---

VPN? HTTPS? What do all these cybersecurity acronyms mean?

This post provides a glossary of 12 of the most common cybersecurity acronyms you may come across, as well as a brief definition of what they mean so that you no longer feel left in the dark.

CAPTCHA (Completely Automated Public Turing Test to tell Computers and Humans Apart)

These are the popular ‘I’m not a robot’ tests used by websites to help fend off bots. CAPTCHAs can help keep websites secure against cyberattacks like bot raids as well as general spam. This post explains how to add CAPTCHA to a website.

CERT (Computer Emergency Response Team)

CERTs are employed by large companies to deal with computer emergencies – which primarily include cyberattacks. On top of responding to attacks, these teams of employees can also monitor networks to detect attacks and introduce new preemptive protective measures.

DDoS attack (Distributed Denial Of Service attack)

A DDoS attack is a type of cyberattack in which cybercriminals attempt to disrupt the flow of traffic to a website. A common way to do this is to flood a website with traffic in the form of bots so that it becomes unusable.

DNS attack (Domain Name Server attack)

A DNS attack is another type of cyberattack in which a cybercriminal redirects traffic from a trusted website to a malicious website. Such attacks can have many purposes – one being to trick customers into entering sensitive information or even paying for products via a fake clone website.

GDPR (General Data Protection Regulation)

Published in 2016, this EU regulation was put in place to give EU internet users control over how websites and applications use their data. All websites and applications that are available to EU users must comply (which includes asking website visitors for consent to access cookies). This guide offers a few tips on how to comply with GDPR.

HTTPS (Hypertext Transfer Protocol Secure)

Copy and paste the address of any website and you’ll notice that the URL starts with either ‘http’ or ‘https’. This added ‘s’ at the end is used to identify whether a website has been declared secure. It is generally a bad idea to enter payment details into a website that does not have ‘https’ at the beginning. To change your website address from ‘http’ to ‘https’ you need to request an SSL certificate (more about this later…).

IP address (Internet Protocol address)

Your IP address is a unique string of numbers that is used to identify your device on a network. Websites and applications use your IP address to send you information relevant to your location and browsing history. Unfortunately, hackers can also use it to exploit personal information about you, so it’s important to know when to protect your IP address (you can read this guide to learn how to protect your IP address).

MFA (Multi Factor Authentication)

Traditionally, logging into an account would solely require a username and password. However, recently many websites and applications have realised that this is not enough to fend off hackers and have switched to MFA (multi factor authentication). This involves asking for a password and extra information – which could include a code sent to your phone, a security question answer, a fingerprint or facial recognition. Accounts that use MFA are generally more secure

MSP (Managed Service Provider)

A MSP is typically a service that is outsourced by a company to provide various IT tasks. This could include simply improving infrastructure and fixing bugs, however it often also includes various cybersecurity tasks such as monitoring your network and responding to attacks. Outsourcing an MSP is typically cheaper and more convenient than hiring in-house IT staff for many companies.

SSL certificate (Secure Sockets Layer certificate)

An SSL certificate is a certificate issued by an authorised organisation that publicly declares whether your website is secure or not. After being successfully granted an SSL certificate, the beginning of your website address will change from ‘http’ to ‘https’. A padlock will also display beside the address bar to let visitors know your site is secure. You can find out more here about applying for an SSL certificate.

VPN (Virtual Private Network)

As mentioned earlier, IP addresses can be exploited by hackers to gain access to sensitive personal information like passwords and bank details. A VPN (virtual private network) can prevent this by hiding your real IP address and replacing it with a new one. Some networks may be so secure that a VPN is not necessary. However, in the case of many public wi-fi connections and basic home wi-fi connections, a VPN is recommended.

WPA (Wi-fi Protected Access)

WPA was a security protocol introduced in 2003. The protocol was designed to provide a better level of security compared to wired internet connections. WPA has gone through various developments – the latest and most current being WPA3.

---