By Trifork Security | 1259 words | Read time: 7 minutes
I
Identity theft
Identity theft occurs when someone steals another person’s personal information, such as financial details, social security number or name, and uses that information without permission. This can lead to fraudulent activities like opening new accounts or making unauthorized purchases, causing financial and personal harm to the victim.
Incident response
Incident Response (IR) is the process of having a well-rehearsed plan to handle an incident. It is a set of procedures and actions that a dedicated team takes to deal with a cybersecurity event, like a data breach, malware infection, or a ransomware attack. A well thought out incident response can minimize damage, reduce recovery time, preserve evidence and improve future prevention and response to incidents.
Insider threat
An insider threat occurs when an individual within an organization—such as an employee, contractor, or business partner – misuses their access to cause harm. This could be intentional, like data theft, or unintentional, like falling for a phishing attack and exposing sensitive information.
Internet of Things (IoT)
The Internet of Things (IoT) refers to a network of physical devices embedded with sensors, software, and network connectivity, enabling them to collect and exchange data with each other and the internet. This interconnectedness allows objects, from household appliances to industrial machines, to analyze and share information without direct human intervention, transforming ordinary objects into smart devices that communicate and work together to streamline processes and enhance functionality.
ISAE 3000 and 3402
ISAE 3402 and ISAE 3000 are both international standards for assurance engagements, but they have different purposes. ISAE 3402 addresses controls at a service organization that are relevant to financial reporting, while ISAE 3000 is a more general standard that can, for instance, be used for cybersecurity- or data privacy-related assurance engagements.
ISO 27001
ISO 27001 is an international standard for Information Security Management Systems (ISMS). It provides a framework for organizations to establish, implement, maintain and continually improve their ISMS. The framework includes policies, procedures and physical controls to ensure robust.
J
Jailbreaking
In cybersecurity, jailbreaking means removing the software restrictions on an operating system, typically on smartphones or tablets. By jailbreaking a device, users gain full access to the root of the OS and can modify system functionalities beyond manufacturer limitations. Although jailbreaking allows users to customize their device, it also poses security risks, such as increased vulnerability to malware and loss of warranty.
Jamming
Jamming is an attack that interferes with wireless communication systems such as Wi-Fi, cellular networks and GPS. The goal of jamming is to flood a network with malicious signals, disrupting communication or even bringing down the network altogether – commonly seen in Denial-of-Service (DoS) attacks.
K
Key management
Key Management refers to the administration of cryptographic keys and includes processes such as generation, secure exchange, storage and eventual disposal of these keys to ensure secure encryption practices.
Keylogger
A keylogger is either a hardware device or malware that records keystrokes on a keyboard. Keyloggers are often used to steal passwords or other personal and financial data.
L
Lateral movement
Lateral movement refers to the techniques cybercriminals use to move deeper into a network after gaining initial access in order to acquire sensitive data or other high-value assets. Common techniques include credential theft, privilege escalation and internal spear phishing.
Living Off the Land attack
Living off the land attacks (LOTL) are a type of cyberattack where the attacker uses built-in, legitimate system tools within the victim’s system to launch an attack. Since LOTL attacks don’t rely on external malware, they can bypass traditional security solutions. Common types include fileless malware and PowerShell-based attacks.
Logging
Logging is the process of recording events and activities that occur within your IT infrastructure, creating a detailed history of what happened, when it happened, and who was involved. These records are stored in files called “logs,” which can be incredibly valuable for security investigations, troubleshooting, and compliance. With regulations like NIS2, proper logging is becoming even more critical for organizations to ensure transparency and accountability in cybersecurity.
M
Machine learning
Machine Learning (ML) is a subset of artificial intelligence (AI) that enables computers to learn from data without explicit programming. Machine learning algorithms identify patterns and make predictions based on them.
Malware
Malware (short for malicious software) refers to any program designed to harm or gain unauthorized access to a computer system. Malware can steal data, corrupt files, or even take control of an entire system. Common types of malware include viruses, worms, and ransomware.
Man-in-the-middle attack
A Man-in-the-middle (MITM) attack is a cyberattack where an attacker intercepts communication between two parties without their knowledge. MITM attacks can be used to steal sensitive information, manipulate data, or eavesdrop on conversations. Common examples include email hijacking and HTTPS spoofing.
Multi-factor authentication
Multi-factor authentication (MFA) is a security measure that requires users to provide multiple forms of identification before gaining access to an account or system. It typically involves a combination of:
- Something you know (e.g., password, PIN)
- Something you have (e.g., authentication token, smartphone)
- Something you are (e.g., fingerprint, facial recognition)
This combination of factors significantly enhances security by reducing the risk of unauthorized access, even if a password is compromised.
N
Network security
Network security refers to the protection of network infrastructure against cyber threats. Other than preventing unauthorized access, network security aims to ensure data integrity, maintain confidentiality, and guarantee availability.
NIS2
The NIS2 Directive is the EU’s legal framework to strengthen cybersecurity and resilience in critical sectors across member states. NIS2 introduces stricter security requirements, mandatory risk assessments, and enhanced incident reporting obligations. In Denmark, the new legislative proposal for the NIS2 directive was introduced on February 6th, 2025, with expected approval before July 1st, 2025. NIS2 imposes stricter cybersecurity and risk management requirements across multiple sectors.
O
Observability
Cybersecurity observability provides real-time insight into network behavior by collecting and analyzing data to detect security incidents, identify vulnerabilities and predict potential threats. Unlike traditional monitoring, observability focuses on understanding why events occur, not just detecting anomalies.
Open-source software
Open-source software (OSS) is software whose source code is freely available for anyone to inspect, modify, and distribute. The open-source model fosters innovation, increases transparency, and reduces costs compared to proprietary software.
P
Password
A password is a string of characters used for authentication. Strong passwords are essential for cybersecurity because they help protect accounts from unauthorized access. Best practices for strong passwords include:
- Using at least 16 characters
- Including a mix of uppercase, lowercase, numbers, and special characters
- Avoiding dictionary words and personal information
- Using a password manager to generate and store passwords securely
Patch management
Patch management is the process of identifying, testing and applying updates (patches) to software, operating systems, and applications to fix vulnerabilities and improve security. Regular patching helps mitigate the risk of exploits and cyberattacks.
Penetration test (pentest)
A penetration test (pentest) is a simulated cyberattack conducted to identify vulnerabilities in a system or network before they can be exploited by malicious actors.
Phishing
Phishing is a social engineering attack where cybercriminals trick users into revealing sensitive information by impersonating trusted entities. Phishing attempts often involve emails, messages, or fake websites designed to steal passwords, credit card details, or other personal data. Common phishing tactics include:
- Urgent requests to reset passwords
- Fake invoices or payment requests
- Malicious links disguised as legitimate websites
Q
Quantum Computing
Quantum Computing leverages quantum mechanics to perform computations at speeds unattainable by classical computers. While still in its early stages, quantum computing could revolutionize cryptography, data security, and complex problem-solving.