Top 10 cyber buzzwords that are totally worth the hype
In no particular order
1. Purple Team
Purple teaming is the most common-sense approach to testing cyber defences. It’s a buzzword that isn’t going away anytime soon!
What’s the point in having whitehat hackers test your infrastructure if you aren’t going to learn from it, or test your ability to react to it? Well, there is no point, which is where purple teaming comes in. Purple Teaming combines the benefits of penetration testing with detection and response, giving the recipient a full picture of not just their threat landscape, but also their ability to deflect and defend from those threats.
2. HSSP — Hybrid Security Service Provider
This term came about as a response to PocketSIEM who invented a new way of providing cybersecurity support by offering an escalation point service rather than being a binary entirely hands-off, or completely managed service. Not every company needs to spend crazy money on a fully managed SOC when really they could just benefit from support.
3. SIEM — Security Incident and Event Management (system)
SIEM is tooling that enables a central point for security events, relevant logs, endpoint information, and packet captures. A SIEM should alert based on the data it collects and is usually the core platform for use of any efficient security operations centre.
Think of how challenging it would be to monitor the security of every endpoint in a given environment, whilst making sure the websites were free from attack and the corporate networks were safe. Ouch, that would be a lot of work without a SIEM.
4. Threat Modelling
Threat modelling got a bad reputation for a time, in an industry where hard facts, evidence and context are key, the idea of threat modelling a hypothetical situation raised a few eyebrows.
However, threat modelling an application, a server, service or network is incredibly valuable! Let’s say we split a group of developers into two teams, we ask them both to create an application that requires user input, both apps have to be deemed secure. Team 1 spent 4 hours identifying where there could possibly be attack vectors, how the application should be used vs how it could be used and identifying potential code weaknesses, where team 2 simply submitted the application as complete. Whose app do you expect would be more secure, team 1 or team 2? Team 1 obviously, that’s threat modelling for ya.
On the topic of threat modelling it serves well in ICS/SCADA environments too, it’s ill-advised to scan or pentest production environments at best, but actively pentesting industrial environments is a recipe for disaster. Threat modelling assessments are a brilliant method for these environments as the technology is studied with zero-touch.
5. APT — Advanced Persistent Threat
APT covers the kinds of threats mentioned in the name, advanced and persistent threats, sometimes also referred to as ‘state backed’ threat actors. Not every Tom, Dick, or Sally needs to freak out about APTs despite what the major vendors like to tell you.
If you don’t have the basics covered, no advanced and persistent threat actor is going to burn resources creating elaborate, multi-pronged attacks to catch you out, when a simple sql injection will do. That said, for those companies that do have to concern themselves with APTs, being able to articulate the right language around them and therefore understand the motives and methodologies of APTs is incredibly important.
6. vCISO — Virtual Chief Information Security Officer
Not every company NEEDS to have a CISO (Chief information security officer), despite what you may have heard on the grapevine it’s absolutely okay to have a transient CISO that helps you through audits, times of change, or through a particularly challenging time, such as merger and acquisitions. Furthermore, some companies find that having a CISO helping with specific challenges 1 day a week is enough for them.
This flexibility is why vCISO services are going down a treat with smaller to medium-sized businesses internationally. Many hiring managers are seeing the benefits of cyber security management and applying it in a cost-effective way. Hurrah!
7. Threat landscape
Often banded around quite liberally, try sitting through a panel discussion these days and take a shot of whiskey every time someone utters the words “threat landscape” I guarantee by the end of the chat you’ll be seeing double.
However, this isn’t an empty buzzword. A threat landscape refers to the overall potential for facing threats that are dependent on a number of important factors, such as geographical location, industry, consumer base…etc. A reseller of hair salon products in Vietnam is going to have a vastly different threat landscape to a bank in central London with a history of scandals. Understanding your threat landscape helps your defences stay on track and relevant.
8. Threat hunting
Threat hunting is a great follow from my previous point. Imagine how much time and effort you can save by hunting for threats in your digital infrastructure that actually are relevant to your environment. Threat hunting is the act of hunting for nefarious activities in your environment that may not have been alerted in security tools due to them being custom attacks against your particular business.
Basing your threat hunting activities on your understanding of your threat landscape is a power couple combination that will wipe the floor with Bennifer any day of the week.
9. DevSecOps — (Development, Security and Operations)
Yes it is definitely a buzzword and no it’s hardly ever implemented well BUT all that aside, DevSecOps is a logical, common-sense approach to creating and deploying software securely, what is not to like about that?
DevSecOps tends to fall down because it is often confused with being a specific business function, such as a team, rather than a way of working. Often developers are lumbered with the responsibility of security and labelled devsecops engineers. When approached as a cultural change, supported by technology it can work wonders for the safety of an organisation’s code and products.
10. Ransomware
Yes, ransomware has been talked about to death, every day there is a webinar somewhere about it and it’s one of the leading search terms in cybersecurity-related googling. Yes, it’s a cliche, but with good reason! Falling victim to a ransomware attack could wipe a business in a matter of minutes! Ransomware is scary for many businesses and should absolutely be taken seriously, this one is certainly not simply a buzzword.
Eliza-May Austin is the CEO & Co-Founder of th4ts3cur1ty.company and PocketSIEM
