Master the vocabulary of the sector: an excellent start to reduce risks and adopt the right reflexes in the event of a computer attack.
Knowing what we are talking about with your IT security provider or client is the key to an adequately protected business. The vocabulary of Cyber Security appropriates and assimilates quickly once explained. Do you already have a virus, data, and IP address? Here are the other terms to know.
Here are the terms to Know about Cyber Security
Its role: to protect your corporate network and your devices from an attack from outside. Cyber Security acts as a digital wall of China filters the connections and data that flow internally and externally over the Internet.
It can be hardware if you host your server, or in the form of software installed on the computer, and more generally on the intranet or connected to the Internet.
Using remote servers via the Internet has become the norm for storing data and especially accessing it from anywhere. Many companies also use it for their software and their computing power, so we speak of “cloud computing.” These safes, generally well protected, are, however, not foolproof. Choosing the right cloud solution provider is the first reflex to adopt.
This cryptographic technique has been used since the beginnings of computer science to protect files from prying eyes. To be credible before an IT security professional, the adjective “encrypted” should be used rather than “encrypted” Anglicism.
A document is locked by an algorithm that involves thousands, even millions of arithmetic operations, to decrypt it. A distinction made between symmetric encryption, where the same key encrypts and decrypts, from asymmetric encryption, where an additional private key is required to open the file or an email. Private messaging services like WhatsApp, Telegram, or Viber rely on this system.
BYOD or AP
Coming from the United States, the concept of “Bring Your Own Device” (BYOD) theorizes the fact of using your personal computer, tablet, or smartphone to work. Warning: consulting your professional emails or managing your business remotely from the unsecured Internet network of your home involves “cyber” risks that are often poorly anticipated.
This confusion between personal and professional devices (AP) multiplies the possibilities of contamination by a virus or ransomware, which can then spread to the whole company. Social networks are particularly relevant to watch.
A more effective computer attack replaced the “good old virus” that spread by email and paralyzed the computer. Ransomware is a method of extorting money remotely. By circumventing security measures, a small software installs itself on the computers of a network and comes to encrypt all the data, making them inaccessible. The hackers then send a ransom note to be paid via an untraceable cryptocurrency in exchange for the decryption key, which unlocks the files.
A customer base or order books suddenly accessible to everyone on the Internet can put your structure at risk. Stored online on servers, data, or “data” are sensitive and of interest to hackers as well as the competition. A computer attack or simple negligence on a poorly protected server can lead to a violation of the secret of 21st-century black gold, data, whether in the form of personal contact details or, more dangerous, of identifiers and passwords.
Personal data has a market value that is not always easy to weigh on the black market. When resold, a database of email addresses can use for a rebound attack against a customer or supplier, such as a “phishing” campaign.
“Phishing” or phishing
It starts with an innocent email or Facebook message from a stranger, suggesting opening a link to an excellent promotion or hilarious video. You must then fill in boxes with your data or unblock content by providing your bank card number.
Please note that certified copies of the original sites are also capable of sucking up your precious data in a few seconds. This technique then allows you to resell this raw material to specialists in order, for example, to usurp your identity.
Denial of Service (DoS) attack
This Cyber Security attack involves saturating a network or a website, e-commerce, for example, with an avalanche of simultaneous automatic connections. A branch of pirates has specialized in the contamination of servers or computers, which become “zombies,” and unwittingly participate in this congestion. Hackers can then negotiate to stop this crippling attack.
Data Protection Officer (DPO)
Formalized by European legislation since May 2018 and the famous General Data Protection Regulation (GDPR), the role of the DPO consists in ensuring the compliance of the company in terms of data protection. Thanks to his technical skills and his knowledge of the law, he advises, internally or externally, organizations on safeguards and security measures to be implemented.
It is mandatory to appoint a DPO for companies, regardless of their size, which processes large-scale personal data or those working on sensitive data, such as racial or ethnic origin, union membership, and information on the health.
Vital Operator (OIV)
Identified by the State and divided into 12 activity sectors (energy, transport, health), the discreet OIV are 250 in France and obliged by law to maintain an irreproachable level of IT security. Due to their strategic role in the economy, these organizations and companies are regularly subject to audits. A small company supplying a more massive player in a sensitive area can be ricochet because the new strategy of attackers is to attack the first link in the chain, deemed weaker.
Also Read: What Is PimpAndHost And Why Google Banned It