Managing risk

Ten cyber security terms you should know and understand 

Do you know your ransomware from your malware? Your phishing from your hacking? Here is a quick and easy guide to key terms businesses and employees should be across.



The chances are you’ve probably heard of scary-sounding terms like phishing and hacking before, but do you really know their exact definitions?

These terms are important to understand so you can identify problems and take steps to protect your business, but it can be difficult to get across them.

Here’s a guide to 10 cyber security terms which are important for business owners and employees to learn.

1.       Phishing 

Phishing is where you receive an email, text, call, or social media contact from someone who appears to be a legitimate business such as a bank or telco. In fact, these seemingly genuine messages are really just trying to get your private information.

The ACCC’s Scamwatch says there were 6,324 reports of phishing  in July 2021 (and those are just the ones that get reported!) so it’s worth knowing how to identify these types of calls.

Read up on how to identify phishing scams here.

2.       Malware

Malware is the general term for any type of program that gets inside your computer or device with the aim of causing disruption or damage. Viruses and ransomware are examples of malware. 

Malware often comes via email, social media, or website pop-ups and looks legitimate and interesting, sometimes including logos of recognisable brands they are impersonating. Once you click to download something, you will download the malware.

Malware can be used to do a range of illegal activities, such as use your credit cards and bank accounts and steal your personal information.

3.       Ransomware

Ransomware is a type of malware that blocks access to your computer or your files and demands you pay money in order to unlock them.

The Australian Cyber Security Centre recommends never paying a ransom, as it does not guarantee access will be restored. Instead, seek professional help.

4.       Viruses

Viruses are malicious programs designed to spread from one computer to the other, through files and documents. Computers should have anti-virus software – including employees’ personal devices if working from home.

5.       Hacking

Hacking is when an unauthorised person gains access to your computer or other device. Hackers look to gain access by exploiting security weaknesses until they find a way in. Once they’re in, they can do a lot of damage, from stealing files and information to watching what you’re doing, changing passwords and using your credit cards.

6.       Business email compromise

A business email compromise scam involves scammers impersonating a business or its employees via email and requesting that money be sent to a fraudulent account. This is usually done by hacking into someone’s email or impersonating someone using an email account that looks like theirs. 

The ACCC says $128 million was lost to these types of scams in 2020. 

7.       Identity theft

Identity theft occurs when cybercriminals steal enough of your personal information online to start using your identity. 

Signs of identity theft include seeing usual transactions on your bank statement, mail that you’re expecting not arriving, and receiving strange emails. Make sure to report it to the police straight away and inform other key people such as your bank.

8.       Multi-factor authentication

Multi-factor authentication is a security measure that means someone needs more than one proof of identity before logging in to a site that contains private or sensitive information. This usually includes a password or pin, plus one other method, such as a fingerprint or receiving an SMS message or email with a code. 

Many sites use this already, as it makes it safer in the event a cybercriminal has already stolen someone’s password. See here for how to implement this in your business.

9.       VPN

A virtual private network, or VPN, is a secure way to provide remote access to a network of computers. VPNs work by encrypting all the data that you send and receive. This means others cannot see what you’re doing online, access your personal information or tell where you’re located.

See here for information on VPN services.

10.   Firewall 

A firewall is a security system that monitors and protects incoming and outgoing traffic on a network. It can stop unwanted people from getting access to your network, and block malware.

Also, think about building a ‘human firewall’ through comprehensive staff training in all matters related to cyber security. Check out our resources in this area, which can help. 

For more information on how to protect yourself, download our eBook, Cyber security: helping your business stay safe online.


Explore our next-gen cyber training and resources to defend against online threats to your business. Plans start from only $10/month.