What Does It Even Mean? A Cyber Jargon Buster

author profile picture

by Rebekah Valero-Lee on

The cyber world seems to be full of difficult to understand jargon and phrases. It’s difficult to know what protection you need (and against what) when you don’t actually know what any of it means. Let’s dive in to our cyber jargon buster and help you sort your SOCs out for CERT.

Common Phrases

Behavioural Monitoring
Behavioural monitoring is the part of a cyber security system that watches files on a network for any unusual or unprecedented changes or modification that might suggest that a piece of malicious software had made it into the system.
You could think of this as the cyber equivalent of CCTV. It won’t do much to stop an actual intrusion, but it can certainly let you know when there’s a burglar on your drive with one leg in your car.

Pen Test
Short for ‘penetration test’, this is a simulated attack on a computer system attempts to find vulnerabilities and weaknesses in that hope that they can be covered up and protected before being exploited by folk with more malicious intentions. Letting an ethical hacker have a pop at your system is a good way of judging your security.

Zero Day Attack
With a suitably intense and damaging sounding name, a zero day attack or exploit can be one of the more dangerous. When a company creates software with an unknown flaw in it, an attacker quickly writes and implements exploit code before the company is either aware of the flaw or has time to create a patch for it.

World of Acronyms

If you’ve ever had a conversation with either someone who works in cyber security or in IT in general you may have noticed an interesting phenomenon about the way they talk – almost exclusively in jargon and, particularly, acronyms. You probably find yourself confused and yet simultaneously impressed that someone has managed to create such lengthy and (allegedly) meaningful communications that contain so few actual words.
With that in mind here is a brief (and definitely not exhaustive) run down of some common acronyms, along with an explanation – because sometimes, finding out what the letters stand for makes things worse.

SIEM
Security Information and Event Management
SIEM is the part of cyber security management that deals with monitoring and the collating of real-time information from a system. This includes notifications of outsider threats, the retention and analysis of real time data on security alerts triggered by a system.
Just to make everything super clear, this system also goes by the acronyms SEM or SIM, and you would find one of these in a SOC. What is a SOC you ask?

SOC
Security Operations Centre
A SOC is a centralised location where multiple websites, networks and databases are monitored, assessed and defended. A SOC contains a team of security experts who monitor and respond to threats across the world. They usually look like something a James Bond villain would build and are very physically secure.

CSIRT
Computer Security Incident Response Team
As the name suggests, this is a dedicated team that receives reports of breaches and then analyses them as they occur.
And Just in case we weren’t fed up with acronyms by now, there are staggeringly at least six variations for this one, all of which mean roughly the same thing – CIRC, CIRT, IRC, IRT, SERT or SIRT.

DDOS
Distributed Denial of Service
A DDOS attack is am attack that comes from multiple compromised systems, as opposed to a DOS attack which comes from one. In an attack, the malicious code coming towards the victim originates from multiple sources, making it nearly impossible to block or distinguish from standard traffic.

IDS
Intrusion Detection System
Intrusion Detection Systems monitor a network for malicious activity. This links directly to the SIEM for reporting and analysis, which is of course housed inside a SOC (getting there yet?). IDS’s can vary and the most two common types are NIDS (network) and HIDS (host-based).
See also: Conservative politician.

CSCRM
Supply Chain Risk Management
You’ve probably heard the phrase that a chain is only as strong as it’s weakest link? Well the same applies to cyber security. If, for example, a large defence client with military-grade, world class cyber security was using a smaller supplier for one particular element of their work, that supplier presents a possible vulnerability a hacker could exploit. It’s a way in for them, and good SCRM identifies this weakness.

GDPR
General Data Protection Regulation
Unlike all of the acronyms above, this often used one is actually a soon-to-be-enforced government regulation that is aimed at strengthening data protection by changing the rules on how companies deal personal data. We recommend you read this article for more information on the GDPR, particularly if you’re a business owner – as failure to comply could lead to a fine of some 8% of your turnover.

Still confused? Let our expert cyber managed service team help.


Cx Jobs

Finishing Operative

Looking for 4 finishing operatives able to install: * plasterboard, * a wraptite membrane * and a sealant strip to the inside of a commercial building in SW London

SPC - Site Person in Charge - Rail Construction

Working on a project to replace sidings and increase the number of roads, a civils gang to support the site manager and construction team to ensure that the daily operation and safety of the site is kept correct and in line with the safe systems of work. At times there will be a requirement to assist the track gang in the planned works on site. The majority of these works is planned for Monday to Friday 07:30 to 15:30Essential* Hold ICI-LU Licence* Hold LU Basic Track Awareness(BTA)* Hold Site Person In Charge (SPC)Desirab;e* Previous Experience in construction projects and the construction environment* Previous Experience in working with machinery and on track vehicles* All trained/Competent in Cat Scanning RD 8000* All trained/Competent in Banksman/Slinging* All trained/Competent in working from height* All trained/Competent in Disc Saw & Concrete Saw cutting* All trained/Competent in Belle Mixers/ Concrete Mixing* All Hand Arm Vibration trained* At least 1 No. First Aider* All fully face fitted staff

Rail Construction

Working on a project to replace sidings and increase the number of roads, a civils gang to support the site manager and construction team to ensure that the daily operation and safety of the site is kept correct and in line with the safe systems of work. At times there will be a requirement to assist the track gang in the planned works on site. The majority of these works is planned for Monday to Friday 07:30 to 15:30Essential* All to Hold ICI-LU Licence* All to Hold LU Basic Track Awareness* Previous Experience in construction projects and the construction environmentDesirable* Previous Experience in working with machinery and on track vehicles* At least 1No. Forklift Operator trained/competent staff* All trained/Competent in Cat Scanning RD 8000* All trained/Competent in Banksman/Slinging* All trained/Competent in working from height* All trained/Competent in Disc Saw & Concrete Saw cutting* All trained/Competent in Belle Mixers/ Concrete Mixing* All Hand Arm Vibration trained* At least 1 No. First Aider* All fully face fitted staff

Storeperson (Rail) - Feltham

Vital are recruiting for a Storeperson - RailLocation: FelthamStart Date: ASAPDuration: 4 months plus min 40 hours a weekRate: £17+ Essential skills and competencies:PTS (ideally)Forklift with counterbalancePrevious stores experience in a rail environmentIdeally signalling based storesMust be within 30 miles of Feltham, London If you think you may be suitable for this role, please email your CV to steve . bradley @vital .uk .com

Austin Distel Va Opp86kf Q Unsplash

Advertisement