Frequently Asked Questions in the Cyber Security & Cloud Computing Industries.

Every industry has it’s terms, acronyms and abbreviations which can be a bit confusing, even to people in the industry. The Cyber Security and Cloud Computing industry’s are no different.

Below we will try to explain many of the more common abbreviations that you may come across in your journey through our website.

If you don’t find what you are looking for please feel free to drop us an email requesting more information on a specific topic. We will respond to you and add the topic to our growing list of FAQ’s.

Why Cyber Security is important?

Cyber Security is important because of its increasing prevalence in our world. VadeSecure, a partner of found that 91% of cyberattacks start with email and the European Union Agency for Network and Information Security (ENISA) Threat Landscape Report found that 61% of breaches in 2018 affected organisations with fewer than 1,000 employees. Data breaches are no longer the concern of large businesses, they can target everyone from private individuals in small companies to top-level executives in multinational corporations. Every company must be vigilant and prepared to respond to cyberattacks. We strongly advise a Cyber Security Risk Assessment to enable your company to better understand it’s possible vulnerabilities and take action to minimise these risks.

What is GDPR?

GDPR, or the General Data Protection Framework, is a legal framework outlining the regulation in EU law on data protection and privacy for all individual citizens of the European Union and the European Economic Area. Under this framework, companies are also legally bound to disclose any data breaches that they fall victim to.

What are the 3 pillars of cybersecurity :

  1. People – it is essential that employees receive cybersecurity training and are cybersecurity aware. 
  2. Process – this refers to the procedures used to prevent and mitigate against cyberattacks 
  3. Tools – these are techniques and methods used to protect against cyberattacks

What is spear phishing?

Spear phishing is a targeted attempt to extrapolate confidential information from, most commonly, an employee of a company or private citizens. Spear phishing works through the medium of emails sent from a seemingly trustworthy sender. This practice is becoming increasingly popular and effective as demonstrated by VadeSecure’s finding that 91% of cyberattacks start with an email. View our steps to assist in preventing phishing attacks.

What is malware-ransomware?

Malware is a contraction of the term “malicious software” and is an umbrella term used to describe software, files and code, that infect and exploit user data without previous consent. Ransomware is a type of malware, that denies access and locks users out of their device and data until the ransom being demanded is paid.

What is RTO – RPO?

RTO and RPO are the two main components of disaster recovery

RTO – This stands for Recovery Time Objective and refers to how quickly we can get your systems back up and running after an attack. Essentially, RTO determines how quickly your business can be back to normal again. 

RPO – This stands for Recovery Point Objective and refers to how much data can be recovered between two-time points. DR solutions backup data incrementally and at our objective is to get RPO as low as possible. But, let’s talk numbers, our current RPO is 5 seconds. This means that, in the event of an attack, only 5 seconds worth of work will be lost and the rest can be recovered.

What are data backups?

Data Backups are incremental copies of individual files on a particular computer system. Backups allow people to recover files they may have accidentally lost or deleted. Backups differ from disaster recovery in one key way; while backups are copies of files, disaster recovery is a replication of a company’s entire computer system.

What is disaster recovery?

Disaster recovery is a service that gets a company’s systems back up and running in the event of a cyberattack. It does so by constantly storing data and ensuring that, in the event of an attack, only a few seconds worth of work is lost. Unlike a regular backup which is an incremental copy of individual files, disaster recovery is a real-time replication of a company’s entire computer system.

What is penetration testing?

Penetration testing is a method of evaluating a company’s cybersecurity weaknesses or vulnerabilities. It usually involves a white hat hack, where “the good guys” hack a company’s system in order to establish what the security shortcomings are.

What is Black, Grey and White Box Pen Testing?

Black, grey and white box are all types of penetration testing. 

  1. Black box pen test: those carrying out the test do not have access to any company information before performing it. Typically, the tester will only know the name of the company. 
  2. Grey box pen test: this is performed without the tester having detailed knowledge about the company but with limited access to certain company information. It is, in essence, the middle ground between white-box testing and black-box testing.  
  3. White box pen test: those performing the test are provided with some information about the company before carrying out the test. They may have access to IP addresses, network information, etc.

What is CISO as a service (Chief Information Security Officer)?

Unlike a full-time CISO, that can easily demand a six-digit salary in the current market, CISO as a Service is an external specialist or organisation who offers their professional skills on a part-time basis, on-site, remotely or via a combination of the two depending on requirements. They offer their services at a fraction of the cost of a full-time CISO.

What is a cybersecurity breach?

A cybersecurity breach is a situation that arises when an intruder or cybercriminal gains unauthorised access to a company’s computer system or data. Cybersecurity breaches can result in the loss of sensitive data and can greatly impact the reputation and trustworthiness of a company in the eyes of customers.

What is phishing?

Phishing is the practice of sending emails that masquerade as legitimate and trustworthy correspondence in the hope of extrapolating confidential information from the recipient. A key distinction between phishing and spear phishing is that the former is a general attempt and the latter a targeted attempt aimed at a particular individual. At we offer a range of products that will greatly reduce the chances of a phishing attack.

What is Social Engineering?

In the context of information security, social engineering is the act of manipulating someone into revealing or divulging confidential or sensitive information such as passwords.

What is a SOC, Security Operations Centre?

A SOC, or Security Operations Centre, is a system that deals with cybersecurity issues within a company. It consists of two main components:

  1. A skilled security specialist – a competent security expert is key to ensuring the system runs smoothly.
  2. An arsenal of cybersecurity tools – security experts must have the means to protect against the attacks that they have been hired to prevent.

What are cybersecurity tips?

  1. Think twice before clicking on unknown links. 
  2. Ensure that the most secure settings on devices and laptops are selected. 
  3. Ensure that access to company software and systems is limited to those who require it. 
  4. Do not give out any information over the phone without verifying the identity of the caller.  
  5. Have firewalls and business continuity plans in place to both protect against and ensure recovery from cyberattacks. 
  6. Ensure that company staff are trained and cybersecurity aware. 

What have been some of the biggest cybersecurity news stories in 2019?

In May 2019, the Irish Data Protection Commission opened an investigation into Google. The State’s watchdog suspected that EU GDPR privacy rights may have been violated and that user data may have been mishandled. 

In July 2019, Marriott, after announcing that their Starwood hotels had fallen victim to a cyberattack, was handed down a £99.2 million fine from the U.K. Information Commissioner’s Office.

What is the cybersecurity attack surface?

The cybersecurity attack surface is the platform that is exposed to users and through which cybercriminals may gain access to a database or use features to manipulate applications. Companies should aim to reduce their attack surface and hence limit the preventative measures they must take. 

What is a managed SIEM service?

A managed System Information and Event Management, or SIEM, service is a software solution that centralises data across multiple company networks and analyses and detects cybersecurity threats that are specific to a company’s network.

What is an attack vector?

An attack vector is a path that a cybercriminal uses to gain unauthorised access to a company’s system or network.

What are endpoint devices and endpoint protection?

Endpoint protection is software used to secure the various access points to a website and to limit the access points exposed to and able to be exploited by cybercriminals and other users. 

Endpoint devices are devices, such as laptops and tablets, that connect to as well as send and receive information through a network.

What is a bad actor/threat actor?

A bad actor/threat actor is an entity that attempts to exploit the vulnerabilities of and gain access to another entity.