At a Glance: Government Cybersecurity Nationwide 7 Cybersecurity Terms to Know The following terms are vital to understanding today’s public-sector cybersecurity landscape.
1. Advanced persistent threats (APTs): APTs
from email to social media. Although
unauthorized access to computer networks
people by using realistic deceptions.
are cyberthreats that allow bad actors to gain and then avoid detection for long periods of time using stealth. While typically linked to
nation-states, APTs can be any cybercriminals who conduct large-scale intrusions. APTs can
cause serious economic, political and national security damage, making them one of today’s biggest cyberthreats.
2. Endpoints: Endpoints are the various devices — such as laptops and mobile phones — that can connect to IT networks. As the number of
endpoints increases, cybersecurity becomes more difficult for agencies. Endpoint
cybersecurity will only grow more important as remote work’s popularity explodes.
3. Malware: Malware refers to any malicious
software that is created for purposely harming computers, networks and IT. Any software that unintentionally damages these technologies is usually called a bug, glitch or vulnerability.
Malware also comes in many forms, ranging from computer viruses to ransomware.
common, phishing works because it victimizes
5. Ransomware: Ransomware threatens to block access to or leak a victim’s sensitive
data unless a ransom is paid. Increasingly prevalent, this malware can also upend
agencies’ operations. Experts often caution
against paying ransomware ransoms, as this money can fund additional cybercrime.
6. Social engineering: Social engineering
occurs when cybercriminals psychologically manipulate people into performing actions such as revealing confidential information.
At agencies, social engineering can interrupt operations, damage public trust or cost
money. Social engineering can come from
any hostile source inside or outside an agency.
7. Zero trust: Zero trust is a cybersecurity
model designed to automatically distrust every device, user or other entity on an IT network. These entities can access
agencies’ resources only after having their identities verified. Zero trust cybersecurity
4. Phishing: Phishing involves attackers
thus covers everything inside and outside
sending fake messages that trick victims into
a network’s perimeter; this philosophy also
malware on their computers. In recent years,
systems and assets.
revealing sensitive information or installing
helps agencies continuously monitor their IT
cybercriminals have phished using everything
4
A GovLoop Guide
