The A-Z Breakdown of IT and Cyber Security Abbreviations
.png)
8 Jan 2025
The A-Z Breakdown of IT and Cyber Security Abbreviations
The IT and cyber security world, like a lot of industries, is full of abbreviations, here is a A-Z breakdown below to help explain some of the widely used terms.
A
AI (Artificial Intelligence):
Technology enabling machines to simulate human intelligence, often used in predictive analytics and threat detection.
APT (Advanced Persistent Threat):
Long-term, targeted cyber attacks designed to steal data or compromise systems.
API (Application Programming Interface):
A set of protocols that allow software applications to communicate with each other.
B
BIOS (Basic Input/Output System):
Firmware used during computer startup to initialise hardware.
BGP (Border Gateway Protocol):
A protocol for routing data across the internet, critical for maintaining global connectivity.
BYOD (Bring Your Own Device):
A policy allowing employees to use personal devices for work, increasing flexibility but introducing security risks.
C
CVE (Common Vulnerabilities and Exposures):
A catalogue of known security vulnerabilities for systems and software.
CISO (Chief Information Security Officer):
The executive responsible for a company's cyber security strategy.
CIA (Confidentiality, Integrity, Availability):
The foundational principles of cyber security ensuring data protection and reliability.
D
DDoS (Distributed Denial of Service):
A cyber attack that overwhelms a system with traffic, causing it to crash.
DNS (Domain Name System):
Translates domain names into IP addresses, enabling web access.
DMZ (Demilitarised Zone):
A network segment that isolates public-facing services from internal networks to enhance security.
E
EPP (Endpoint Protection Platform):
A suite of tools protecting endpoints like laptops and desktops from cyber threats.
EDR (Endpoint Detection and Response):
Solutions that monitor endpoint activities to detect and respond to cyber threats.
EMM (Enterprise Mobility Management):
Tools and policies managing mobile device access to corporate networks.
F
FIM (File Integrity Monitoring):
Tracks changes to files and alerts administrators of unauthorised modifications.
FW (Firewall):
A system that filters incoming and outgoing network traffic to block unauthorised access.
FQDN (Fully Qualified Domain Name):
A complete domain name specifying its exact location in the DNS hierarchy.
G
GDPR (General Data Protection Regulation):
European Union law governing data privacy and protection.
GPO (Group Policy Object):
A Windows feature for managing user and system settings across networks.
GUI (Graphical User Interface):
A visual interface allowing users to interact with software through graphical icons.
H
HIDS (Host Intrusion Detection System):
Monitors a single host for suspicious activities or policy violations.
HTTPS (Hypertext Transfer Protocol Secure):
A secure version of HTTP that encrypts data between the browser and server.
HSM (Hardware Security Module):
A physical device for managing cryptographic keys and secure transactions.
I
IDS (Intrusion Detection System):
Monitors network traffic for suspicious activity and alerts administrators.
IoT (Internet of Things):
Devices connected to the internet, sharing data without human intervention.
ISO (International Organisation for Standardisation):
Develops international standards, including for cyber security (e.g., ISO 27001).
J
JWT (JSON Web Token):
A token used for securely transmitting information between parties, often for authentication.
JCL (Job Control Language):
Used in mainframes to manage job execution.
K
KMS (Key Management System):
Ensures secure handling, storage, and use of cryptographic keys.
KPI (Key Performance Indicator):
Metrics used to measure the success of processes or goals, including IT security performance.
L
LDAP (Lightweight Directory Access Protocol):
Protocol for accessing and maintaining directory information services over a network.
LFI (Local File Inclusion):
A vulnerability allowing attackers to include files from the server in web applications.
LUN (Logical Unit Number):
Identifies devices in a storage environment.
M
MFA (Multi-Factor Authentication):
Security requiring multiple forms of verification to access systems.
MITM (Man-In-The-Middle):
An attack where an attacker intercepts and alters communication between two parties.
MDM (Mobile Device Management):
Tools ensuring secure access to corporate data from mobile devices.
N
NAC (Network Access Control):
Limits access to networks based on device security posture and user authentication.
NIST (National Institute of Standards and Technology):
Provides cyber security frameworks and guidelines.
NGFW (Next-Generation Firewall):
Advanced firewall with intrusion detection, deep packet inspection, and application awareness.
O
OSI (Open Systems Interconnection):
A model describing how data moves through networks in seven layers.
OTP (One-Time Password):
A password that is valid for only one login session or transaction.
ORM (Operational Risk Management):
Identifies and mitigates risks associated with business operations.
P
PAM (Privileged Access Management):
Controls access to accounts with elevated permissions to reduce risks.
PKI (Public Key Infrastructure):
A framework for managing digital certificates and encryption keys.
PII (Personally Identifiable Information):
Data that can identify an individual, such as names or social security numbers.
Q
QoS (Quality of Service):
Manages and prioritises network traffic to maintain performance for critical applications.
QKD (Quantum Key Distribution):
A secure communication method using quantum cryptography.
R
RDP (Remote Desktop Protocol):
Allows users to connect to another computer remotely.
RCE (Remote Code Execution):
A vulnerability enabling attackers to execute malicious code on a target system.
RAID (Redundant Array of Independent Disks):
Data storage virtualisation combining multiple drives for redundancy.
S
SIEM (Security Information and Event Management):
Combines real-time security monitoring and data analysis to identify threats.
SOC (Security Operations Center):
A centralised team managing cyber security incidents and monitoring.
SQL (Structured Query Language):
A programming language for managing and querying databases.
T
TLS (Transport Layer Security):
Encrypts data transmitted over a network, ensuring privacy and security.
TTP (Tactics, Techniques, and Procedures):
Describes the behaviours and methods used by cyber adversaries.
TFA (Two-Factor Authentication):
Adds an extra layer of security requiring two methods of verification.
U
URL (Uniform Resource Locator):
The address of a resource on the internet.
UEBA (User and Entity Behaviour Analytics):
Analyses user behaviours to detect anomalies and potential security threats.
USB (Universal Serial Bus):
A standard interface for connecting devices to computers and transferring data.
V
VPN (Virtual Private Network):
Encrypts internet connections, ensuring secure access over public networks.
VLAN (Virtual Local Area Network):
Segments a network into virtual sections to improve performance and security.
VM (Virtual Machine):
An emulation of a computer system that runs applications independently.
W
WAF (Web Application Firewall):
Protects web applications by filtering and monitoring HTTP traffic for malicious activity.
WAN (Wide Area Network):
Connects computers over large geographic areas.
Wi-Fi (Wireless Fidelity):
A technology for wireless local area networking.
X
XSS (Cross-Site Scripting):
A vulnerability that enables attackers to inject malicious scripts into web pages.
XML (Extensible Markup Language):
A language for defining structured data, commonly used in configuration files.
Y
YARA (Yet Another Ridiculous Acronym):
A tool for malware identification by defining and scanning patterns.
Z
ZTA (Zero Trust Architecture):
A security model assuming no user or device is trusted by default, requiring continuous verification.
ZIP (Zone Information Protocol):
A protocol used for compressing files or transmitting data efficiently.
The above list is not exhaustive however it gives a good insight into the various short abbreviations, their full word meaning and also a relevant headline summary of what is, we hope you find this useful.
LoughTec are cyber security experts.
If you want to find out more on how LoughTec can help protect your business, please see some options below or visit our website.
Click to find out more about how much a cyber attack could potentially cost your business.
Click to find out more about Security Operations Centre SOC 24-7-365 protection.
Click to find out more about Staff Cyber Security Awareness Training.
Click to find out more about Ransomware Protection.
Back Top
