Every industry has its own jargon that can be difficult or even impossible for laypersons to understand. The IT industry is the worst with countless obscure abbreviations and phrases.
An organisation’s IT department is usually also responsible for information security, although the issue is far too important to leave to just one team. Weaknesses in information security can lead to considerable financial losses, not to mention the damage to organisations’ reputations. This is why dialogue between IT and business operations is crucial.
Information security is not just about technology but a key element of an organisation’s culture and processes. It is easy to forget about the overriding importance of information security if its implementation is entrusted to one team alone. Ensuring information security is everyone’s responsibility.
The following is a list of key terms to get the whole organisation talking about information security.
Distributed Denial of Service (DDoS)
Put simply, denial-of-service (DoS) attacks refer to perpetrators flooding an organisation’s network with superfluous requests in an attempt to overload systems and prevent legitimate requests from being fulfilled, similarly to what happens to motorways during a rush hour.
What makes DoS attacks so devilish is the fact that they are extremely easy and cheap to carry out but have the potential to cause substantial damage. At its worst, a DoS attack can completely cripple an organisation for a considerable period of time.
Many perpetrators use what are known as “botnets” to flood the targeted network with traffic from multiple compromised systems. These kinds of attacks are known as distributed denial-of-service (DDoS) attacks.
Botnet
A botnet is a collection of internet-connected devices whose security has been breached and control ceded to a third party. In practice, the compromised devices can be anything from personal computers to smart light switches.
A botnet can comprise thousands of devices that are controlled centrally by a “bot herder”. In addition to denial-of-service attacks, botnets are used for mining cryptocurrencies such as Bitcoin. With the rise of the Internet of Things (IoT) and the growing number of internet-connected devices, botnets are likely to increase both in number and size.
Next Generation Firewall (NGFW)
Traditional firewalls are an effective way to block suspicious network traffic, but they cannot protect systems against modern threats. More than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications to penetrate a traditional stateful firewall. Next Generation Firewall (NGFW) technology comes with a number of sophisticated information security features to block these kinds of attacks. Examples include improved detection of encrypted applications, which is critical as encrypted network traffic increases.
Intrusion Detection/Prevention System (IDS/IPS)
One of the key features of NGFW technology is intrusion prevention, which is designed to protect an organisation’s internal network against attacks from the outside. An intrusion prevention system monitors a network for suspicious activity and performs an analysis to determine whether incoming traffic is safe or poses a threat. The system can be used to block, for example, ransomware, viruses, denial-of-service attacks and attacks exploiting unknown vulnerabilities (“zero-day attacks”).
TLS/SSL encryption
Transport Layer Security (TLS) and its now-deprecated predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. TLS is one of the most commonly employed communications security solutions. The widely used HTTPS protocol, for example, is encrypted using TLS. Secure websites have the letters HTTPS in front of the address (e.g. https://www.dna.fi) and a padlock icon or another symbol to indicate that the connection is encrypted and secure.
Encryption improves information security but also gives cybercriminals new tools. Encrypted traffic accounts for more than 70% of all online traffic, and traditional firewalls are unable to verify the legitimacy of encrypted communications.
