IT Security Glossary – a guide to understanding security jargon


Protecting your business’ data and your customers’ information is vital, but it can also be overwhelming. Many of these concepts are relatively new and the terms we use to explain them are often used interchangeably. Here is a guide to understanding the most commonly used technical terms around cyber security.

Business Continuity Plan (BCP)

This is the strategy an organisation takes to continue their critical business operations after a crisis. The core is a priority list where critical business functions are the focus and tertiary operations are temporarily suspended. Many businesses also include disaster prevention in their plan and implement safeguards to mitigate risk.

Cyber attack 

A deliberate attempt to gain unauthorised access to a computer system. Generally launched from one computer against another computer or network. The goal could be to steal information, to hold a business to ransom, to disable a network or to simply uncover a weakness in an organisation’s system.

Cyber Security 

The practice of preventing unauthorised access to computers, networks or electronic systems. It is generally used interchangeably with ‘IT Security’.

Data breach 

A data breach occurs when protected information, often customers’ data, is accessed by an unauthorised party. This could include full names, tax information and credit card details. Data breaches can happen internally where unauthorised staff access and leak information or externally where outside threats break into the system to steal information.

Disaster Recovery

A specific area of IT security planning covering emergency procedures for recovering critical IT systems in case of an emergency. It includes key recovery team personnel, up to date information on all software and third-party vendors and the steps for restoring information systems following an outage. Disaster Recovery is a subset of a Business Continuity Plan.


A network security service that monitors and blocks unauthorised access. It acts as a defence system for a computer or network and makes sure to block any ‘blacklisted’ data. 


This is the process of taking data or a message and encoding it so that only certain people can read it. It keeps data safe and confidential as it’s sent over the internet. The message contained in an encrypted message is referred to as plaintext. In its encrypted, unreadable form it is referred to as ciphertext.


Malicious Software, or ‘Malware’ is the term given to any program that is designed to cause damage or disruption to a computer, server or network. Common types of Malware are viruses, ransomware and spyware.

Notifiable Data Breach (NDB) scheme

The NDB scheme, managed by the Office of the Australian Information Commissioner (OAIC), says that in the case of a data breach that is likely to result in harm, organisations must notify affected individuals and the OAIC. The mandate applies to any organisation or agency the Privacy Act 1988 covers (which includes any Government agencies and organisations with an annual turnover of more than $3 million). For more information on the NDB visit the OAIC website.  

Two Factor Authentication (2FA)

Also referred to as ‘Two Step Authentication’, 2FA is method of confirming a user’s authorisation when they login to a secure account. It requires users to give not only a password, but another piece of information. Often it will be a code that is sent in real time to the user’s registered phone or email. This acts an extra layer of security to help prevent unauthorised access.


While this list isn’t exhaustive, we hope that it helps you to get your head around some of the terms commonly used. At efex we have IT Security specialists who can work with you to make sure your systems are adequately protected. They can evaluate your technology questions concerning security breach prevention and recovery. For more information, contact us

Latest News

  • January 13, 2021

    What are Managed Services and how do I choose a provider?

    The term ‘Managed Services’ can mean many different things to different people, but what is a Managed Service? In its most basic sense, Managed Services refers to the practice of outsourcing business functions to engage a higher level of professional services whilst reducing costs and streamlining operations. Commonly it refers to technology and is about… View Article
    Read more
  • November 24, 2020

    Tips for a successful Digital Transformation

    Many businesses know that they could be doing things more efficiently. They know they need to rethink old models and processes and undergo a digital transformation. However, just the mention of the term is enough to make people nervous. A digital transformation involves integrating digital technology across your entire business to ultimately improve how your… View Article
    Read more
  • September 28, 2020

    The benefits of a Hosted Phone System, compared to On Premise

    Organisations of all sizes are switching away from an On Premise to a Hosted phone system, but what is the difference and what are the benefits? With an ‘On Premise’ phone system, all hardware needed to run your phones is located on site at the business. It might be in a purpose-built phone closet or… View Article
    Read more