intense and damaging sounding name, a zero day attack or exploit can be one of the more dangerous. When a company creates software with an unknown flaw in it, an attacker quickly writes and implements exploit code before the company is either aware of the flaw or has time to create a patch for it.

World of Acronyms

If you’ve ever had a conversation with either someone who works in cyber security or in IT in general you may have noticed an interesting phenomenon about the way they talk – almost exclusively in jargon and, particularly, acronyms. You probably find yourself confused and yet simultaneously impressed that someone has managed to create such lengthy and (allegedly) meaningful communications that contain so few actual words.
With that in mind here is a brief (and definitely not exhaustive) run down of some common acronyms, along with an explanation – because sometimes, finding out what the letters stand for makes things worse.

Security Information and Event Management
SIEM is the part of cyber security management that deals with monitoring and the collating of real-time information from a system. This includes notifications of outsider threats, the retention and analysis of real time data on security alerts triggered by a system.
Just to make everything super clear, this system also goes by the acronyms SEM or SIM, and you would find one of these in a SOC. What is a SOC you ask?

Security Operations Centre
A SOC is a centralised location where multiple websites, networks and databases are monitored, assessed and defended. A SOC contains a team of security experts who monitor and respond to threats across the world. They usually look like something a James Bond villain would build and are very physically secure.

Computer Security Incident Response Team
As the name suggests, this is a dedicated team that receives reports of breaches and then analyses them as they occur.
And Just in case we weren’t fed up with acronyms by now, there are staggeringly at least six variations for this one, all of which mean roughly the same thing – CIRC, CIRT, IRC, IRT, SERT or SIRT.

Distributed Denial of Service
A DDOS attack is am attack that comes from multiple compromised systems, as opposed to a DOS attack which comes from one. In an attack, the malicious code coming towards the victim originates from multiple sources, making it nearly impossible to block or distinguish from standard traffic.

Intrusion Detection System
Intrusion Detection Systems monitor a network for malicious activity. This links directly to the SIEM for reporting and analysis, which is of course housed inside a SOC (getting there yet?). IDS’s can vary and the most two common types are NIDS (network) and HIDS (host-based).
See also: Conservative politician.

Supply Chain Risk Management
You’ve probably heard the phrase that a chain is only as strong as it’s weakest link? Well the same applies to cyber security. If, for example, a large defence client with military-grade, world class cyber security was using a smaller supplier for one particular element of their work, that supplier presents a possible vulnerability a hacker could exploit. It’s a way in for them, and good SCRM identifies this weakness.

General Data Protection Regulation
Unlike all of the acronyms above, this often used one is actually a soon-to-be-enforced government regulation that is aimed at strengthening data protection by changing the rules on how companies deal personal data. We recommend you read this article for more information on the GDPR, particularly if you’re a business owner – as failure to comply could lead to a fine of some 8% of your turnover.

Still confused? Let our expert cyber managed service team help.

Cx Jobs

Project Controller - P6

Project Controller with a defence/aerospace/nuclear engineering background is required to lead tasks and activities to deliver the approved scope of work in accordance with the specified objectives, as agreed with the Senior Project Manager or their delegate. The Project Controller will also monitor resource demands and actual availability of the project team and prepare reports showing budgets, actual and forecast costs and earned value information in accordance with APM guidelines. This role will be a remote role with some time spent in the office in the North Yorkshire Moors.The role involves but is not limited to the following:Supports the project manager with the day-to-day management and deliverable completion of the projects, using agreed resources, by an agreed date to agreed safetystandards and an agreed quality within an agreed budget.Responsible for coordination, scheduling and reporting of activities as agreed with the Project Manager.Responsible for coordinating all project gate reviews, recording of any actions and the production and approval of the gate review report.Facilitates the identification of lessons learnt from previous projects and programmes, as well as any new lessons from their project team.Undertakes the role of risk coordinator, and ensures the project follows the agreed risk management plan.Responsibility to ensure a project resource plan for the entire project lifecycle is regularly reviewed and updated.Responsible for coordinating the project's change management process, and specifically being the chair of the regular change board.Ensures that a master decisions & assumption log or equivalent is reviewed and updated on a regular basis.Responsible for establishing and auditing against a project configuration management process.Supports the project manager to establish and undertake the Project Scope reviews.Responsible for the development, monitoring and updating of a detailed manage the project workstream schedule.Reporting on the project workstream progress on a regular basis and escalate when exceptional circumstances arise.Has responsibility for the creation and upkeep of the Project Files, meetings, records and correspondence, and maintaining the Project Controls information.Delegated chair for weekly progress review and workshop meetings as required.Chairs project change board meetings and ensures all other necessary actions and minutes are recorded as required.Ensure that the project is given appropriate priority and ensuring that adequate resources are available and escalate to the project manager as required.Ensure all project reviews are carried out in accordance with project governance set out in the project management plan.Support the project manager in the preparation of initial and ongoing estimates of the project costs, including resource, materials and contingency costs.Monitor cost expenditure for the pre-sanction works against estimates and report cost position to Project Manager on a regular basis.Manage Project Documentation, from Initiation to Handover, meeting all milestones within the Project Programme to ensure that the project progresses in a timely manner.Person SpecificationKnowledge and experience of a Programme Management OfficeDemonstrable, specific skills and experience in planning, ideally in a complex programme environmentProficient in P6Working knowledge of Microsoft ProjectStrong analytical, problem solving and reporting skills to deliver precise insight on programme performance

Systems Engineer

Lead Systems Safety Engineer required to work on major rail projects. Contract or Permanent Staff position available Contract (Inside IR35) Role is required to support the application of the Railways (Interoperability) Regulations and the Common Safety Method on Risk Assessment to rail projects. Previous Railway Systems Safety Engineering experience essential. Client requires railway experience in order to hit the ground running. Working Knowledge in HAZOP/HAZOP/RAMS analysis in a railway environment. Demonstrable track record in engineering safety management. Knowledge of safety verification requirements of Network Rail and London Underground.

Quality Engineer

An opportunity has arisen for a Quality Engineer to join the team with our prestigious clientSummary of Role:To assure the fitness for purpose (airworthiness) of products and drive/lead a Right First Time & zero waste culture. Also to maintain and expand regulatory, customer and third party accreditation and to ensure effective systems of assurance.Principal Accountabilities:Establishment and maintenance of the Quality Management Systems and associated Regulatory, Customer and Third party Accreditation's.Liaison with Regulators, Customers and Third Parties on issues which affect accreditation, airworthiness and product conformance to achieve regulatory and customer accreditation.Establish and manage the Quality Metrics across to achieve policy deployment goals.Lead the drive to achieve Right First Time and zero waste through SQCDP Value Stream activity utilising lean tools and methodologies. Identification of Root cause and the implementation of robust corrective actions and control measures.Support all functional teams in key areas of shared responsibility including Training, Continuous Improvement, Risk, Process Engineering and Process Responsibilities/Accountabilities.Key Stakeholder in determining innovation / technical development strategies.Work cross functionally to help drive a consistent and effective approach to New Product Introduction (NPI).Actively participate in bid and contract reviews and assist with quality aspects of project management as required to ensure bid success and bid delivery.Uphold processes that assure the effective health, safety and environmental best practices as defined by the Business HSE management system.The Post holder is expected to work flexibly within the role. It is expected for the post holder to carry out activities for which they are competent. Additionally, the post holder will also carry out additional duties upon request from Senior Management.QualificationsDegree level education, in anengineering / science discipline.Qualifications recognised by regulatorybodies (eg EASA , FAA etc. )Demonstrable continuous professionaldevelopment.Experience10+ years in an equivalent role /environment.Experience of installing and maintainingQuality Management SystemsExceptional product and processexperience.Demonstrable experience in anadvanced manufacturing environment.Demonstrable experience in decisionmaking roles.Demonstrable risk assessmentexperienceDemonstrable experience of commercialawareness / budgetary controls.Skills and AptitudeExcellent understanding of qualityassurance management principles andpractice.Target driven with excellent analyticalskills to support continuousimprovement.A Leader and Communicator able tomotivate and manage cross functionalteams.Strategically focused but with strongoperational knowledge.Detailed understanding of SpecialProcess requirements within AdvancedManufacturing Organisation.Strong knowledge of the AerospaceRegulatory Environment andAirworthiness principlesUnderstanding of LEAN principles andpractice.Managerial / Business acumen andawareness.

Trend Research Engineer

Currently recruiting for a Trend Research Engineer for a large well know automotive client. The automotive industry is transforming from over a century long businesses that relied on car production and sales, the industry now aims at becoming 0 emission mobility provider. This change is influenced by various technical and non-technical factors including for example the availability of new technologies as well as socio-political and environmental drivers.A passionate, experienced mobility ecosystems expert is welcome to join the Trend Research Team to help the client comprehend the changes occurring in the mobility space (and the space surrounding mobility), particularly within smart cities in Europe. This work will also lead to identifying technology and business research opportunities coming from the above mentioned observations. The successful candidate should show experience in one or more of the following disciplines:Europe smart cities and smart mobility - both technology and socio-economic expertise is a mustData analyses - previous experience in information research/ analyses will be required to successfully perform in this jobYou will have strategic thinking mind-set to translate the research findings to new technology and business research opportunitiesGeneral knowledge of the technology fields related to electric vehicles (EV), EV charging infrastructures, connected cars and autonomous cars is an assetIdentification and creation of new work (make new research project proposals & new budget requests) Qualifications/SkillsUniversity degree (bachelor or higher. Preferably in an engineering field)Previous, documented experience in smart cities and smart mobility topicsPrevious experience in data research and data processingAble to process complex information (information identification, compiling and distilling down to compact formats)Ability to self-propelled work (be able to work on their own) but also to work in a team when necessaryGeneral understanding of electric vehicle, connected cars and autonomous cars technologyGood communication skills (written and spoken)Good presentation skillsGood computer skillsWilling to travel (within Europe)

Skills and qualifications needed for a career in cyber security