Work safely, easily, from anywhere, at any time, with any device, in the same way
help-cyber channel for:
- severe credentials compromise, server compromise - extreme severity
- spear phishing (dedicated phishing channel), credentials in data leak, denial of service - urgent
- phishing (dedicated phishing channel), info requests, document review, external consulting and training - average severity
- info requests, document review - not urgent
Glossary
Asset
Any valuable resource for an organization, including data, computing devices, software, network infrastructure and human resources. In the context of information security, assets are mainly related to digital and informational resources, such as data, computer systems, networks, software applications and any other information or resources critical to the functioning and success of the organisation. Assets can be divided into several categories, based on their importance and role within the organization, and protection of these assets is essential to ensure the overall business continuity, reputation and security of the organization
Vulnerability
A weakness or flaw in a computer system, software application or device that can be exploited by an attacker to compromise the security of the system or cause damage. Vulnerabilities can be the result of design, implementation or configuration errors and can allow attackers to perform cyber attacks such as malware infiltration, malicious code execution, theft of sensitive data or system corruption
Cyber threat
Any event, action or agent that has the power to damage or compromise the security of a computer system or the data it contains. The goal of cyber threats may be to gain unauthorized access to sensitive information, damage or alter data, disrupt system operations, or cause other harm. Cyber threat management is critical to protect computer systems and sensitive data, and involves the implementation of security measures, constant vigilance and timely response to security events
Cyber attack
It occurs when an individual or group attempts to compromise the security of a computer system, network or application in order to gain unauthorized access, cause damage or steal sensitive information. Cyber attacks can take many forms, including malware, phishing, ransomware, denial-of-service (DoS), and more
Security incident
Event or series of events that compromise the security of an organisation’s information, computer systems or digital assets, threatening the security of information, including cyber attacks, breaches of data privacy, data loss or damage, system malfunctions, theft of devices containing sensitive information or other situations that threaten the integrity, availability or confidentiality of digital assets. Security incidents can have serious consequences, including the loss of sensitive data, financial damage or to the organization’s reputation and violations of data protection regulations. The management of security incidents includes early identification, response, mitigation and recovery of the consequences of the event in order to limit damage and restore normal operation of the organisation
Malware
Malicious software designed to damage, alter, exploit or compromise the operation of a computer, device or network without your consent. Malware can take many forms, including viruses, worms, trojans, spyware, adware, ransomware and other types of cyber threats. The main purpose of malware is to infiltrate computer systems in order to steal sensitive information, damage data, disrupt operations, extort money or damage the organization’s reputation
Phishing
Type of fraud carried out on the Internet through which an attacker tries to deceive the victims by pretending to be a reliable entity and persuading them, via digital communication, to provide personal information, financial data or access codes
Spear phishing
Cyber attack targeting a specific person or organization through personalized messages (generated by social engineering techniques) that induce the victim to reveal sensitive information or grant privileges that attackers will use to damage the organization’s security
Social engineering
Method used by malicious agents to carry out a cyber attack, using deception and psychological manipulation to obtain sensitive information or access to computer systems. Social engineers exploit human trust and vulnerability to induce people to do things they would not normally do (such as revealing passwords or installing malicious software)
Data breach
Security incident where sensitive, protected or confidential data is made accessible, exposed or stolen by unauthorised persons as a result of cyber attacks, human error or negligence in the management of the data. This may result in breach of privacy, reputational damage, financial loss, fraud, identity theft
Data leak
Type of data breach that involves the unauthorized or accidental disclosure of sensitive, confidential or personal information by an organization to third parties and can occur due to human error, negligence or vulnerability in security systems
DDoS (Distributed Denial of Service)
Malfunction due to a cyber attack coming from many different sources in which the resources of a computer system that provides a service to clients are deliberately exhausted, until it is no longer able to provide the service
0-day
Cyber security vulnerability not known to the developer or the house that produced a certain computer system, also defines the program -exploit- that exploits this vulnerability to allow the execution of actions not normally allowed by the system designer
Patch
Update or modification of software designed to address security vulnerabilities or other flaws in programs or operating systems. Patches are released by software developers in response to the discovery of new vulnerabilities or known security issues
Antivirus
Software designed to detect, prevent and remove computer viruses and other forms of malware from computer devices. This type of software is essential to protect computers and mobile devices from cyber threats, such as viruses, worms, trojans, spyware and other forms of malicious software
Active courses on FBK Academy
- Secure Self-Management (mandatory for System Administrators)
- of PCs
- of Servers
- CyberSecurity
- Joint Lab for Cybersecurity Presentation
- FBK Digital Café | FBK moves towards Zero Trust
- Working smart and safely
- FBK Digital Café | IT Security Management and Awareness, Report on the state of Cybersecurity in FBK
- FBK Digital Café | Proactive defense against cyber attacks in FBK
- IT Webinar by the Digital Solutions and IT Infrastructure Service
- Identification and authentication
- Bitwarden to manage passwords
- Cybersecurity