A notification from a security system that someone is trying to break into a device, system or account.
Anti-Malware Software
Another name for Anti-Virus Software
Anti-Virus Software
Software that scans websites, documents, emails, and attachments going in and out of a system. They try to spot hidden software and codes that could cause damage or lead to the theft of your data.
A program that runs on a computer or device. Often shortened to “App” on phones and tablets.
A way of confirming the identity of somebody who is trying to use or connect to a computer system.
This is a copy of the content (files and documents) stored safely in another location so that if a system is hacked or data is lost, it can be restored.
Block List
A list of websites, email addresses, systems or companies that are prohibited from accessing a system. This means an email server will reject an email from any domain (website address) on the block list.

Notifying your IT department/supplier when you receive suspicious emails helps them keep the block list up-to-date.
Brute Force Attack
A type of security attack where hackers try to crack a password by using every possible password. They can take a long time.

Shorter, simpler passwords are easy to crack as their are fewer potential combinations.

A long password with a mix of special characters, numbers and capital/lowercase letters would take millions of years to crack.
The presence of applications, software or files that should not be on a system.
A token embedded into websites that allows the owner of a website to track where you go online, where you log into and what you look at.
Cyber security
How a company or organisation protects and defends its digital systems against unauthorised access. These systems include hardware, software, data, accounts and information.
Denial of Service (DoS)
An attack that bombards a system with so many connections that it is unable to function.

Similar to when high-demand concert tickets go on sale and the website breaks because so many people are trying to buy tickets.
Where text or data is converted into a code so that it can’t be read by somebody who shouldn’t see it.
A system that monitors incoming and outgoing network traffic to decide whether to allow or block access based on a defined set of security rules.
Someone who attempts to break into computer systems.
Inside Threat
A threat, such as a disgruntled employee, that exists with in an organisation.
A global network that connects the vast majority of computer systems worldwide.
A web system that is entirely internal to an organisation and is not available from the internet.
A piece of software that causes a security problem by sending confidential data out to the malware’s source or impedes the performance of the system.
Multi Factor Authentication (MFA)
Otherwise known as Two Factor Authentification. It may use more than two different identification mechanisms.
A sequence of characters that is used alongside a user ID to access to a computer system.
An application that randomly generates complex, hard-to-crack passwords.
Password Protected
A system that demands a password before a user can access it.
Personal Data
Data that could identify an individual and could be used by intruders for crimes such as identity theft.
A cyber attack where hackers or scammers send a fake email pretending to either be someone that the recipient knows or a service provider (e.g. their bank). The email tries to fool the receiver into handing over personal data or money.
Social Engineering
The process of tricking people into giving up sensitive information by pretending to be an authoritative figure.
Two Factor Authentication (2FA)
A way to improve security by asking users to identify themselves through two different methods. It is used alongside a password and is typically a one-time generated code that is sent via SMS, email or to an authenticator app.
A common alternative term for Malware.