Cryptojacking - Cryptojacking is the unauthorised use of victims’ devices or servers to mine cryptocurrency for illicit profits. Attackers who engage in this form of malicious cryptomining aim to remain hidden in their victims’ computer systems or network for as long as possible to maximise the profits gained from cryptomining.
Cyber Threat Intelligence - also known as threat intel, refers to information derived from the collection and analysis of data about cybersecurity threats to an organisation’s digital infrastructure. CTI helps organisations understand threats and the Tactics, Techniques, and Procedures (TTPs) used by threat actors relevant to them.
Cybersecurity Incidents - Cybersecurity incidents are events that pose a threat to the confidentiality and accessibility of an organisation’s data or assets. They often result from failed or inadequate cybersecurity measures and have the potential to disrupt business operations.
Data Breach - Data breach refers to any cybersecurity incident where sensitive or confidential data belonging to individuals or organisations is accessed by unauthorised personnel. These data include Personally Identifiable Information (PII), private credentials, intellectual property, and other classified information. It is important to note that not all cybersecurity incidents or cyberattacks constitute data breaches, as in the case of Denial-of-Service (DoS) attacks.
Digital Forensics - Digital forensics, a branch of forensics science, deals with the acquisition and analysis of digital evidence. The digital evidence gathered is crucial in investigating cybersecurity incidents or other criminal activities, contributing to legal procedures and incident response efforts.
Distributed Denial-of-Service (DDoS) - A DDoS attack is a cyberattack where attackers disrupt normal operations by overwhelming servers, systems or networks. They accomplish this by using up the limited bandwidth and processing power of these Information Technology (IT) infrastructures, preventing them from responding to legitimate users’ connection requests and data packets.
Incident Response - Incident response, in the realm of cybersecurity, refers to the approach taken by organisations to manage and address cybersecurity incidents. It encompasses a series of procedures, strategies and technologies aimed at efficiently responding to incidents, mitigating adverse effects and restoring operations to their normal state.
Intrusion Detection System - An Intrusion Detection System (IDS) is a cybersecurity tool designed to monitor a network or a system for suspicious activity or policy violations. It works by analysing network traffic or system logs to detect signs of potential threats, such as unauthorised access, malware, or cyberattacks. When an IDS detects suspicious activity, it typically generates an alert for security administrators to investigate, allowing them to respond before significant damage is done.
Malware - Malware, short for malicious software, includes any software intentionally designed to cause harm to a computer, server, or network. Malware can come in many variants, but they share similar objectives: financial gains, disruption and destruction of targeted entities, and political motivations.
NIST Cybersecurity Framework - The NIST Cybersecurity Framework (NIST CSF) is a set of guidelines and best practices developed by the National Institute of Standards and Technology (NIST) to help organisations manage and reduce cybersecurity risk. The NIST CSF provides a flexible and cost-effective approach to improving cybersecurity posture and is applicable to organisations of all sizes and sectors.
Phishing - Phishing is a type of social engineering attack where emails, messages, or social media are used to manipulate individuals into compromising their data security. Threat actors often impersonate trusted entities to deceive victims into clicking malicious links or revealing sensitive credentials and personal information.
Ransomware - Ransomware is a type of malicious software (malware) that blocks a victim’s access to data or a computer system, usually by encrypting it, until the victim pays a ransom fee to the attacker. Attackers often promise to restore the data if the ransom is paid, but these days, victims cannot be sure about this assurance, as the risk of data being destroyed or leaked remains.
SOC 2 Certification - SOC 2 (System and Organisation Controls 2) compliance refers to a certification framework established by the American Institute of Certified Public Accountants (AICPA). It focuses on five key "Trust Service Criteria" that businesses, particularly those handling sensitive data, need to meet to safeguard their systems.