Glossary

The Centre for the Protection of National Infrastructure is the UK government body that is responsible for protecting national security by reducing risk to infrastructure from terrorism and other threats.

The CPNI works with government, police, academia and industry to identify and reduce risks to critical national infrastructure.

A cyberattack is deliberate exploitation of computer systems, technology-dependent enterprises and networks. Cyberattacks use malicious code to alter computer code, logic or data, resulting in disruptive consequences that can compromise data and lead to cybercrimes, such as information and identity theft.

The cyber skills gap is a relevant topic globally; and is particularly noticeable in the UK. The demand for skilled cyber security staff far outweighs the amount of skilled professionals currently available in the market. With cyber crime on the increase it has never been more important to focus efforts on improving the skill levels of the workforce to combat rising threat both in the public and private spheres.

The government and companies have responded with initiatives to get more people into the security industry but the skills gap is unlikely to see closure for many years to come.

The Information Commissioners Officer defines a personal data breach is a breach of security standards that result in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of a public electronic communications service.

Data breaches can be devastating to a business and go against the data protection act depending on what data is leaked.

The data security policy of an organisation relates to a set of policies that ensure all users within the domain of the organisation or its networks comply with the necessary security measures. The information security policy protects all of the information stored digitally at any one point in the organisation’s network boundaries.

Popular methods of securing data are encryption, 2- step verification for access and authoritative status controls.

DDoS stands for Distributed Denial of Service and is a commonly known form of cyber attack. DDoS are activated when large swarms of compromised computer systems are directed to attack a target that results in a denial of services for legitimate users of that resource. DDoS attacks are usually focussed toward a server, website or network resource.

The cost of a DDoS attack on the victim business are the cost of recovery from the attack. Indirect costs also occur such as lost productivity and brand damage. Opportunity costs form through lost business opportunities.

Digital forensics is both a process and a set of skills that are focussed on the preservation of any evidence in the case of any wrong doing where a device was involved.

It is in simple terms, a set of detective skills that uncover and interpret information left in electronic data where there was a crime.

Digital forensics is incredibly powerful to investigation and involves information collection, identification techniques and validating digital information for the purpose of reconstructing past events and finding evidence to support a case.

Digital forensics is especially important to the police and also for organisations themselves when they have a data breach.

The Government communications headquarters is responsible for intelligence and information assurance to the British government and armed forces.

The GCHQ’s objective is to keep the country safe and working in conjunction with the Secret Intelligence service and MI5.

Malware stands for “malicious software” and is an umbrella term for any type of software program that is designed to damage or cause unwanted actions on a computer system.

There are many different types of malware including viruses, worms, Trojan horses, spyware and ransomware.

Modern strains of malware are designed to fool even security administrators through evasion and obfuscation techniques – making their eradication harder to implement.

The National Cyber Security Centre is the UK’s authority on cyber security and operates as part of the GCHQ. The NCSC’s objective is to improve the UK’s cyber security standards and resilience against attacks.

The NCSC’s works with organisations to both advise and assist with incident response.

The NCSC works with government agencies, departments, law enforcement, defence and UK intelligence and security agencies to combine intelligence and experience in the effort to fortify the country against cyber crime.

Network security is an umbrella term for the policies and activities that defend and record evidence of unauthorised access, exploitation, modification or denial of the network and network resources.

Effective network security is something that all organisations are striving towards and should not be confused with information security, which includes the security of all forms of information including physical and electronic.

Network security starts with access boundaries for authenticated users and firewalls to enforce network policies. Network security also includes any anti-virus or intrusion prevention strategies and software.

Penetration testing can be an automated process or a manual one, and there is a big increase in demand for human penetration testers in the UK in both the public and private spheres.

Penetration testing refers to a set of activities that are designed to test for vulnerabilities in a organisations cyber security defences.

The process of penetration testing includes information gathering, identifying possible entry points and then attempting to break in and reporting back the findings.

A penetration tester has many techniques in his arsenal, including targeted testing, external testing, internal testing, blind testing and double blind testing.

Phishing is one of the most popular cyber crime activities used by fraudsters. Phishing is a type of fraud whereby the attacker tries to gain log in or account information by pretending to be a legitimate information source from a reputable entity or individual. The most common phishing activities come in the form of emails, IM or other well used communication channels.

Phishing is dangerous if the cover-up is hard to spot – it is down to the end user to be able to identify a legitimate email from a fraudulent one. Phishing is a relatively easy form of fraud to orchestrate and the tactic shows no sign of relenting any time soon.

Security architecture is the design of a networks security and addresses the potential entry points and risks the network may experience.

Designing a security architecture is important because it identifies where resources should be focussed and gives insight in the connection between the different components within the structure.

The design of the security controls within the total architecture largely depend on the organisations approach to risk management, benchmarking and good practice, finances and legal and regulatory considerations.

Spyware can be both malicious and non-malicious such as for tracking purposes. Spyware are pieces of software that are installed or downloaded onto a computer that record activities without the end users knowledge.

Spyware is commonly used in organisations to track employees activities, by marketing teams to track customer engagement with campaigns and for parental controls on children’s screen activities.

When tracking software is abused or for the purpose of trying to grab data that can later be sold on for fraud purposes, the impact can be catastrophic.