Nine cyber security acronyms that you need to know

Some of our security customers are IT experts who are already very familiar with cyber-specific jargon. If you’re not, here’s a quick rundown of ten of the most commonly used terms.

An endpoint is a physical device that connects to a computer network. For example, mobile devices, desktop computers, virtual machines, embedded devices, and servers. These are the weakest parts of your IT estate, and old-style anti-virus software is useless against attacks that target them.

SOC: Security Operations Center. A centralised unit that actively deals with security issues on a technical level. It can be in-house, but for all but the biggest organisations the best option is usually to outsource it to a specialist. Our SOC – one of the first in Scotland – operates 24/7.

AV: Anti-Virus. Software designed to detect, stop and remove viruses and other kinds of malicious software. A few years ago, most cyber attacks used malware, which anti-virus software could deal with. Now, many hackers are much more sophisticated, so new defences are required.

EPP: Endpoint Protection Platform. Software used on endpoint devices to prevent file-based malware attacks, detect malicious activity, and enable security experts to investigate and deal with it.

*An endpoint is a physical device that connects to a computer network. For example, mobile devices, desktop computers, virtual machines, embedded devices, and servers. These are the weakest parts of your IT estate, and old-style anti-virus software is useless against attacks that target them.

CSO/CISO: Chief (Information) Security Officer. A senior-level executive responsible for a company's information and data security. The costs of a data breach can be huge – not just financially but also through downtime and reputational damage – so if you’re wondering whether your organisation needs one the answer is probablyYes.

MDR: Managed Detection and Response. An outsourced service that remotely monitors, detects, and responds to threats. Our strategic partners CrowdStrike are the market leaders in this area. They define MDR as “A cybersecurity service that combines technology and human expertise to perform threat hunting, monitoring, and response. The main benefit of MDR is that it helps rapidly identify and limit the impact of threats without the need for additional staffing.”

SASE: Secure Access Service Edge (SASE) is like a one-stop cloud service that makes networks safe and fast. It puts security closer to users and uses a "trust no one" approach, offering strong protection and smoother connections by skipping the old way of sending everything through one central spot. It's like a smart, cloud-based system that guards data and makes sure people can work online easily.  

SASE was labeled by Gartner as “The Future of Network Security in the Cloud” in 2019.  

2FA/MFA: Two-Factor Authentication/ Multi-Factor Authentication. An extra layer of security that requires the user to enter not just a password and username but also one or more further pieces of information that only they should know or have immediately at hand.

This offers good basic protection without harming the user experience too much, which is why it is very widely used.

DoS: Denial of Service. A powerful cyber attack which hits the targeted computer system with more traffic than it can handle, so it becomes unavailable to its intended users. The attack can be launched from one computer or from many (a Distributed Denial of Service or DDoS).

These attacks have been around for a long time: in 2000, a 15-year-old hacker took down the websites of many companies – including Dell, E-Trade, eBay, and Yahoo – in DDoS attacks that are estimated of have caused over $1billion of damage. And they are still around today – indeed they are increasing strongly.

VAPT: Vulnerability Assessment and Penetration Testing. This can take many forms, but basically it’s a process of trying to find the vulnerabilities in a computer or a network. We offer a wide variety of these services.

Not sure if your organisation’s cyber defences are up to the job? Just get in touch with us and we’ll be happy to explore both the issues and some potential solutions. We’re at hello@silvercloud.co.uk and 0141 552 000.