Skip to content

A Complete Glossary: 70+ Cyber Security Terms (From A to Z)

June 17, 2019

Those who believe using a long password is all it takes to keep your data secure have a lot to learn.

There is so much more that goes into cyber security. Especially when you consider that the process of securing your data, and your identity, is an absolute must no matter what industry you’re in.

To help on your journey of learning more about cyber security, we’ve compiled over 70 of the most common terms used and defined them for you.

Interested in a specific term? Jump ahead to:

Note: Letters of the alphabet without a relevant term are not listed.

Must-know cyber security terms

As you’ve browsed the internet, you’ve probably run into a lot of terms like “phishing” and “malware” and have been unsure what they mean and how they pertain to you. Now, you don’t have to search for a definition that makes sense, as (almost) everything you need to know is right here.

Ready to expand your cyber security vocabulary? Just keep reading.

A through E

Let’s start at the top!


Admin privilege: Having ultimate control of any given system.

Advanced Persistent Threats: When an unauthorized user invades a network, stays for an extended period of time, and steals data without harming the network.

Adware: Software that automatically displays or downloads material when a user is offline.

Attack vector: The technique a hacker uses to gain access to a computer or network in order to achieve a malicious outcome.

Authenticator: The way in which the identity of a user is confirmed.


Backdoor: An alternative way to access software or hardware, typically unauthorized and implanted by intelligence agencies.

Bitcoin: Cryptocurrency, a form of electronic cash created by Satoshi Nakamoto.

Black hat hacking: Hacking with malicious intent. Typically to gain access to a computer and steal as much data as possible.

Bot: Programs that automatically execute tasks as ordered by the creator of the program that has infected them.

Botnet: A collection of private computers that are infected with malicious software that are being controlled without the owner’s knowledge.

Bug: An error, flaw, failure, or fault in a computer program or system that causes an unintended code interaction.

Brute force attack: When an attacker inputs many passwords in the hope that it is eventually guessed correctly.


CAPTCHA: A test that distinguishes between robots and humans using a website where you have to “prove you’re human”.

Example of CAPTCHA

Catfishing: Creating a fake identity on a social network account, usually a dating website, to target a specific victim for deception.

Closed source: Also known as proprietary software, when the code is hidden from the general public.

Cloud security: The strategies and policies used to protect data applications and cloud system apps.

Cookie: A segment of data sent by an Internet server to the browser that is returned to the browser every time it accesses the server. This is used to identify the user or track their access to the server. Initially, cookies were used to stay logged in but are now commonly used for tracking.

What is a Cookie

Cyber security: A technique for protecting computers, networks, programs, and data from unauthorized access or hackers for exploitation.

Crypojacking: A hacking attack that makes the device mine cryptocurrency, in addition to its normal use.

Related: Read through 50 noteworthy cybercrime statistics


Data breach: When sensitive, protected, or confidential information is intentionally released to an untrusted environment.

Data encryption: Transforming data in such a way that only approved parties can decrypt and access it.

Related: Data encryption doesn't have to cost a fortune. Discover the best free encryption software available on the market right now.

Data protection:
Also known as data privacy and information privacy, the process of safeguarding information so it doesn’t fall into the wrong hands.

Digital security: An all-encompassing term for the tools used to secure your identity, data, assets, and devices.

DoS: Short for denial of service, an attack that disrupts the service to waste time, effort, and money.

DDoS: Short for distributed denial of service, an attack that occurs when multiple systems infiltrate a targeted network. Typically a global attack.

Difference Between DoS and DDoS


Ethical hacking: The practice of locating vulnerabilities and weaknesses in information systems and computers by duplicating the actions and intent of malicious hackers who seek to bypass security and search for gaps in systems that can be exploited.

Evergreen: Software that is in a constant state of updating. Intended to be convenient to the user and meant to disrupt hackers.

F through J

More hot and fresh cyber security terms coming your way!


Firewall: An internet traffic filter meant to stop unauthorized incoming and outgoing traffic.

Firmware: Code that is embedded into the hardware of a computer.

Fileless Malware: Malware operating in-memory.

Flame: Also known as Flamer, sKyWIper, and Skywiper, a modular computer malware discovered in 2012. It attacks computers running on Microsoft Windows.


Hacker: A cyber attacker who uses software and social engineering methods to steal data and information.

Hardware: The physical and tangible parts of a computer, such as the monitor, keyboard, speakers, etc.

Related: Keep reading to find out the difference between hardware and software!

Hash: An algorithm that turns a large amount of data into an encrypted output of fixed length to compare without converting it into plaintext. A hash is a crucial part of blockchain management in cryptocurrency.


Identity check: Confirmation of someone's identity, either using a password or a fingerprint.

Identity theft: The deliberate use of someone else's identity, typically for financial gain.

Information technology: Also referred to as IT, the study or use of computers and telecommunications to store, retrieve, transmit, or send data.

Insider threat: A malicious threat to a group or organization that comes from someone within, like an employee, contractor, or business associate, who has insider information regarding the organization’s data, computer systems, or security measures.

Internet of Things: Also referred to as IoT, is an object that has an internet connection. Can be anything from your dog’s collar, watch, vehicle, hearing aid, and more.

IP address: Also known as an Internet Protocol address, is the string of numbers used to identify each computer using the internet on a network.


Javascript: A language used to create and control the content on a website, allowing you to program the behavior of web pages to do a specified action.

Get 50+ cyber security resources, FREE.    Get my resources →

K through O

This section is shorter than the others, but let’s breakdown the most important terms you’ll need to know.


Kernel: The core of a computer’s operating system that houses the most essential functions of the computer.

Keylogger: A computer program that records keystrokes made by a user. This user is typically unaware that their actions are being monitored and that a hacker now has access to passwords and other confidential data.


Machine learning: The focus of developing programs that access and use data on their own, leading machines to learn for themselves and improve from learned experiences.

Related: Intrigued? Check out the easiest-to-use machine learning software currently on the market!


See the Highest-Rated Machine Learning Software, Free →

Malware: Short for malicious software, is any kind of software designed to damage, or enable unauthorized access, to computer systems.

Metadata: Seemingly harmless impersonal data, like how many times a user clicked or refreshed the page when visiting a website.

Mitigation defense: Software that doesn’t stop hacking from happening, but will mitigate the effects.


NSA: Stands for the National Security Agency and is the official United States cryptologic organization under the Department of Justice. Responsible for global monitoring, collection, and processing of information and data for both foreign and domestic intelligence.


Open source: Software that has their code listed as free to use, share, and modify.

P through T

Don’t stop now! You’re almost done!


Password: A secret word or phrase that is used to access a computer system or service.

Related: Learn how to create a strong password, and actually remember it.

Patch management: A strategy that is in place to manage upgrades for software applications.

Phishing: The method of obtaining user information through fraudulent communications targeted directly at people. This is usually done through emails disguised as coming from a legitimate source but delivers the target’s information back to the hacker’s actual source.

What Is Phishing

Piggyback programs: Programs that are bundled into another program that a user downloads in the hope that the user will select “next” by force of habit and install.

Plaintext: Text that can be read by the human eye, like this article!

Plugins: Customizable additions to software for extra functionality.

Private data: Data that is used to identify you, like your name, address, phone number, or Social Security Number.


Ransomware: A form of malware used to threaten victims by blocking, publishing, or corrupting their data unless the ransom is paid.

ReCAPTCHA: A service from Google that works to protect websites from spam and abuse caused by robots. A user is presented with a Turing test to distinguish them from a robot.

Example of reCAPTCHA

Rootkit: One of the most insidious types of malware, as they are extremely stealthy and difficult to detect by traditional endpoint protection methods. This malware masks its existence and controls the operating system, preventing its detection even further. Hackers use rootkits to access a system and steal information.


Sandboxing: An effort to increase security by isolating processes and browser tabs from one another and the rest of the computer.

Script: A simple form of code for software that can be written in word editors.

Social engineering: The act of taking advantage of human trust to gain access to private information. This can be done as easily as calling a number and asking for it.

Software: The programs and other operating systems used by a computer.

Spoofing: An attack in which a person, or program, disguises themselves as another by falsifying data to gain an advantage or the trust of someone else.

Spyware: A term coined in the mid-1990s to describe malware used to gain access to a user’s systems and monitor their data, files, and behavior. Often used to disable firewall or anti-malware software while consuming CPU activity to increase an endpoint’s vulnerability to attack.

SSL certificate: Standing for Secure Sockets Layer certificate, this authenticates the identity of a website and encrypts the information sent to the server using secure technology.


Trialware: Software that can only be run for a limited amount of time before it expires.

Trojan: A form of malicious software that disguises itself as a harmless computer program but provides threat actors with the ability to execute any variety of attacks that steal information, disrupt functionality or damage data.

Two-factor authentication: Attaching a phone number or email address to an account for heightened security.

Tip: Go one step further and learn the ins and outs of multi-factor authentication!

U through Z

Last but not least….


Virtual Private Network: Also known as a VPN, it allows you to create a secure connection to another network using the internet.

Related: Want to learn more about Virtual Private Networks? Check out these 50 VPN statistics every internet user should know!

Virus: Viruses are typically attached to files, applications or downloads that appear to be non-threatening elements. Once downloaded, opened or executed, the virus can piggyback onto programs to corrupt data or expand throughout a network and damage systems across a company.


White hat hacking: Hacking that is meant to do minimal damage and is usually done out of curiosity.

Worm: Worms predate viruses and have infected systems since mainframes were the only computers in existence. Worms are also capable of self-replication and may spread by exploiting flaws in applications or through social engineering.


Zero-day exploit: A previously unknown, bug, flaw, or backdoor in software. An attack happens once this flaw is exploited and attackers release malware before the flaw can be patched.

The more you know!

With all of these terms, you’re ready to tackle anything and everything that has to do with cyber security.

Don’t stop now! Expand your knowledge even further with these 35+ cyber security statistics and this roundup of women in cyber security who are making a difference. Then, check out how far we've come with the history of computers.

Never miss a post.

Subscribe to keep your fingers on the tech pulse.

By submitting this form, you are agreeing to receive marketing communications from G2.