The world of cyber security can be intimidating, especially if you’re new to the field. If often feels like cyber security experts are speaking a different language, using jargon and acronyms that can leave newcomers feeling lost and confused. Whether you’re a curious novice or someone who’s just starting their journey in cyber security, we’ve got you covered. In this article, we’ll break down some common cyber jargon to help you navigate this complex world more comfortably. Let’s get started
ACSC (Australian Cyber Security Centre)
The Australian Cyber Security Centre, abbreviated ACSC, is a government agency responsible for enhancing cyber security across Australia. It provides resources, guidance, and expertise to individuals, businesses, and government entities to protect against cyber threats. The ACSC plays a vital role in coordinating cyber security efforts and sharing threat intelligence.
ASD (Australian Signals Directorate)
The Australian Signals Directorate, or ASD, is an Australian government agency that focuses on intelligence and cyber security. It’s responsible for securing government communications and providing cyber security guidance to organisations. The ASD’s cyber security advice is highly regarded and plays a pivotal role in safeguarding Australia’s digital infrastructure.
CompTIA Security+
CompTIA Security+ is a widely recognised entry-level certification in the field of cyber security. It validates the knowledge and skills required to secure networks, systems, and applications. Achieving the CompTIA Security+ certification is an excellent starting point for individuals looking to pursue a career in cyber security.
DDoS (Distributed Denial of Service)
An attack in which multiple compromised computers are used to flood a target system with traffic, causing it to become overwhelmed and unavailable to users.
DEV Tester (Development Environment Testing)
DEV Teter, sometimes referred to as Development Environment Testing, is a critical phase in the software development life cycle (SDLC). It involves assessing and identifying security vulnerabilities in the development stage of software or applications. Cyber security professionals use various tools and methodologies to ensure that potential security flaws are addressed before the product is deployed, reducing the risks of cyberattacks.
Firewall
A security device or software that acts as a barrier between a trusted network and an untrusted network, controlling incoming and outgoing network traffic
IRAP (Information Security Registered Assessors Program)
IRAP, or the Information Security Registered Assessors Program, is an Australian government initiative. It involves certifying individuals and organisations to assess and provide cyber security advice on government systems. IRAP assessors help ensure that government information systems meet security requirements and protect sensitive data.
ISMS (Information Security Management System)
ISMS is a comprehensive framework and set of processes established by organisations to effectively manage, protect, and secure their sensitive information and data assets. It encompasses policies, procedures, risk assessments, and controls aimed at ensuring the confidentiality, integrity, and availability of critical information. ISMS frameworks, such as ISO 27001, provide a systematic approach to identifying security risks, implementing safeguards, and continuously monitoring and improving security measures to mitigate threats and vulnerabilities in a structured and organised manner.
To conclude, navigating the world of cyber security doesn’t have to be overwhelming, even if you’re new to the field. Understanding common cyber jargon is a great first step. We hope this article provides a foundation for anyone looking to learn more about the fascinating world of cyber security. Remember, cyber security is a dynamic field, and continuous learning is key to staying ahead of evolving threats.
ISO (International Organisation for Standardisation)
ISO, which stands for the International Organisation for Standardisation, is a globally recognised body responsible for developing and publishing international standards. In the context of cyber security, ISO standards such as ISO 27001 provide guidelines for establishing and maintaining information security management systems (ISMS). Compliance with ISO standards helps organisations enhance their cyber security practices.
Malware
Malware, short for "malicious software," is a broad term in cyber security referring to any software specifically designed to harm, infiltrate, or compromise computer systems, devices, or networks without the user's consent. Malware encompasses various types, including viruses, worms, Trojans, ransomware, and spyware, each with distinct malicious intents and methods. It can be distributed through infected files, emails, or websites and can lead to unauthorised data access, system disruption, or theft of sensitive information. Protecting against malware is a fundamental aspect of cyber security, involving measures like antivirus software, regular system updates, and user awareness.
Pen Tester (Penetration Tester)
Penetration testers, often shortened to “Pen Testers”, are cyber security experts who specialise in simulating cyberattacks on systems, networks, and applications. Their goal is to identify vulnerabilities that malicious hackers could exploit. They conduct controlled tests to assess an organisation’s security posture, ultimately helping them strengthen their defenses.
Ransomware
Malware that encrypts a victim’s data and demands a ransom for its decryption key.
SIEM (Security Information and Event Management)
A system that collects and analyses security data from various sources to detect and respond to cyber security threats.
Software Development Life Cycle (SDLC)
The Software Development Life Cycle (SDLC) is a structured process used by software developers and organisations to design, develop, test, and deploy software applications or systems. It provides a systematic and organised approach to software development, ensuring that software projects are completed on time, within budget, and with high quality.
2FA (Two-Factor Authentication)
2FA is a security mechanism that requires users to provide two separate authentication factors to access an account or system. These factors typically include something the user knows (like a password) and something the user possesses (like a mobile device or smart card). 2FA enhances security by adding an extra layer of authentication beyond just a password, making it more challenging for attackers to gain unauthorised access.
