Back to Blog
2 Nov 2023

Demystifying cyber security jargon; a layman's guide to tech terms

In today's digital age, cybersecurity is more critical than ever. From online shopping to social media and remote work, we rely on the internet for various aspects of our daily lives. However, with increased connectivity comes increased vulnerability to cyber threats. To protect ourselves effectively, we need to have a basic understanding of the language of cybersecurity.

In this blog, we'll decode some of the most common cybersecurity jargon, including newer concepts like XDR, EDR, and MDR, making it easier for organisations to choose the right cyber protection.


Let's start with one of the most prevalent threats: malware. Short for 'malicious software', malware is any software designed with harmful intent. It includes viruses, Trojans, worms, ransomware, and spyware. These programs can infiltrate your device, steal data, or harm your computer's functionality. To protect against malware, use reliable endpoint protection software and avoid downloading files from, or visiting untrusted sources.


Phishing is a tactic used by cybercriminals to trick individuals into revealing sensitive information, such as passwords or credit card details. It often involves sending deceptive emails or messages that appear to be from trustworthy sources. Be cautious and implement Cyber Awareness Training for all of your users.

EDR (Endpoint Detection and Response)

EDR, or Endpoint Detection and Response, focuses on monitoring and securing individual devices (endpoints) like computers, laptops, and mobile devices. EDR solutions detect and respond to suspicious activities and potential threats on these devices, helping organisations protect their networks and data.

MDR (Managed Detection and Response)

MDR, or Managed Detection and Response, is a cybersecurity service that provides continuous monitoring, threat detection, and incident response capabilities. Organisations that lack the resources or expertise to manage their cybersecurity can benefit from MDR providers who offer proactive threat hunting and rapid response to security incidents.

XDR (Extended Detection and Response)

XDR, or Extended Detection and Response, is a cybersecurity solution beyond traditional endpoint detection and response (EDR). XDR combines multiple security technologies and data sources, such as EDR, network security, and cloud security, to provide a more comprehensive view of potential threats. It enhances threat detection and response capabilities, helping organisations avoid cyber threats.

Two-factor authentication (2FA)

Two-factor authentication adds an extra layer of security to your accounts. It typically requires something you know (e.g., a password) and something you have (e.g., a mobile phone) to access your accounts. Enabling 2FA helps protect your account even if your password is compromised.


A firewall is a barrier that stands between your device and potential threats on the internet. It filters incoming and outgoing network traffic, allowing legitimate data to pass while blocking malicious content. Most modern operating systems have built-in firewalls, but ensuring they're activated and properly configured is essential.


Encryption is converting data into a coded format to protect it from unauthorised access. When data is encrypted, it can only be decoded with the correct decryption key. This ensures that even if hackers intercept your data, they won't be able to read it without the key. However, hackers also use encryption to encrypt your data if they have infiltrated your network.

Zero-Day vulnerability

A zero-day vulnerability refers to a security flaw in software or hardware that is not yet known to the manufacturer or the public. Cybercriminals can exploit these vulnerabilities before they are patched or fixed, making them particularly dangerous. To stay safe, keep your software and operating systems up-to-date. As a business, you should take responsibility for your infrastructure and deploy services to highlight the risks. Vulnerability Management as A Service is becoming more widely spoken of to protect and adhere to compliance.

DDoS attack

A Distributed Denial of Service (DDoS) attack occurs when multiple compromised devices flood a target system with an overwhelming amount of traffic, causing it to become unavailable. This tactic disrupts online services and websites. Organisations often employ mitigation strategies to protect against DDoS attacks.


A patch is a software update released by a developer to fix known vulnerabilities or bugs in their software. Regularly applying patches is crucial to maintaining the security of your devices and software. Don't delay or ignore these updates; they often include critical security improvements.

VPN (Virtual Private Network)

A VPN is a service that allows you to create a secure and private connection to the internet. It encrypts your internet traffic and hides your IP address, making it difficult for hackers or other malicious actors to monitor your online activities. VPNs are valuable tools for maintaining privacy and security while browsing the web.


Understanding cybersecurity jargon is essential for safeguarding your digital life. By familiarising yourself with these terms and their principles, you can better protect yourself from online threats. Remember to stay vigilant, update your software, use strong passwords, and be cautious when clicking links or sharing personal information.

Cybersecurity is a shared responsibility, and with the proper knowledge, you can play your part in staying safe online, whether you're dealing with traditional threats like malware and phishing or looking to implement newer concepts like XDR, EDR, and MDR.

If you are unsure, err on the side of caution and reach out to the experts at OryxAlign.


cyber security score sheet

Get your cyber security score

Tick 14 questions on our Cyber Security Checklist, and we'll give you a % score on your organisation's security. What will your score be?

Just 14 questions, but if you're unsure of the answers, pass them to your IT Manager or contact us and we'll help, Knowing the weak areas in your cyber security is better than letting the cybercriminals tell you!

Oh, and it's free. You don't even need to fill in a form.

Nathan Charles

By Nathan Charles