Cyber Security Glossary

AI is Artificial Intelligence. It combines computer science and robust datasets to enable problem solving.  AI is a catchall term for applications that perform complex tasks that once required human input.  It is intelligence demonstrated by computers, as opposed to human or animal intelligence.  'Intelligence' encompasses the ability to learn and to reason, to generalise and to infer meaning.  AI applications include advanced web search engines, recommendation systems, understanding human speech, self-driving cars, generative or creative tools and competing at the highest level in strategic game systems.

Air-gapped systems are computer systems or networks that are physically isolated from other networks, including the internet.

An unambiguous specification of how to solve a class of problems. Algorithms can perform calculation, data processing, and automated reasoning tasks.

When used with AI: Coded instructions that tell an AI tool how to function; step-by-step set of rules that a computer follows to solve a problem or make decisions.

Software that is designed to detect, stop and remove viruses and other kinds of malicious software.

An authentication app is a software application that generates one-time passwords (OTPs) for two-factor authentication (2FA). Two-factor authentication is a security process that requires users to provide two forms of identification in order to access an account or a service.

The authentication app is used as the second factor of authentication when using MFA (multi factor authentication), typically after the user provides their username and password. The app generates a unique OTP that can be used only once, and the user has to enter this OTP along with their username and password to access the account or service.

Examples of popular authentication apps include Google Authenticator, Microsoft Authenticator, and Authy. These apps are commonly used for account logins, online banking, and other sensitive online transactions. Authentication apps offer an additional layer of security and help protect against identity theft, fraud, and other cyber threats.

Biometrics are biological measurements, or physical characteristics, that can be used to identify individuals.

A brute force attack uses trial-and-error to guess login info, encryption keys, or find a hidden web page.

A computer program or system intended to distinguish human from machine input, typically as a way of thwarting spam and automated extraction of data from websites

A Chatbot is a software program that interacts with humans through conversational-style text or voice, as if it were a real person.

An artificial intelligence chatbot launched by OpenAI in 2022.

A senior-level executive who is responsible for an organisation’s information, cyber and technology policies and security.

Cybersecurity and Infrastructure Security Agency

Where shared computer and storage resources are accessed as a service (usually online), instead of hosted locally on physical services. Resources can include infrastructure, platform or software services.

Credential stuffing is the automated injection of stolen username and password pairs (“credentials”) in to website login forms, in order to fraudulently gain access to user accounts.

A user's authentication information used to verify identity - typically one, or more, of password, token, certificate.

Malicious attempts to damage, disrupt or gain unauthorised access to computer systems, networks or devices, via cyber means.

A breach of the security rules for a system or service - most commonly;

• Attempts to gain unauthorised access to a system and/or to data.
• Unauthorised use of systems for the processing or storing of data.
• Changes to a systems firmware, software or hardware without the system owners consent.
• Malicious disruption and/or denial of service.

The overall ability of systems, organisations and citizens to withstand cyber events and, where harm is caused, recover from them.

The protection of devices, services and networks — and the information on them — from theft or damage.

A plan of high-level actions of how the organisation will use cyber security to support and enable organisational goals and objectives.