Full Text

Cybersecurity buzzwords and buzz phrases are a dime a dozen. Used to simplify complex terminology or boost sales and marketing campaigns, buzzwords are an inescapable reality for an innovative and fast-paced industry like information security. However, such terms are not always helpful and can be inaccurate, outdated, misleading, or even risk causing harm. For example, a buzzword that exploits fear, uncertainty and doubt to maximize a profit-led agenda can be damaging, while a legitimate, once-useful term may become outdated, with continued use and reliance upon it hampering more evolved understandings of the root issue.

Here are the 11 cybersecurity buzzwords and phrases that should be laid to rest in 2021.

* Ransomware

* Zero trust

* Whitelist and blacklist

* AI-powered security

* Cyber 9/11

* Digital transformation

* SIEM

* People are the weakest link

* Cybersecurity awareness

* Cyber kill chain

* Hacker

1. Ransomware

Despite being one of the most used terms in discussions around common cyberattacks, ransomware is technically an inappropriate definition no longer fit for purpose, says Charl van der Walt, head of security research at Orange Cyberdefense. “It’s hard to escape mentions of ransomware in the current news agenda, but while it suffices to describe the overarching subject, it falls short of wholly capturing what is in fact a complex and evolving issue.”

Ransomware’s real meaning is getting lost in translation, and it is now being used to define a far wider set of cyberattacks than its real definition—malware that holds the data of a computer to ransom—encompasses, van der Walt says. “This creates confusion between malware that does encryption, general malware that’s used by ransomware actors, and the ransomware actors themselves. At the center of ransomware is the act of extortion and cybercriminals see companies as easy targets for extortion—you only have to look at data suggesting how many companies now pay ransom demands as proof.”

As this threat evolves, van der Walt proposes a new term: cyber extortion (or Cy-X). He says this better encapsulates the history, current form, and potential future of this crime wave, as well as making the distinction between extortion as the crime and ransomware as the tool used to commit it.

2. Zero trust

Zero trust describes a “trust nothing by default”...