Lightstream and Cloudflare invite you to a festive celebration for the whole family. Come and enjoy the enchanting holiday spirit and create lasting memories at our Holiday Open House in Scottsdale, AZ. Register to reserve your spot and get your picture taken with a winter scene.
Our hand-picked technology partners amplify our ability to architect and implement multi-vendor solutions, enabling seamless, secure, and efficient integration of cloud and next-generation networks into a single easy-to-manage solution.
Advanced Persistent Threat This is a mostly nation-state-sponsored attack that aims to compromise an organization to carry out espionage or carry out goals while remaining undetected for a long time.
Amazon Web Services (AWS)
Amazon AWS is a subsidiary of Amazon providing on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go basis. Launched in 2006, AWS offers a broad set of global cloud-based products including compute power, storage options,(...)
AWS DLP Data loss prevention (DLP) is a tool admins use to classify data and set authorization policies to access that data. It helps organizations that store data in AWS keep their sensitive data safe from corruption, disclosure, and theft.
Bad Rabbit A strain of ransomware (first appearing in 2017) and suspected variant of Petya. Like other ransomware, bad rabbit infections lock up victims’ computers, servers, or files to prevent them from regaining access until they pay a ransom.
Botnet A group of computers or devices under an attacker’s control with the goal of performing malicious activity against a targeted victim.
Bring Your Own Device (BYOD) A policy that allows employees to bring their personal laptops and smartphones to work and connect them to the corporate network.
Browser Isolation A virtualized browser strategy that’s far more secure than traditional methods.
Brute-Force Attack A password-cracking method cybercriminals use to discover account credentials—like passwords.
CEO Fraud This fraud falls under the umbrella of phishing, but instead of attackers spoofing a popular website, they spoof the CEO (or other C-suite executive) for the targeted business.
Cerber Ransomware First discovered in 2016, this ransomware acts as ransomware as a service (RaaS) malware. Anyone can deploy it, with or without coding skills.
Chief Information Security officer (CISO) The person responsible for designing cybersecurity strategies used to protect corporate data and assess risk across the organization. Their job is to improve cyber defenses.
Clone Phishing An email-based threat where attackers clone real email messages with attachments and resend them pretending to be the original sender.
Cloud Archive A cloud-based archiving solution that stores data offsite (on cloud servers) where admins can provision necessary resources to ensure they can create thorough backups with sufficient storage capacity.
Cloud Compliance Complying with regulatory standards about cloud usage at the local, national, and international level (laws). You must comply with all data privacy and protection regulatory standards.
Cybersecurity Litigation It usually follows a severe data breach where victims of identity theft or future financial loss are your customers and are seeking compensation for the event.
Data Archiving Collecting older data and moving it to a protected location so an organization can retrieve it, especially in a data forensics investigation.
Data Breach When data is stolen or disclosed to an unauthorized third party.
Data Center Security The physical and virtual cybersecurity that protects corporate data from attackers.
Data Classification A method for defining and categorizing files and other critical business information.
Data Exfiltration When there’s unauthorized copying, transfer, or retrieval of data from either a server or an individual’s computer.
Data Governance The strategies and rules used to maintain corporate data and its security.
Data Labeling Also known as data tagging. It involves assigning various data points with information so machine learning (ML) algorithms can better understand its meaning.
Data Leak When sensitive data is disclosed to an unauthorized third party.
Data Loss Prevention (DLP) Software that ensures users don’t send sensitive/critical information outside of the corporate network.
Data Privacy Aims to protect customer data from unethical use and distribution to third parties.
Data Protection Strategies that focus on building infrastructure and policies to stop attacks aimed at stealing valuable or sensitive data.
Data Retention Policy A policy that specifies how long an organization stores backup data before archiving, overwriting, or destroying it.
Data Security The practices, strategies, procedures, and mitigation techniques used to protect sensitive (personal) information from attackers.
Desktop As A Service (Daas) A remote access service where desktops are hosted in the cloud and are available when a remote user logs in and launches a session.
Distributed Denial of Service (Ddos) A malicious attack that attempts to disrupt normal traffic on a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of internet traffic.
Domainkeys Identified Mail (DKIM) A an email authentication protocol that detects forged sender addresses in email, like those used in phishing and email spam. DKIM lets receivers verify that an email sender was authorized by the owner of the domain.
E-Discovery A digital investigation that attempts to find evidence in email, business communications, and other data that could aid in litigation or criminal proceedings.
Email Account Compromise (EAC) A highly sophisticated attack where attackers use various tactics—phishing, malware, password spray—to compromise a victim’s email account.
Email Archiving A system for preserving email communications in a format that can be digitally stored, indexed, searched, and retrieved.
Email Filtering Services that filter an organization’s inbound and outbound email traffic.
Email Gateway An email server that protects a company’s or users’ internal email servers.
Email Protection A combination of security technology deployment and employee, associate, and customer training in how to guard against cyberattacks that infiltrate the network through email.
Email Scams When attackers steal money, account credentials, and sensitive information through scam emails.
Email Security Different procedures and techniques for protecting email accounts, content, and communication against unauthorized access, loss, or compromise.
Email Spoofing A technique used in spam and phishing attacks to trick users into thinking a message came from a person or business they either know or can trust.
Encryption Encoding a message or information in a way that only authorized parties can access it—those who aren’t authorized cannot.
End User Monitoring A practice used to track user behavior or actions while interacting with a site or web application. It helps measure the impact of website and device performance on the end user journey.
Endpoint-Delivered Threats Usually, they enter an organization through a user-infected device introduced into the corporate network that delivers malware that can spread laterally. Threats can also come through an infected portable device or from users who were tricked into downloading and installing malicious software.
Insider Threat It can happen when someone close to an organization with authorized access misuses that access to negatively affects the organization’s critical information or systems.
Internet of Things (Iot) Devices around the world that automatically connect to the cloud and function by storing data or running commands from an online server.
Internet of Things (Iot) Security The safeguards and protections for cloud-connected devices, like home automation, SCADA machines, security cameras, and any other technology that connects directly to the cloud.
Internet Protocol (IP) Often used in the context of an IP address, which is the series of numbers that identify any device attached to a network.
IT Compliance Specific guidelines a business must follow to ensure its processes are secure.
Keyloggers Programs that run as a background process on a computer or other device to collect keystrokes as a user types on their keyboard.
Network Access Controller (NAC) A solution that inspects users and devices to verify they have permission to access the network based upon defined policies.
Network-Delivered Threats There are typically two types: passive and active network threats. Passive network threats are activities such as wiretapping and idle scans that are designed to intercept traffic traveling through the network. Active network threats include activities such as denial of services (DoS) and SQL(...)
Open Authorization (Oauth) A protocol that lets a user grant a third-party application access to their data without sharing their account password.
Open-Source Software A shared-based model where application developers provide the full codebase for a project instead of only a compiled project with executable files.
Personally Identifiable Information (PII) A set of data that can be used to distinguish a specific person. It includes the personal information of customers or employees, like social security numbers, credit card numbers, and healthcare information.
Petya A family of encrypting malware that infects Microsoft Windows-based computers. It infects the master boot record to execute a payload that encrypts data on a hard drive’s systems.
Pharming An attack that involves sending users to fake websites to trick them into divulging private information.
Phishing When attackers send malicious emails designed to trick people into falling for a scam. Typically, the intent is to get users to reveal financial information, system credentials, or other sensitive data.
Pubic Cloud A model where a third-party provider hosts any “as a service” technology, including hardware, software, monitoring and logging solutions, identity management, remote resources, and other data center solutions.
Ransomware A malicious software (malware) that threatens to publish or block access to data or a computer system (by encrypting it) until the victim pays the attacker a ransom.
Single Sign-On (SSO) An authentication scheme that creates a trusted identity that can be passed on to other applications or websites without additional authentication.
Smishing A form of phishing where an attacker uses a compelling text message to trick targeted recipients into clicking a link and sending the attacker private information or downloading malicious programs to a smartphone.
Social Engineering A tactic that manipulates, influences, or takes advantage of a targeted user’s inability to detect an attack. The goal is to control the victim’s computer system or steal personal/financial information.
Social Media Archiving Archiving social media accounts to keep a record of social media communications and remain compliant.
Social Media Protection Solutions that prevent unauthorized access to an organization’s social media accounts. They also help find accounts posing as your brand or executives and shield customers from malicious social media content.
Social Media Threats Attackers use social media accounts in social engineering and phishing attacks as it gives them a platform to impersonate trusted people and businesses or gather the information they need to carry out additional attacks.
Software As A Service (Saas) Software licensed on a monthly basis. It’s typically installed and centrally managed by the software company in the cloud.
Software-Defined Perimeter An approach to computer security that hides internet-connected infrastructure so external parties and attackers can’t see it. The goal is to base the network perimeter on software (instead of hardware).
Software-Defined Wide Area Network (SD-WAN) Leverages software optimization to control how a network operates instead of the stereotypical hardware infrastructure that uses an on or off environment to direct traffic.
Spam A spam email—also known as unsolicited commercial email (UCE)—is unwanted and questionable mass-emailed advertisements.
Spear Phishing Scams that attempt to trick the victim into providing confidential information, such as credentials, to the attacker.
Supplier Chain Risk Management (SCRM) The process of identifying, assessing, and mitigating the risks to the integrity and authenticity of products and services within the supply chain.
Supply Chain Attack A highly effective way of breaching security. It involves injecting malicious libraries or components into a product without the developer, manufacturer, or end user realizing it.
Thin Client A basic computing device that runs services and software from a centralized server.
Threat Actor Any inside or external attacker that could affect data security.
Threat Intelligence Protects businesses from threats by monitoring attackers and their malware.
Transport Layer Security (TLS) A cryptographic protocol to provide secure communication over a computer network. It replaced secure sockets later (SSL) and was incorporated into many protocols, like email and HTTPS.
Virtual Private Network (VPN) A remote access protocol that gives users security and anonymity (through an encrypted connection) when they connect to web-based services or websites.
Vishing Similar to phishing, vishing involves attackers making fraudulent phone calls or leaving voice messages pretending to be a reputable company to get people to reveal personal information.
Wannacry A ransomware attack discovered in early 2017 that struck corporate networks worldwide running Microsoft Windows as part of a massive global cyberattack.
Watering Hole A targeted attack designed to compromise users within a specific industry or a group of users by infecting websites they usually visit—the attackers lure victims to a malicious site.
Web Proxy Server A tool organizations use for cybersecurity and performance. It includes features like anonymizing internal IP addresses and caching content for improved data transfer speeds and less bandwidth usage.
Web Security It leverages strategies to prevent users from introducing threats to the network from a malicious website.
A zero-trust network assumes every user—internal or external—could be a threat. Therefore, every request for network resources must be from an authenticated, authorized, and validated users. It centers on the never trust, always verify philosophy. The zero-trust security model has become the(...)