By Trifork Security | 1587 words | Read time: 8 minutes
A
Access control
Restricting who can access systems, data and networks based on roles and permissions. The process of restricting and managing user access to systems, networks and data is based on predefined policies. It ensures that only authorized users can access specific resources, often using methods such as Role-Based Access Control (RBAC) or Attribute-Based Access Control (ABAC). Strong access control measures help prevent unauthorized access, data leaks and security breaches.
Adversary
Within the context of cybersecurity, the term adversary, refers to any individual, group or entity that seeks to compromise the security, integrity or availability of a system, network or data. Adversaries can range from cybercriminals or hackers with malicious intentions to state-sponsored actors engaging in cyber warfare or espionage. We recently covered the group LockBit here.
Authentication
Authentication is the process of verifying your identity and it is crucial for securing vital systems. While all important systems should require at least a password for access, there are ways to strengthen your authentication-process. Common methods to enhance authentication include multi-factor-authentication (MFA), biometrics and tokens.
B
Botnet
A network of infected devices (bots), remotely controlled by cybercriminals without the owners’ knowledge. These compromised devices – often personal computers, IoT devices, or servers – are used to launch large-scale cyberattacks such as DDoS (Distributed Denial-of-Service) attacks, spam campaigns and credential stuffing. Cybercriminals build and sell botnets on the dark web, making them a persistent cybersecurity threat.
Brute force attack
A trial-and-error method used by attackers to guess passwords or encryption keys by systematically trying all possible combinations until the correct one is found. Automated tools can rapidly test thousands or even millions of credentials per second.
Business continuity planning
Business continuity planning is planning the way for your business to return to daily operations after a disruption. A business continuity plan should at least include a business impact analysis where you categorize and determine your most critical business systems and functions.
C
Compliance
In the world of cybersecurity, compliance refers to a set of rules, standards and regulations or laws designed to protect and maintain a secure environment. Examples of regulations where you can be compliant are GDPR, NIS2, industry specific certifications, etc.
Credential stuffing
A type of cyberattack where hackers use stolen username-password pairs from previous data breaches to gain unauthorized access to accounts on other platforms. Since many people reuse passwords across multiple sites, attackers automate login attempts using large databases of leaked credentials. To avoid your credentials being used for credential stuffing, enable multi-factor authentication (MFA) and use unique passwords for each service.
CrowdStrike
CrowdStrike is a global leader in cybersecurity, known for its Falcon platform that delivers cutting-edge protection against cyber threats. By combining AI-driven threat detection, endpoint protection and proactive threat hunting, CrowdStrike helps organizations stay ahead of attackers. As an elite partner, we at Trifork Security work closely with CrowdStrike to provide robust security solutions that keep businesses resilient in an ever-evolving threat landscape. Read more here.
Cyberattack
A cyberattack is a malicious and deliberate act by an individual or a group to compromise the information system of another party. Attackers typically aim to disrupt the victim’s network for personal, financial or political gain. Common types of cyberattacks include phishing, malware and ransomware.
D
Data breach
A data breach – also known as data leakage – refers to any security incident in which unauthorized parties gain access to sensitive or confidential information. This can include personal information (e.g. name, financial information and healthcare data) or corporate data (e.g. customer data and financial information). Common causes of data breaches include hacking, malware, phishing or accidental disclosures.
DDoS
A Distributed Denial of Service attract or DDoS is a malicious attempt to disrupt normal traffic to a targeted server, service or network by overwhelming it with traffic. This is typically achieved by leveraging a network of compromised devices, known as a botnet, which floods the target with requests, making it slow or completely unresponsive. DDoS attacks can vary in scale and complexity, ranging from volumetric attacks that exhaust bandwidth to more sophisticated application-layer attacks that mimic legitimate user traffic to evade detection.
Deep web vs dark web
The deep web is content on the internet that is not indexed by standard search engines (such as Google), including information behind paywalls or pages that require specific access credentials. The deep web is not necessarily illegal or malicious.
The dark web is a subset of the deep web that is purposely hidden and requires specific software to access. Due to its anonymity, it is often associated with illegal activities.
Digital footprint
A digital footprint refers to the trail of data left behind when individuals or businesses use the internet. This can be active, such as the data a company manages, or passive, like old, inactive social media accounts. In cybersecurity, a digital footprint is crucial, as the more data available online, the greater the risk of becoming a target for hackers.
Digital Operational Resilience Act (DORA)
The Digital Operational Resilience Act, commonly referred to as DORA, is an EU regulation that is aimed to improve and standardize digital resilience of the financial sector. Organizations in the financial sector must now follow guidelines for protection, detection, containment, recovery, and repair. DORA introduces clear rules for, for instance, ICT risk management and incident reporting.
E
Encryption
Encryption is a method of securing data by converting it into a coded format that can only be read by someone with the decryption key. It ensures that sensitive information remains protected, especially when being transferred between users or systems.
Endpoint Detection and Response (EDR)
EDR is a cybersecurity technology that continuously monitors endpoints – such as laptops and mobile devices – for potential threats. It detects suspicious activity, automates responses, and helps security teams mitigate attacks before they spread across the network. Since endpoints are common targets for cybercriminals, EDR plays a crucial role in protecting organizations from breaches. Read more about EDR here.
F
Falcon platform
CrowdStrike’s Falcon platform unifies data, security and IT operations, leveraging generative AI and workflow automation to enhance threat detection and response. Built natively in the cloud, it provides real-time protection against cyber threats. To learn more about Falcon, please go here.
Firewall
A firewall is a critical security tool that acts as a barrier between your device or network and external threats. It filters incoming and outgoing traffic, blocking unauthorized access while allowing safe communication.
G
General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is an EU regulation governing data privacy and protection across the European Union (EU) and European Economic Area (EEA). Implemented in 2018, it sets strict guidelines for how organizations collect, process, store and share personal data. GDPR aims to give individuals greater control over their data while ensuring businesses handle information responsibly and transparently. Non-compliance can lead to significant fines and legal consequences.
Governance
Cybersecurity governance refers to the policies, processes and structures organizations use to manage and communicate their security efforts. It ensures that cybersecurity is aligned with business objectives, regulatory requirements and risk management strategies. Effective governance involves defining security roles, setting compliance standards and continuously monitoring threats to protect critical information assets. Read more here.
Guidelines
Guidelines are structured recommendations, best practices or instructions that help employees follow an organization’s cybersecurity policies. They provide practical advice on maintaining security, navigating internal processes and reducing risks. While not always mandatory, guidelines play a crucial role in reinforcing security awareness and promoting a consistent approach to information protection.
H
Hacking/hacktivism
Hacking refers to the act of gaining unauthorized access to computer systems, networks or digital devices, typically to manipulate, steal or disrupt data or functionality. It can be done for various reasons, ranging from malicious intentions to ethical purposes, depending on the hacker’s motivation.
Hackers are categorized based on their motives:
- Black hat hackers use their knowledge and technical skills for malicious purposes, such as stealing data and spreading malware for personal gain or to cause damage.
- White hat hackers (ethical hackers) are cybersecurity professionals who use their knowledge and technical skills to identify and fix vulnerabilities in computer systems and networks. A key aspect of ethical hacking is that ethical hackers always operate with the permission of the organization they are testing.
- Gray hat hackers are somewhere in between black and white hat hackers. They may hack into systems without permission, but they do not typically act maliciously. They may disclose vulnerabilities to the organization they hacked, sometimes demanding a fee.
Hacktivism (hacker + activism) is the use of hacking to promote a political agenda or social change – as the name suggests, it combines the technical skills of hacking with ideals and goals of activism.
Honeypots
Honeypots are decoy systems designed to attract cybercriminals and analyze their attack methods. By simulating real vulnerabilities, honeypots help security teams study threats, develop countermeasures and strengthen defenses. They vary in complexity – from low-interaction honeypots that log basic intrusion attempts to high-interaction versions that allow deeper analysis of hacker behavior. Specialized types, such as malware honeypots, focus on capturing and studying malicious software.
Human firewall
People are often the weakest link in cybersecurity, making security awareness training essential. A well-informed workforce, often referred to as the human firewall, is a crucial defense against phishing, social engineering and other cyber threats. Unlike traditional firewalls that block network attacks, the human firewall relies on employees recognizing risks and acting responsibly. Ongoing education, simulated phishing tests, and a strong security culture help keep employees vigilant and proactive in protecting organizational data.