Our technical representatives, cybersecurity experts, and IT executives do a lot of great work here at Dataprise. They’re at once teachers and students, using wells of ingenuity to support big ambitions and solve big problems.
However, there are some tech buzzwords that come up again and again in our cybersecurity conversations that we’ve quite frankly heard enough! So, whether you’ve just begun exploring the cybersecurity realm or you’re also tired of hearing the same buzzwords everywhere you look, it helps to call out which terms are overblown. Without further ado, here are our picks for the ten cybersecurity buzzwords we’re tired of hearing.
Top 10 Widely Used Cybersecurity Buzzwords
1. Cybersecurity Awareness
Cybersecurity awareness is how cognizant someone is of common cybercriminal tactics. Yes, it’s important, as some hacks do start with basic human error. However, the term glosses over the sophistication of fraud today and suggests that employee training is the best (or only) way to combat it. Also, the term “cyber vigilance” might be more apt, as we don’t want you to just be aware of things like Multi-Factor Authentication (MFA), we want you to be vigilant in your use of it.
2. AI Security
AI security refers to machine learning and evolving security, and the industry is leaning pretty hard into it. It’s as if “AI-powered” security is the only solution out there. But when asked exactly how it works, the explanations are often vague at best and wrong at worst. Many companies that claim they’re using AI are simply using pattern matching technology.
3. Shift Left
Shift left refers to the practice of focusing on quality from day one of a project in order to identify and fix defects as they arise. Doing later-end QA tasks during an earlier part of the process can help catch errors before they end up derailing a whole project. The downside is that it’s just as likely to create extra work when it’s taken out of context.
4. Cyber Kill Chain
This describes the stages by which criminal attacks and it’s usually used when describing advanced persistent threats. The basic idea is that attackers perform reconnaissance, find vulnerabilities, get malware into victim systems, connect to a command-and-control (C2) server, move laterally to find the best targets, and finally exfiltrate the stolen data. But this term is overused, as one Dataprise cybersecurity expert mentions, and this framework misses many types of attacks. “Saying ‘Cyber Kill Chain’ at any point is a good way to get kicked out of a meeting” he added.
5. Zero Trust
Zero trust network architecture describes the concept of essentially trusting no one and nothing when it comes to both users and devices. By requiring all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated an organization can improve its security posture. However, many seem to think zero trust is a piece of software that can be bought as a one-time purchase. It isn’t, it’s a philosophy that requires discipline to be successful.
6. Whitelist and Blacklist
Of course, the conversation gets a little spicier when you make it sound like a battle between the forces of the universe. Yet given the racial overtones of this one, you might want to change to Allowlist Vs. Blocklist.
7. Digital Transformation
This term refers to how everything from farming to financials is digitizing, but it’s definitely nothing new. This has been going on for a while, and it’s only making headlines because it sounds like some sort of sweeping revolution. How much of your business is running on analog anyways?
S.I.E.M? SEAM? PSYEM? Security information and event management (SIEM) can be used to improve a business’s security because it combines information and event management. The problem is that there isn’t enough standardization in this industry, which means that you don’t always know what you’re getting. Also, we can’t seem to agree on how to say it.
Ransomware is any program that holds information for some type of payment (and it’s worth noting that many companies do pay it). This term is ubiquitous because the crime is ubiquitous, but it doesn’t exactly do much to really explain the problem or how to fix it. Furthermore, most of those asking us about advanced methods to protect themselves from ransomware fail to do simple things, like having an effective backup strategy.
A hacker is an individual who uses a computer, networking, or other skills to overcome a technical problem. It’s often used to describe a criminal because they go outside the lines to cause chaos. However, hackers can also be savvy people who use their powers for good or just someone who thought they were doing something more efficiently only to expose a gap in the system.
When hackers are brought up in our conversations though, it’s usually dismissively. “We’re a smaller company. Why would a hacker come after us?” The truth is every piece of data your company has can be stolen and is worth something. Hackers know this, and so should you.
In Defense of Buzzwords in Cybersecurity
There’s no such thing as a dumb question when you’re discussing cybersecurity. It’s a complex field that we’ll be dissecting for many years to come. Considering its ever-evolving nature, though, it’s better to stay away from cybersecurity buzzwords and instead focus on the specific strategies that keep systems protected.
While many cybersecurity buzzwords and buzzphrases should be retired or replaced, we believe that many of the issues arise from how buzzwords are utilized rather than the terminology themselves. One of the main issues we see is sloppy usage and a lack of contextual understanding and practical application of cybersecurity buzzwords, not the buzzwords themselves—they're just a part of being in a marketed sector. This reinforces the notion that buzzwords are little more than that. Business leaders should see beyond the tech buzzwords and dive deeper into the concepts and ideas to better help support their needs. Don’t know where to start?
Dataprise offers managed cybersecurity to companies so that they can worry less about identifying cybersecurity buzzwords and more about what matters the most, running their business.