Cybersecurity Awareness Month

Safe Practices

The Good Stuff

Bad Guys

Tricky Things

Unwanted

100

Extra copies of computer files that can be used to restore files that are lost or damaged.

Backups

100

Computer programs that can block, detect, and remove viruses and other malware.

Antivirus

100

A collection of computers compromised by malicious code and controlled across a network.

BOTNET

100

Faking the sending address of a transmission to gain illegal entry into a secure system.

SPOOFING

100

The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization.

DATA BREACH

200

A mechanism for creating a secure connection between a computing device and a computer network.

Virtual Private Network (VPN)

200

The protection of digital information, as well as the integrity of the infrastructure housing and transmitting digital information.

CYBERSECURITY

200

Software that is secretly or surreptitiously installed into an information system without the knowledge of the system user or owner.

SPYWARE

200

Unsolicited emails sent to many addresses.

SPAM

200

A flaw or weakness in an information system that could be exploited.

VULNERABILITY

300

Converting data into a form that cannot be easily understood by unauthorized people.

ENCRYPTION

300

A string of characters used to authenticate an identity.

PASSWORD

300

A cybersecurity risk that originates from within an organization.

INSIDER THREAT

300

A computer program that can copy itself and cause harm in various ways, such as stealing private information or destroying data.

VIRUS

300

A type of malware that denies a user's access to a system or data until a sum of money is paid.

RANSOMWARE

400

A process or measure used to verify a user's identity.

AUTHENTICATION

400

Software designed to block malware from entering protected networks.

FIREWALL

400

Software that compromises the operation of a system by performing an unauthorized function or process.

MALWARE

400

An unauthorized user who attempts to or gains access to an information system.

HACKER

400

A cyber event involving loss of data or a breach of security controls by an unauthorized actor.

INCIDENT

500

A replacement for passwords that provide more secure sign-ins to websites and apps across a user's devices.

PASSKEY

500

The ability of individuals to understand and exercise control over how information about themselves may be used by others.

PRIVACY

500

A form of spying conducted for commercial purposes instead of purely national security.

CORPORATE ESPIONAGE

500

Attempting to trick people into revealing sensitive information, often by using emails or fake websites that look like they are from trusted sources.

PHISHING

500

Sensitive information that is found to be stored at a location that does not safeguard it from unauthorized access.

DATA SPILLAGE