• Cybersecurity_terms

    By Rhonda Chicone, School of Business and Information Technology  

    Critical data breaches and impactful cyber incidents have finally reached the mainstream audience. In one way this is good since decision makers are becoming more aware of the types of scenarios that could occur, and are taking a second look at how they use various pieces of technology. When security breaches, vulnerabilities, exploits, or other cyber incidents are publicized, what comes along with the reports is new terminology. Most of the time these new terms or phrases have the word “cyber” as a prefix. When you think of cyber, computers should come to mind, but also take into account the Internet and the interconnected nature of our society (think about all the things you own that are connected to the web!). 

    All of this terminology makes it confusing not only for the layperson, but also for a technically versed person in the field. Nevertheless, there are some important terms that everyone should understand when it comes to the cybersecurity landscape.

    What Is a Cyber Threat?

    The basic definition of a cyber threat is a weakness (often referred to as a vulnerability) within information systems or networks that when prodded, or otherwise leveraged, can cause harm. There are several flavors of cyber threats. These include malicious software (viruses, worms, spyware, trojans, etc.), a bug (or poorly designed code) in some part of a software system that can be exploited or cause harm or a negative impact, or simply a type of software that has no bugs at all, but is used in a malicious way than how it was designed.

    Understanding cyber threats are important because individuals and organizations need to first be aware of the types of cyber threats that exist before defending against them. 

    What Is a Cyber Threat Actor?

    A cyber threat actor or threat actor (often referred to as an adversary) is a person or group that targets another person or organization with a motivation. Threat actors can be external or internal to a target, and some can even be involved unbeknownst to them.

    Insider Threats

    One of the most talked about threat actor is an employee, former employee, or someone with vast knowledge of an organization and its information systems (Edward Snowden comes to mind). This type of threat actor is typically referred to as an insider threat. Snowden, for example, disclosed information knowingly, but in many cases, employees may disclose information about an organization without even realizing they did it (a nurse accidentally emailing patient records, for example).


    Another common threat actor is a cybercriminal. These actors use technology to facilitate a crime primarily for profit. Cybercriminals use toolkits to steal individual banking credentials, health care records, or credit card numbers (to name a few things), to sell the data for financial gain.


    Hactivists (think Anonymous or Lulzsec) typically engage organizations as a means of political protest. Their main motivation is to take a website offline for a period of time, or deface webpages of their targets (like graffiti).

    State Sponsored Actors

    State sponsored actors, such as advanced persistent threats, for example, engage in cyber espionage to steal national security secrets, or sensitive intellectual property from a government or organization. These groups can be on a network or information system for a protracted period of time without detection.

    It is important to understand the types of cyber threat actors as to understand their motivation. If you can ascertain an actor’s motivation then you can determine what areas of your organization are at risk as to provide appropriate protection.

    What Is a Cyberattack?

    A cyberattack simply means that the cyber threat actor has succeeded in its goal to steal information, take a website offline, wreak havoc, or otherwise harm a person or organization. The news reports we receive on a daily basis are typically talking about the results of a cyberattack of some sort. There are too many to discuss here.

    A cyber(attack) vector is a vehicle/pathway/tool used by threat actors to gain access to a network or computer. An example would be a phishing email, or a malicious email crafted by a threat actor to trick a person into downloading malicious software.

    It is important to understand the types of cyberattacks and attack methods as to implement prevention methods and to create incidence response plans.

    What Is Cyber Threat Intelligence?

    Cyber threat intelligence is the analysis of data or information that are in the form of indicators that could imply suspicious behavior. These indicators can be found in many places like in logs files, databases, network traces, etc. The ideal tactic is to monitor for suspicious indicators or activities as to understand the cyber threat to prevent a cyberattack from happening.

    Cyber threat intelligence is important to understand as it can help an organization anticipate a future attack as to make sure they are sufficiently prepared to defend it.

    There are many more terms that you need to understand, however this is a good start. Unfortunately, we are going to continue to be bombarded with news stories, as the cybersecurity landscape will continue to get worse before getting better. As we move along, more buzz terms or jargon will also be created. Be aware of that fact and continue to educate yourself.

    Rhonda Chicone is a full-time faculty member at Kaplan University. The views expressed in this article are solely those of the author and do not represent the view of Kaplan University.

    Back to Articles and Publications

  • Learn More About Our Cybersecurity Degree Programs

      • IT - BS in Cybersecurity Teaser

        Bachelor of Science in Cybersecurity

        Learn More
      • IT - MS in Cybersecurity Management Callout

        Master of Science in Cybersecurity Management

        Learn More

Request Information

  • Step 1 of 2

Information Technology


  • US News Promo
  • Paying For School
  • Kaplan Commitment