Digitalisation, including cybersecurity

In this section
Glossary of cybersecurity terms

Glossary of cybersecurity terms

  • 5G
    • The fifth generation of mobile network technology providing faster and more reliable internet connections than previous generations. This technology has low-latency making it particularly suited for applications that interact with physical objects - e.g. remote surgery and autonomous vehicle-to-vehicle communication.
  • Application Programming Interface (API)
    • A structured software mechanism for communication between different applications, usually between devices or systems including the web. The mismanagement of API access is an often exploited weakness.
  • Artificial intelligence (AI)
    • An umbrella term that refers to technologies and techniques that enable machines to perform tasks that would typically require human intelligence such as visual perception, speech recognition, decision-making, and language understanding.
  • Augmented reality (AR)
    • A technology that overlays digital information, such as images or text, onto the user's view of the real world.
  • Authentication
    • The process of verifying the identity of a user, device, or system attempting to access a network or application, often requiring a password or biometric information.
  • Big data
    • Refers to the large volume of structured and unstructured data that is generated at a rapid rate and is difficult to process using traditional data processing tools. It can come from various sources such as social media, IoT devices, and transactional systems. Companies use big data analytics to gain insights and make informed business decisions.
  • Blockchain
    • A distributed ledger technology that uses cryptography to secure and validate transactions on a network of computers, making it resistant to modification or tampering.
  • Botnet
    • A network of compromised devices that are controlled by a remote attacker and used to carry out malicious activities, such as DDoS attacks or spamming.
  • Cloud computing
    • The delivery of computing services (including servers, storage, databases, networking, software, analytics, and intelligence) by a third party over the internet. Key benefits are enabling collaboration by users across different organisations and geographics, along with the flexibility to scale system capacity up/down easily. Key challenges are ensuring privacy, data sovereignty and cybersecurity risks are effectively managed.
  • Cyber hygiene 
    • The practice of maintaining good cybersecurity habits and following best practices to protect against threats, such as regularly updating software and using strong passwords.
  • Cyberattack
    • An intentional and malicious attempt to damage, disrupt, or gain unauthorized access to a computer system, network, or device.
  • Cybersecurity
    • The practice of protecting networks, devices, and sensitive information from unauthorized access, use, disclosure, disruption, modification, or destruction.
  • Cybersecurity framework
    • A set of guidelines and best practices for securing computer systems and networks, often developed by government or industry organizations.
  • Defence in depth
    • A cybersecurity methodology using multiple independent layers of security controls to to establish barriers across multiple layers and missions of the organization. If one is compromised, then others will continue to provide protection.
  • Denial-of-service (DoS) attack
    • An attack that floods a system or network with traffic, rendering it unable to respond to legitimate requests. Characteristically it does not lead to unauthorised access, only hinders or prevents normal operation.
  • Digital transformation
    • The process of using digital technologies to fundamentally change how organizations operate and deliver value to customers.
  • Digital twin
    • A virtual replica of a physical asset, process or system. Used for simulation, analysis, and optimization of the corresponding real-world object.
  • Digitalisation
    • The use of digital technologies to change a business model and provide new revenue and value-producing opportunities; it is the process of moving to a digital business.
  • Distributed-denial-of-service (DDoS) attack
    • A type of DoS attack that uses large number of compromised devices (a Botnet) to create an even larger scale flood of network traffic to render the target system unavailable to legitimate users.
  • Encryption
    • The process of encoding information so that it can only be accessed by authorized parties. Often used in data storage and communication to protect sensitive information.
  • Endpoint security
    • A type of cybersecurity that focuses on securing individual devices or endpoints, such as computers or smartphones, from threats.
  • Firewall
    • A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
  • Industry 4.0
    • The fourth industrial revolution follows on from mechanisation, electrification and automation. It is based on using cyber-physical systems to significantly increase operational efficiency. Cyber-physical systems tightly integrate advanced computing capabilities (big data, AI, cloud computing) with physical systems (additive 3D printing, IoT devices, robotics, 5G networks).
  • Infrastructure as a Service (IaaS)
    • Servers hosted on the cloud where users can install and run their own software. Users manage version upgrades and patches. The vendor manages the underlying data centre hardware.
  • Internet of Things (IoT)
    • The interconnectivity of physical devices, vehicles, buildings, and other items embedded with electronics, software, sensors, and connectivity which enables these objects to collect and exchange data.
  • Machine learning (ML)
    • A subset of AI that enables systems to learn from data, identify patterns and make decisions without being explicitly programmed.
  • Malware
    • Malicious software that is designed to harm or exploit a computer system, network, or device, often used to steal sensitive data or gain unauthorized access.
  • Man-in-the-Middle (MITM)
    • A strategy where an attacker inserts themself between a client/user and server and is able to eavesdrop on or manipulate the communication between them. Usually protected against with encryption.
  • Network segmentation
    • The practice of dividing a network into smaller subnetworks to improve security and reduce the impact of a potential breach.
  • Operational technology
    • The technology associated with monitoring and controlling assets such as process plants (including equipment or processes) including DCS, PLC, SCADA, therefore including software and hardware
  • Patch
    • A software update that fixes security vulnerabilities or other issues in a system or application.
  • Phishing
    • A type of social engineering attack in which an attacker sends fraudulent emails or messages to trick users into revealing sensitive information or downloading malware.
  • Platform as a Service (PaaS)
    • Software development toolsets delivered over the internet. Users manage versions of their application. The vendor manages version updates and patches for the underlying toolset
  • Ransomware
    • Malware that encrypts a user's files or data and demands payment in exchange for the decryption key.
  • Smart cities
    • A city that uses technology and data to improve the quality of life for its citizens, enhance sustainability and make the city more liveable and efficient.
  • Social engineering
    • The intentional manipulation of users (including phishing) to disclose protected information or user credentials to an unauthorised person.
  • Software as a Service (SaaS)
    • Software applications delivered over the internet and typically accessed using a web browser. Users can configure but not customise the applications. The vendor manages version updates and patches.
  • Spear phishing
    • A phishing campaign that targets a specific person or group and often will include information known to be of interest to the target, such as current events or financial documents.
  • Two-factor authentication
    • A security process that requires users to provide two forms of identification before accessing a system or application, often involving a password plus a security token or code generated by a separate means such as SMS text.
  • Virtual reality (VR)
    • A technology that creates a computer-generated simulation of a three-dimensional environment, allowing the user to interact with a simulated world.
  • Vulnerability
    • A weakness in a system or application that can be exploited by attackers to gain unauthorized access or cause damage.
  • Whaling
    • A highly targeted phishing attack aimed at senior executives, designed to encourage victims to perform a specific action such as initiating an electronic transfer of funds to the attacker.
  • Zero-day exploit
    • An attack that takes advantage of a previously unknown vulnerability in a system or application, often used to gain unauthorized access.

Acknowledgement: this list includes material generated by Chat GPT. It has been peer reviewed by engineers who are familiar with this topic.

Return to list