Glossary

A feature or defect of a system, application or service that allows attackers to bypass security measures.

In information technology, a copy of computer data taken and stored elsewhere so that it may be used to restore the original after data loss.

Large amounts of structured and unstructured data that exceeds the ability of commonly used software tools to capture, manage and process. Big data requires techniques and technologies with new forms of integration to reveal insights from datasets that are diverse, complex, and of a massive scale.

Measurable physical characteristics used to identify an individual, such as fingerprints, iris patterns or facial features.

A digital currency and payment system underpinned by blockchain technology. Bitcoins can be used for online purchases, or converted into traditional currency.

A person that hacks for personal gain and/or who engages in illicit and unsanctioned hacking activities. See also 'grey hat' and 'white hat'.

An act of coercion using the threat of revealing or publicising either substantially true or false information about a person or group unless certain demands are met. It is often damaging information and may be revealed to family members or associates rather than to the general public.

A distributed database that maintains a continuously growing list of records, called blocks, secured from tampering and revision. Each block contains a timestamp and a link to a previous block. By design, blockchains are inherently resistant to modification of the data—once recorded, the data in a block cannot be altered retrospectively.

A list of entities that are not considered trustworthy and are blocked or denied access.

A wireless technology standard used for exchanging data between fixed and mobile devices over short distances using short-wavelength UHF radio waves.

A fake request

A program that performs automated tasks. In a cyber security context, a malware-infected computer that carries out tasks set by someone other than the device's legitimate user.

A collection of computers infected by bots and remotely controlled by an actor to conduct malicious activities without the user's knowledge, such as to send spam, spread malware, conduct denial of service activities or steal data.

When data is lost or subjected to unauthorised access, modification, disclosure, or other misuse or interference. Also referred to as a ‘data spill’.

A cyber security incident that results in unauthorised access to data, applications, services, networks and/or devices by bypassing their underlying security mechanisms.

An organisational policy that allows employees to use their own personal devices for work purposes. These devices connect to and utilise the organisation's network, data and resources.

Wide bandwidth data transmission which transports multiple signals and traffic types. In the context of internet access, broadband is used to mean any high speed internet access that is always on.

The distribution of audio or video content to a dispersed audience via any electronic mass communications medium, but typically one using the electromagnetic spectrum.

Software used primarily to access websites and web content.

Occurs when browser settings are changed without the user's knowledge or consent. The browser may persistently redirect to malicious or other unwanted websites.

The list of web pages a user has visited recently — and associated data such as page title and time of visit — which is recorded by web browser software by default.

An exhaustive process to try and determine a cryptographic key, password or other secret credential by systematically trying all candidates or combinations until the correct one is discovered.

A flaw or error in a software program.

A loosely-defined set of planning, preparatory and related activities which are intended to ensure that an organisation's critical business functions will either continue to operate despite serious incidents or disasters that might otherwise have interrupted them, or will be recovered to an operational state within a reasonably short period.

Attacks that are a form of cybercrime which use email fraud to target business, government and non-profit organisations to achieve a specific outcome which negatively impacts the target organisation.

A dishonest scheme that aims to get money or something else of value from businesses.