Skip to the content

The Essential Cyber Security Glossary All SME's Should Know

The Essential Cyber Security Glossary All SME's Should Know
The Essential Cyber Security Glossary All SME's Should Know

We understand that the world of cyber security can seem daunting and extremely technical. To make some of the concepts we discuss, easier to understand, we’ve created this essential cyber security glossary. Designed, not to include every single cybersecurity term, but the basic ones anyone running an SME (small and medium enterprise) should know.

SME’s might think they are too small to be targeted by cyber criminals, but this is far from the truth. They are often considered easy targets, due to their lack of resources and understanding. To better protect your business from cyberattacks, here is our essential cyber security glossary to get to know.


Anti-virus software

Also known as anti-malware software, these are programmes that scan apps and files downloaded to your devices and blocks malicious ones.

Access control

Instead of having everyone in a company able to access all the information, access control only gives approved people the ability to access certain information.


Secure storage of all the data the company needs to function, kept separately, and updated regularly so it can be accessed in an emergency but not compromised as part of a cyberattack.

Business Continuity Plan

In case of a cyber security disaster, a Business Continuity Plan has all the information needed to keep the business going with as little disruption as possible.

CIA Triad

The concepts of confidentiality, integrity and availability are the core principles of cyber security. Getting to know these will help inform your decision making around cyber security.

Cloud Computing

Resources such as storage and apps that are accessed via the internet and managed by a third party. This is different to have physical computing storage kept on site.


Adhering to guidelines or laws designed for cyber security.


The practice of using plans, tools, and critical thinking to keep digital information safe from unauthorised access or exploitation.


The process of converting sensitive data into a coded language that can only be deciphered by authorised users.


Software that stops unauthorised access to devices when they are connected to the internet.


Refers to any software designed to harm a computer system, steal data, or disrupt normal computer operations. Types of malware can include viruses, spyware, and ransomware.

Multi Factor Authentication

Multiple ways of proving credentials before gaining access to data. For example, having a password and an SMS code set up to fill in before accessing emails.


A group of connected devices that can share resources and communicate with each other. If not properly secured against cyberattacks, the network can be used to infiltrate the multiple devices.  


A complex combination of letters, numbers and special characters used as a method for keeping data secure to only those who know the password. Passwords should be strong and difficult for hackers to guess.

Password Manager

A programme that manages all the passwords for a user, creating, saving, and inputting them into the correct websites and apps. Password managers usually require only one master password to be remembered by the user end employs multi factor authentication to stay secure.

Personal Data

From the UK GDPR “‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

Patch Management

A patch is an update for software, operating systems, or apps that aims to fix a vulnerability or issue. Patch Management is the process of knowing and applying patches proactively.


A policy is a document that sets out guidelines on a project or process and can be used to hold people to account when agreed upon. A cyber security policy could lay out the rules for safe use of devices and digital data in a workplace that employees are expected to follow.  

Social Engineering

The use of convincing lies to trick someone into giving out sensitive information or access to a system. Examples of social engineering tactics include phishing emails, phone scams, and impersonation.

Threat Actor

An individual or group that poses a threat to a company's security. This could be a hacker or a malicious insider.


A weakness in cyber security that can be exploited. An example of this is a password that is easy to guess or not having multi-factor authentication set-up.


Cyber security is a complex and ever-evolving field, but by understanding some key terms and words, you can improve your security and protect your business from potential cyber threats. Now you’ve read our essential cyber security glossary, you should feel more confident on the concepts you need to protect your business with.

This is where IT support companies like Fuse Collaboration Services come in, helping SMEs to protect themselves from cyber threats. By ensuring your devices and systems have adequate protection against malware, training your staff to recognise social engineering scams, securing your networks, and using encryption to protect sensitive data, we help SME’s significantly reduce their risk of cyberattacks. Don't wait until it's too late – take action now to secure your business against cyber threats

About the author


Fuse is a Microsoft Gold Certified Partner, based in Northampton. We help organisations of all sizes to maximise IT efficiencies through the use of Microsoft cloud computing solutions.

comments powered by Disqus

Let's talk.

We'd love to hear from you :0)