Cybersecurity Terms
Plain-language explanations of common cybersecurity terms, attack techniques, and defensive concepts for small businesses.
Browse by category
Start with a topic area, then drill down into individual terms.
Email & Fraud
Common email scams, payment fraud, impersonation attacks, and social engineering tactics.
8 termsPasswords & Access
Terms related to passwords, authentication, account security, and access control.
5 termsMalware & Ransomware
Malicious software, ransomware attacks, and common ways systems become infected.
9 termsWeb & Application Security
Web application weaknesses, secure development concepts, and common attack techniques.
8 termsNetwork Security
Network attacks, segmentation, firewalls, remote access, and traffic monitoring concepts.
8 termsIncident Response
Terms used during cyber incidents, containment, investigation, recovery, and handover.
8 termsSecurity Operations
Operational security concepts such as logging, monitoring, patching, backups, and hardening.
5 termsRisk & Compliance
Security risk, governance, privacy, POPIA, cyber insurance, and maturity concepts.
5 termsPenetration Testing
Terms related to ethical hacking, vulnerability assessment, exploitation, and remediation.
Featured terms
Useful starting points for understanding everyday cyber risk.
a backup
A protected copy of important data that can support recovery after loss or attack.
Network Securitya firewall
A control that allows or blocks network traffic between devices, networks, and the internet.
Risk & Compliancea vulnerability
A weakness in software, configuration, process, or behaviour that could be exploited.
Security Operationsan asset inventory
A practical list of devices, accounts, systems, services, and data locations the business relies on.
Risk & Compliancean attack surface
The accounts, systems, services, devices, and people attackers could try to target.
Web & Application Securitybroken access control
When users can access data or functions that should be restricted.
Risk & Compliancecyber risk
The chance that a cyber event could cause financial loss, downtime, data exposure, or disruption.
Security Operationsendpoint protection
Security protection for laptops, desktops, and servers against suspicious activity or malware.
Incident Responseincident response
The structured process of containing, investigating, and recovering from a cyber incident.
Malware & Ransomwaremalware
Malicious software designed to steal information, disrupt systems, spy on users, or give attackers access.
Passwords & Accessmulti-factor authentication
An extra sign-in check that helps protect accounts even if a password is stolen.
Network Securitynetwork segmentation
Separating systems into network zones to reduce spread and limit access.
Security Operationspatch management
Keeping software, devices, and systems updated to reduce known weaknesses.
Penetration Testingpenetration testing
An authorised security test that looks for realistic ways systems or applications could be exploited.
Email & Fraudphishing
Fake messages that trick people into clicking links, opening attachments, or giving away sensitive information.
Malware & Ransomwareransomware
Malware that locks or encrypts files and demands payment before access is restored.
Incident Responserecovery in incident response
Restoring safe business operations after containment and investigation.
Web & Application Securityremote code execution
A serious weakness where an attacker may cause a system to run unauthorised commands or code.
Security Operationssecure configuration
Setting systems up safely instead of relying on risky defaults.
Web & Application SecuritySQL injection
A web application weakness where unsafe input can interfere with database queries.