By Sue Poremba
Hybrid cloud. BYOD. Big Data. Internet of Things. These are terms that have become part of the daily lexicon, not only within the information technology (IT) and cyber security world but also in the main stream. Jargon is integral to IT. They make complicated terms more accessible to the non-technical person, even if they aren’t easier to understand.
Buzzwords are commonplace in IT security, as well, but are they truly understood? As Frank Ohlhorst writes in Tech Republic, “it seems that IT security managers are giving too much power to terms and buzzwords, letting them dictate security best practices.” Ohlhorst goes on to point out that while BYOD is just an acronym that means, simply, Bring Your Own Device (such as when a company allows its employees to use their personally-owned phones, laptops, and other devices to access the network for work purposes), security professionals see it as Bring Your Own Disaster and the beginning of a security nightmare.
Some security buzzwords and jargon are to the point, like ransomware or phishing, while others, like cloud security or compliance, are a little more ambiguous. Here are a few popular terms and what they really mean for security.
It’s easy to lump all security within cloud computing under one term, but it differs between public clouds and private clouds. Private cloud security is approached in the same manner as any other in-house network security, while public cloud security will involve a third-party vendor. In basic terms, Ari Zoldan CEO, Quantum Networks, breaks down “cloud security” as a component of computer security which deals with the policies, technologies, and controls put into place to protect data, applications, and the associated infrastructure of cloud computing, but for IT security professionals, it really needs to be disseminated based on the type of cloud.
It seems like everyone wants to have their company become compliant with all types of rules and regulations meant to keep data secure. That’s a good thing. But for many companies, “compliant” is doing the bare minimum toward data security while claiming the company meets regulatory standards. Real compliance is an on-going process to do everything possible to prevent breaches and other threats.
This is the act of stealing secrets from one company or individual via the Internet with the intent on using them for personal, or more often, political or military, gain. Often this term is used when individuals or groups representing a country or organization infiltrate an “enemy’s” network. Countries like China and Russia and groups like the Syrian Electronic Army are often accused of cyber espionage. This buzzword shouldn’t be confused with cyberwarfare, which consists of different types of threats, including cyber espionage, conducted specifically by nation states.
Data Loss Prevention
Data Loss Prevention (DLP) is often the term used to describe the last point of defense against a cyberattack, but it is actually the strategy and software the security team develops to protect data.
Endpoint Protection Platforms
Gartner explains endpoint protection platforms (EPP) as “a solution that converges endpoint device security functionality into a single product that delivers antivirus, anti-spyware, personal firewall, application control and other styles of host intrusion prevention (for example, behavioral blocking) capabilities into a single and cohesive solution.” It’s an essential need for information security, as every device we use – from our computers to smartphones – is considered an endpoint and needs to be secured. The problem it helps to solve is protecting the overwhelming number and types of devices now being connected to networks.
When it comes to data security, privacy is tricky because what it means to one person (say the employee using BYOD) isn’t what it means to another (say the NSA). For the IT security professional, however, data privacy is ensuring that sensitive information, such as personally identifiable information of customers and others, remains hidden and inaccessible to network intruders.
This is malware, but a very specific type of malware that requires some sort of ransom payment to either remove the malware or to retrieve files that had been encrypted by the malware. Ransomware has been around for a long time, but it made news this year when Cryptolocker encrypted files and then demanded payment in Bitcoin.
This is jargon that gets thrown around a lot, as in “we must develop a risk management program.” But what exactly is risk management? The Information Systems Audit and Control Association describes it this way: “Information risk management defines the areas of an organization’s information infrastructure and identifies what information to protect and the degree of protection needed to align with the organization’s tolerance for risk. It identifies the business value, business impact, compliance requirements and overall alignment to the organization’s business strategy. Once this information has been identified, it can be presented to the business leadership to make decisions about the level of investment (both financial and resource) that should be utilized to create appropriate information protection and risk management capabilities.”
Phishing is one of the oldest forms of malicious social engineering, but it remains one of the most effective because spammers do a good job at luring users to click on malicious links or open malware-laden attachments. It is a specific form of social engineering used to gather personally identifiable information. Phishing emails appear to come from a trusted source, such as a friend or a well-known business. Over time, phishing has evolved to include spear phishing (targeted attempts highly personalized for a specific target) and whaling (phishing scams that target high-profile users and decision makers).
The buzzwords and jargon discussed here are just the tip of the security iceberg, but they represent the terms that are used and often misunderstood within IT security.