This glossary covers the tools, threats, and technologies that shape secure, high-performing IT environments – from firewalls and phishing to endpoint protection and multi-factor authentication. Whether you’re managing infrastructure or just want to understand the tech behind your systems, this guide breaks it down in clear, accessible terms.
Glossary of IT & Cyber Security Terms
A
Access Control
Mechanisms that regulate who can access or use resources in an IT environment.
Access Point
A device that allows wireless-equipped computers and other devices to communicate with a wired network.
Adware
Software that automatically downloads adverts when you’re online, such as banner ads and pop-ups
Advanced Email Threat Protection (AETP)
A combination of tools that detect, block, and mitigate sophisticated email-borne threats like phishing, spoofing, and malware.
Advanced Persistent Threat (APT)
A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period.
Application Programming Interface (API)
Software that allows two or more applications or programs to communicate with each other and share information.
Artificial Intelligence (AI)
Technologies simulating human intelligence to automate tasks such as data analysis or anomaly detection.
Average Detection Time
The time it takes to identify a security incident after it begins. Shorter detection times reduce the window of exposure and potential damage.
Average Response Time
This is the time it takes for a team to respond once something needs attention, whether it’s a security threat or a support ticket. In cybersecurity, it means how quickly an issue is acted on after it’s been detected. In day-to-day IT support, it refers to how fast someone replies to a service request or help desk ticket. It’s a key measure for both keeping systems secure and ensuring users get the help they need on time. See also: Security & Compliance Glossary
Antivirus Software
Software used to prevent, detect, and remove malware.
Authentication
The process of verifying user identity before granting system access.
B
Backdoor
A vulnerability in a security system that allows unwanted access to files and data.
Backup
A copy of data stored separately from the main system to prevent loss in case of system failure or other data loss events.
Backup and Disaster Recovery (BDR)
A combined strategy that ensures critical data is backed up and can be quickly restored after disruptions like cyberattacks, hardware failures, or natural disasters. BDR supports business continuity by minimising downtime and data loss. Learn more in our Security & Compliance Glossary
Bandwidth
A measurement of the amount of data that can be transmitted over a network at any given time. The higher the network’s bandwidth, the greater the volume of data that can be transmitted.
Business Continuity
The strategies and systems that allow a business to continue operating during or after a disruption. Often paired with disaster recovery.
Botnet
A network of infected computers, controlled by a hacker, used to carry out various cyber-attacks like DDoS.
Breach
Unauthorised access to confidential data or systems.
Bring Your Own Device (BYOD)
A workplace policy that allows employees to use their personal devices (phones, laptops) for work purposes, which introduces both flexibility and security risks.
C
Cache
A temporary file that stores information on your device to speed things up. For instance a web cache might remember
the last thing you were doing so it can reload a page where you left off.
Captcha
A challenge-response test in the form of an image of distorted text the user must enter to determine whether the user is human or an automated bot.
Chief Information Security Officer (CISO)
Executive overseeing cybersecurity strategies and risk management.
Cloud
A common shorthand for a provided cloud computing service (or even an aggregation of all existing cloud services) is “The Cloud”.
Cloud Computing
Using the internet to access storage, applications, and services.
Cloud Security
Measures and policies to protect data, applications, and services hosted in the cloud. Essential for businesses migrating to cloud infrastructure.
Compliance
Meeting legal, regulatory, and internal security standards relevant to business processes.
Cookie
A small piece of information you may be asked to accept when connecting to certain servers via a web browser. It is used throughout your session as a means of identifying you. A cookie is specific to and sent only to the server that generated it.
Cyber Security
Measures to protect networks, devices, and data from cyber threats.
D
Database
A collection of information organised so that a computer application can quickly access selected information; it can be thought of as an electronic filing system. Traditional databases are organised by fields, records (a complete set of fields), and files (a collection of records). Alternatively, in a Hypertext database, any object (e.g., text, a picture, or a film) can be linked to any other object.
Data center
A data center (data centre / datacentre / datacenter) is a facility used to house computer systems and associated components, such as telecommunications and storage systems. It generally includes redundant or backup power supplies, redundant data communications connections, environmental controls (e.g., air conditioning, fire suppression) and security devices.
Distributed Denial of Service (DDoS)
An attack that disrupts online services by overwhelming them with traffic.
Domain Name System (DNS)
The internet’s address book—it translates user-friendly domain names (like totalgroup.co.uk) into IP addresses that computers use to identify each other.
Denial of Service (DoS)
An attack that seeks to make a machine or network resource unavailable to its intended users by overwhelming it with traffic.
Data Loss Prevention (DLP)
Tools and strategies to stop sensitive data from being accessed or shared improperly.
Data Protection Officer (DPO)
An individual responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR and other data protection laws.
Digital Asset
Intellectual content which has been digitised and can be referenced or retrieved online; for example, PowerPoint slides, audio or video files, or files created in a word processing application, etc.
Digital Review
A regular strategic meeting (usually quarterly or annually) to review your IT setup, security, and goals. It helps ensure your technology is aligned with your business needs, highlights risks, and identifies cost-saving opportunities, all included as part of your service.
Directory
A directory is a space on a computer’s storage drive used to organise files and folders into manageable categories. Much like digital filing cabinets, directories help users structure their data efficiently—whether by application, type, or function, making it easier to locate and manage essential files within business systems.
Disaster Recovery
Disaster Recovery refers to the tools, technologies, and procedures used to restore vital IT systems, applications, and data following a disruption. This could include anything from cyberattacks to hardware failure or natural disasters. The primary aim is to minimise downtime and get critical business operations back up and running quickly and securely.
Disaster Recovery Planning (DRP)
Disaster Recovery Planning is the proactive process of designing a documented strategy to prepare for and respond to IT disruptions. A DRP includes defined roles and responsibilities, detailed recovery procedures, communication plans, and key objectives like RTO and RPO. It ensures your team can act quickly and confidently when incidents occur, reducing risk and improving resilience.
E
Endpoint Security
The practice of securing endpoints or entry points of end-user devices such as desktops, laptops, and mobile devices.
Encryption
The process of converting information or data into a code, especially to prevent unauthorised access.
F
Firewall
A network security device that monitors and filters incoming and outgoing network traffic based on an organisation’s previously established security policies.
Forensics
The application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law.
G
General Data Protection Regulation (GDPR)
A regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.
H
Hardware
The physical devices in your IT world – computers, printers, phones, tablets
Honeypot
A security system set to detect, deflect, or, in some manner, counteract attempts at unauthorised use of information systems.
Hotspot (Wi-Fi)
A physical location where you can gain internet access via Wi-Fi
Hypertext Markup Language (HTML)
The universal language of the internet, used to structure web pages, tell your web browser how to display them and create links between them
I
Identity and Access Management (IAM)
A framework of policies and technologies to ensure that the right individuals access the right resources at the right times, securely and efficiently.
Incident Response
A structured approach to managing cybersecurity events.
Infrastructure
Your entire system – your network, servers, and all your devices
Intrusion Detection System (IDS)
Software that detects unusual activity within networks.
Insider Threat
Security risks that originate from within the organisation—such as employees, contractors, or vendors misusing access either maliciously or accidentally.
IOS
Operating system manufactured by Apple and used exclusively on its hardware
Internet Protocol (IP)
Address A unique number that identifies a device connected to the internet
J
JavaScript
A publicly available scripting language that shares many of the features of Java; it is used to add dynamic content (various types of interactivity) to web pages.
K
Keylogger
Malware that records keystrokes to harvest sensitive information.
L
Learning Management System (LMS)
Software used for developing, using, and storing course content of all types. Information within a learning management system often takes the form of learning objects (see “learning object” below).
Learning Object
A chunk of course content that can be reused and independently maintained. Although each chunk is unique in its content and function, it must be able to communicate with learning systems using a standardised method not dependent on the system. Each chunk requires a description to facilitate search and retrieval.
Least Privilege
Limiting users’ access rights to the minimum needed.
Local Area Network (LAN)
A network of connected devices that spans a small area, such as your office or home
M
Man-in-the-Middle Attack (MITM)
A type of cyberattack where the attacker secretly intercepts and possibly alters communication between two parties.
Malware
Software programs designed to damage or do other unwanted actions on a computer; common examples of malware include viruses, worms, trojan horses, and spyware.
Megabyte
Unit of data equal to one million forty-eight thousand, five hundred and seventy bytes.
Multi-Factor Authentication (MFA)
A security process that requires users to provide two or more ways to prove their identity before they can log in or access systems. For example, after entering a password, you might also need to enter a code sent to your phone or scan your fingerprint. This added layer of protection makes it much harder for attackers to break in – even if they know your password.
Mobile Device Management (MDM)
Software that helps companies manage and secure employees’ mobile devices like smartphones and tablets. MDM ensures devices used for work follow company rules—for example, by remotely installing apps, applying security settings, and wiping data if the device is lost or stolen. It’s especially important for businesses that allow BYOD (Bring Your Own Device) policies.
Modem
A device that enables a computer to send and receive information over a normal telephone line. Modems can either be external (a separate device) or internal (a board located inside the computer’s case) and are available with a variety of features such as error correction and data compression.
Managed Service Provider (MSP)
A third-party company that remotely manages a customer’s IT infrastructure and end-user systems, typically on a subscription basis. MSPs offer services like monitoring, security, backups, and helpdesk support.
N
Network
A group of interconnected computers capable of exchanging information. A network can be as few as several personal computers on a LAN or as large as the Internet, a worldwide network of computers.
Network Monitoring
Network monitoring is the continuous oversight of an organisation’s IT infrastructure to ensure optimal performance and detect issues before they become critical. At Total Group, our advanced monitoring tools track key components such as servers, routers, internet connectivity, storage capacity, security alerts, and more. If a fault is identified, our technical support team is notified immediately, allowing us to respond in line with your preferred protocols—whether that’s taking swift remedial action, coordinating with your internal teams, or simply keeping you informed. This proactive approach ensures minimal disruption and enhanced system reliability.
Network Operating System (NOS)
A specialised operating system for a network device, like a router or firewall
Network Security
Measures taken to protect a computer network from unauthorised access, misuse, malfunction, modification, destruction, or improper disclosure..
O
On-site
At-place-of-work-or-business support, typically provided by a technically qualified individual.
Open-Source Software
Software for which the original source code is made freely available and may be redistributed and modified.
Operating System (OS)
Software that manages a computer’s basic functions, and provides common services for computer programs
P
Patch Management
The process of distributing and applying updates to software to correct errors, vulnerabilities, or improve functionality. Patch management is key to keeping systems protected from known threats.
Penetration Testing
A simulated cyberattack against your computer system to check for exploitable vulnerabilities.
Phishing
A type of cyberattack where attackers impersonate trusted sources – like banks, colleagues, or service providers – to trick users into sharing personal or financial information, often via deceptive emails or websites.
Protocol
The set of rules that allows different devices to communicate with each other.
Proxy Server
A server that sits between a device requesting information, and the server providing that information. For example, it could be a gateway between your laptop and the internet, that stops hackers from reaching your network
Q
Quarantine
The isolation of files suspected of containing malware to prevent further spread and infection.
R
Random Access Memory (RAM)
A form of temporary computer memory that’s usually used to store working data
Ransomware
A type of malware that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.
Recovery Time Objective (RTO)
The maximum acceptable amount of time that a system, application, or process can be down after a failure before it causes significant harm to the business. It answers: “How quickly must we recover?”
Recovery Point Objective (RPO)
The maximum acceptable amount of data loss measured in time – essentially, how far back in time your data can be restored. It answers: “How much data can we afford to lose?”
Remote Monitoring and Management (RMM)
Tools used by MSPs (like Total Group) to monitor client systems remotely, push updates, and respond to incidents without being on-site.
S
Software as a Service (SaaS)
Software as a Service is a cloud-based delivery model where software applications are hosted online by a provider and accessed by users over the internet. Instead of installing software on individual devices, users simply log in through a web browser – making it easy to use, update, and scale.
Security Information and Event Management (SIEM)
A tool that collects and analyses data from across your entire IT system to help detect suspicious activity and cyber threats. It brings together logs and alerts from different sources – like firewalls, servers, and applications – into one place, making it easier to spot unusual behaviour. SIEM systems also help companies meet compliance requirements by tracking and reporting on security events in real time.
Single Sign-On (SSO)
A user authentication process that allows someone to access multiple applications or systems with a single login. Once logged in, users can move between systems without needing to log in again. SSO improves user convenience and enhances security by reducing password fatigue and minimising risky password reuse.
Social Engineering
Tactics used by attackers to manipulate people into revealing confidential information or giving access to systems, often bypassing technical security controls.
Security Operations Centre (SOC)
A dedicated team that monitors and defends against threats.
Software
Any program that performs a specific function. Examples: word processing, spreadsheet calculations, or electronic mail.
Spam
Email spam, also known as junk email or unsolicited bulk email (UBE), is a subset of spam that involves nearly identical messages sent to numerous recipients by email. Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. Spammers collect email addresses from chatrooms, websites, customer lists, newsgroups, and viruses which harvest users’ address books, and are sold to other spammers. They also use a practice known as “email appending” or “epending” in which they use known information about their target (such as a postal address) to search for the target’s email address.
Secure Sockets Layer (SSL)
A standard security technology for establishing an encrypted link between a server and a client.
T
Threat Intelligence
Information about threats and threat actors that helps mitigate harmful events in cyberspace.
Threat Hunting
Proactively searching for signs of threats or attacks inside an IT system —before automated tools raise alarms.
Trojan
A form of malware that looks harmless but conceals a virus
Two-Factor Authentication (2FA)
An extra layer of security used to ensure that people trying to gain access to an online account are who they say they are.
U
User Account Control (UAC)
A feature that only allows authorised users to make changes to a system or device
User Authentication
The process of verifying the identity of a user who is attempting to access a system.
V
Version Control
A system that records changes to a file or set of files over time so developers can track revisions, roll back to previous versions, and collaborate efficiently. Common in software and document management.
Virus
A malicious computer program or code that can copy itself and spread throughout a network, corrupting or damaging data and systems
Virtual Private Network (VPN)
A service that encrypts your internet traffic and protects your online identity by hiding your IP address.
Vulnerability
A weakness in a system that can be exploited by cybercriminals to gain unauthorised access to an asset.
W
Web Application Firewall (WAF)
A firewall that monitors, filters, and blocks data packets as they travel to and from a web application.
Wide Area Network (WAN)
A network of devices that are connected across a wider area than a LAN, and allows you to connect to smaller networks
Whitelisting
A cybersecurity strategy where only pre-approved applications, IP addresses, or email addresses are allowed to function or communicate with the system.
Worm
A type of malware that replicates itself to spread to other devices across a network without human activation
X
Extensible Markup Language (XML)
A markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable.
Y
YARA Rules
A tool used in malware research and detection to identify and classify malware samples.
Z
Zero-Day Exploit
A vulnerability in software that is unknown to the vendor, which hackers can exploit before the vendor becomes aware and hurries to fix it.
Zero Trust
A security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are inside or outside the network perimeter.
Zip File
A file that compresses its contents to create a smaller file that’s easier to share or store
Latest News and Information
- Blog
- Blog
- Blog