In this 4-part series, we explore the risks and safety nets in the world of Cyber Security. Check back for more posts over the next few weeks!
While the first computer malware virus was created purely by mistake, the ever-increasing damage these malicious software attacks do in the digital age is anything but innocent. Following the global pandemic and the rise in work-from-home situations, plus the dependence upon the internet and emails for business, the number of cybercrimes has exploded. We at Metis IT have seen this increase in cyber security threats in 2022, and, unfortunately, we do anticipate these threats to continue to do so.
This exponential growth has been countered by the rapid development of cyber security tools and resources. Individuals and businesses can benefit from understanding the landscape of cyber security and how they can best protect themselves from cyber threats.
AV – Antivirus – Software designed to detect, defend and destroy computer viruses
Cyber Crime – Illegal activity performed using computers or the internet by rogue individuals or organized crime groups
Cyber Security – Also known as “computer security”; protection of systems and data from harm, theft, or unauthorized access against digital attacks
Data Breach – The result of a cyber attack which exposes confidential, sensitive or protected information to an unauthorized attacker
Email Hosting Provider – A company offering email services by renting out and operating its email servers to users
EDR – Endpoint Detection and Response – an enhanced version of antivirus software; an emerging technology that continuously monitors and identifies, then responds to, threats
Firewall – A security device in the form of computer security software or hardware that restricts internet traffic within an individual or company’s private network
IPS – Intrusion Prevention System – A network security tool which monitors a network for malicious attacks and takes action to prevent it through reporting or blocking it when it does occur
Malware – A combination of the words “malicious software”; any software developed to intentionally disrupt a computer, server, or network, expose private information or obtain unauthorized access
MFA – Multi-Factor Authentication (2FA) – An electronic method of securely verifying a user’s identity through (1) knowledge or something only the user knows (password, security questions), (2) possession, something the user has (a phone or email address), and/or (3) inherence, something only the user is or has (biometric methods, such as face or thumbprint recognition)
Password Manager – A computer program which allows users to generate, store, manage, and retrieve passwords from an encrypted digital vault on a phone, tablet or computer
PHI – Protected Health Information – Private information of patients that may or may not identify them; however, due to national HIPPA laws, this particular data must be protected from disclosure.
Phishing – A type of social engineering where the attacker sends a spoofed or fake deceptive message with the purpose of gaining sensitive or private information
PII – Personally Identifiable Information – similar to PHI; identifiable information that must be kept private to maintain the protection of customers
Ransomware – A type of malware threatening a victim’s personal data by blocking access, damaging files or holding hostage critical systems to extort a ransom
Remote Access – Ability for an authorized user to access a computer or system through a network connection when he or she are physically removed from the system’s location
Social Engineering – Refers to psychological manipulation tactic to exploit human error or confuse people into performing certain actions in order to gain access to personal information, valuables or access
SSL – Secure Sockets Layer – An internet security protocol that allows people to do things like purchase items online securely; SSL become the core of the language for safely using the web, now known as HTTP, or Hypertext Transfer Protocol.
VA – Vulnerability Assessment – A process of identifying and prioritizing the potential vulnerabilities in a computer system, application, and/or network infrastructure
Want to continue building your knowledge of cyber security and how cybercriminals target victims? Watch for our next blog post! Of course, you can contact us directly for tools, resources, answers to your cyber security questions or for insurance options from our partners at Brown & Brown. <http://www.bbrown.com/>
Sources: 2021 Coalition Cybersecurity Guide, CyberSecurityGuide.org, Dictionary.com, Wikipedia.org
This post was co-authored with Brown & Brown