As cyber threats continue to evolve, so must our awareness of the core principles that help protect digital lives. In this edition of the ABCs of Cybersecurity, we explore the letters M through P, diving into key concepts that shape today’s security posture. From malware to phishing, these four terms are pillars of both risk and protection in the digital world.
Short for malicious software, refers to any program or file designed to harm, exploit, or otherwise compromise a computer system. This includes viruses, ransomware, spyware, trojans, and worms. Malware can steal data, disrupt operations, and even lock users out of their own systems until a ransom is paid. Regular software updates, antivirus solutions, and user vigilance are critical to defense.
It involves the policies, practices, and tools used to prevent and monitor unauthorized access, misuse, or denial of a computer network. It includes firewalls, intrusion detection systems (IDS), virtual private networks (VPNs), and encryption. A secure network is foundational for protecting sensitive data, especially in organisations where multiple users and devices are connected.
Also known as Open Authorisation) is a secure authorisation framework that allows third-party applications to access user data without sharing passwords. For instance, when you use Google or Facebook to log into another app, OAuth is at work. While convenient, it’s essential to manage what services you’ve granted access to, and revoke permissions that are no longer needed to minimise risk.
It is a cybercrime tactic in which attackers impersonate trustworthy entities like banks, government institutions, or even colleagues to trick individuals into revealing sensitive information. These attacks often come via email, text, or fake websites. Training users to spot suspicious links, double-check sender identities, and avoid clicking unknown attachments is key to defence.
