01 Oct FPVG Insights: Cybersecurity Terms to Know
With cybersecurity becoming front-page news, business owners are finding the need to create new strategies to protect their assets and foment a cyber-safe culture in the workplace. There is no need to feel threatened by what seems to be a complicated or menacing subject. Here are a few cybersecurity terms that will help guide you in making the right choices for your security procedures.
Authentication is the process or action that verifies the identity of a user or process. When you travel, you must show your ID (e.g. passport, etc) which includes a picture that usually looks like you and authenticates that the name, age, and address on the document belong to you. In the cyber world, passwords authenticate that you really are the person who corresponds to the username. Some organizations today use a two-factor authentication login process that will require an additional step to confirm the identity of the user.
When referring to information technology, a backup refers to the action of taking the data located on your computer or other device and transferring a copy of it to a secondary location such as an external hard drive or a cloud storage system. This will allow you to recover your system in the case of a cyber-attack or system crash.
In summary, a data breach is an incident wherein information is stolen or taken from a system without the knowledge or authorization of the system’s owner.
A digital certificate is a digital form of identification used to securely exchange data over the internet. It is also referred to as an identity certificate or public key certificate. It is fundamentally a digital file embedded in a device or piece of hardware that provides authentication when it sends and receives data to and from another device or server.
Encryption is when you use codes and ciphers to encrypt data. When data is encrypted, a computer uses a key to turn the data into unintelligible gibberish. Only a recipient with the correct key is able to decrypt the data.
HTTP & HTTPS
Hypertext Transfer Protocol (HTTP) is the protocol used to transfer data over the web. It is part of the Internet protocol suite and defines commands and services used for transmitting web page data. The “S” in HTTPS stands for security since these websites encrypt all the data sent between you and the webserver. Most of the websites today have improved their privacy standards and use HTTPS.
An aspect of your system or software that can be used by hackers to initiate a cyber-attack. Generally, these weaknesses can be found on software bugs that have not been patched up or it can be a password reset process that can be prompted by unauthorized people.
As you continue to increase your understanding of the potential risks in cyber attacks and then take proactive steps to create solid defensive measures of your systems, you are moving ahead in the fight against these attackers. Contact your team of IT Consulting experts today to learn more.
About the author: Wilfredo Vera Pujols, CISA, CDPSE
A skilled consultant in the areas of Internal Audits and Compliance, Vera holds a BBA in Information Services from the University of Puerto Rico Mayaguez and a Master’s in Computer Sciences from the illustrious Polytechnic University of Puerto Rico. He has used his excellent preparation in the last 3 years of his specialty in Auditing and Consulting, Internal Controls, and SOX for our diverse clientele. Among some of his major clients are Evertec, Triple S of Puerto Rico, and Banco Popular, to name a few. We are sure that this ISACA member, along with the expertise of FPV & Galíndez’s skilled Consulting Department will provide strategic solutions for any IT and Cybersecurity needs your organization may have.