CyberDecoded

Whether you're new to security or just need the jargon stripped away; CyberDecoded breaks down the fundamental terms of cybersecurity into plain, easy-to-understand language.

A

Authentication

The process of proving you are who you say you are before accessing a system. Common methods include passwords, security codes, and biometric scans.

Attack Surface

All the possible entry points an attacker could use to get into your systems — like open ports, apps, or even employee emails.

B

Breach

When an unauthorized person gains access to your systems, data, or networks. A breach doesn’t always mean data was stolen, but it means defenses were bypassed.

C

Compliance

Meeting the rules and regulations that apply to your industry’s data security — like HIPAA for healthcare or PCI DSS for businesses that handle credit cards.

Credential Stuffing

A type of attack where criminals use stolen username-and-password pairs (from other breaches) to try logging in to your accounts.

D

Data Encryption

The process of scrambling data so it’s unreadable without the right “key.” Encryption protects sensitive information if it’s stolen or intercepted.

Denial of Service (DoS / DDoS)

An attack that floods a website or service with so much traffic it crashes or becomes unavailable.

E

Endpoint

Any device connected to your network — laptops, phones, servers, or even smart devices. Endpoints are common targets for attackers.

F

Firewall

A security system that monitors and controls incoming and outgoing network traffic, like a barrier between trusted and untrusted networks.

H

Hardening

Strengthening a system by closing security gaps — for example, removing unused apps, patching software, and tightening access controls.

I

Incident Response

The organized process your business follows when a security event happens, from detection to recovery.

Insider Threat

A risk that comes from within the company — like an employee, contractor, or partner who misuses their access.

M

Malware

Short for “malicious software.” Software designed to damage, disrupt, or steal from systems. Examples include viruses, ransomware, and spyware.

Multi-Factor Authentication (MFA)

A login method that requires two or more forms of proof — like a password plus a code sent to your phone.

P

Patch Management

Keeping software up to date with fixes (“patches”) that close vulnerabilities hackers might exploit.

Phishing

A cyberattack where criminals trick you into clicking a link, downloading malware, or giving up information by pretending to be a trusted source.

R

Ransomware

Malicious software that locks up your files or systems and demands payment (a ransom) to unlock them.

S

Social Engineering

When attackers manipulate people into giving up information or access — often through trust, fear, or urgency.

T

Threat Actor

An individual or group that carries out malicious cyber activities, like hackers, cybercriminals, or nation-state groups.

V

Vulnerability

A weakness in software, hardware, or processes that attackers can exploit to gain access or cause damage.