Glossar

An Advanced Persistent Threat (APT) is an advanced and persistent threat that usually targets companies, organizations or government institutions. An APT attack is usually carried out by highly skilled cybercriminals or state actors who deliberately and continuously attempt to penetrate … Read More

Airgap is an information technology term that refers to the physical separation of a computer system or network environment from other networks or systems. This is done by introducing an air gap between the systems to prevent the exchange of … Read More

Bad bots (also known as malware bots or script bots) are automated programs used by cybercriminals to carry out malicious activities on the Internet. These bots can perform a variety of tasks, including data theft, identity theft, network overload, spamming, … Read More

BSI IT-Grundschutz (Federal Office for Information Security IT-Grundschutz) is a framework for IT security in Germany. It defines the necessary steps for securing IT systems and processes and supports companies and organizations in bringing their information security to an appropriate … Read More

Business Intelligence (BI) refers to the technologies, applications and practices for collecting, integrating, analyzing and presenting company data. The aim of BI is to support the decision-making process in companies by transforming data into meaningful insights and information. BI systems … Read More

A computer virus is a type of malware that is capable of spreading itself and inserting itself into other computer programs or files. In general, a virus only becomes active when the infected code is executed. Once this happens, the … Read More

Cybercrime refers to criminal offenses that are committed using computer systems, the internet or other digital technologies. These crimes can be committed by individuals, groups or organizations and can take a variety of forms, including: Phishing: The attempt to steal … Read More

Cybercrime insurance is a special insurance policy that protects companies against financial losses in connection with cybercrime. This type of insurance usually provides protection against losses that can be caused by data theft, hacker attacks, malware infections, ransomware, phishing attacks … Read More

Cyberheist is a term made up of the words “cyber” and “heist” and describes a type of criminal activity in which a thief or group of thieves hacks into a digital facility, such as a bank or financial institution, to … Read More

A data breach is the unauthorized access, loss or theft of sensitive data by a person or group who is not authorized to do so. Such a breakdown can be caused by human error, inadequate safety measures or technical faults. … Read More

Data governance is a term from information management practice that refers to the management and control of data within an organization. Data governance aims to ensure that data is properly recorded, stored, managed and used within the company. Effective data … Read More

Data literacy is the ability to understand, interpret, analyze and communicate data. It is an important part of digital literacy and the ability to navigate in today’s data-driven world. Data literacy encompasses the ability to identify, collect, store and organize … Read More

Data management is a computer science term that deals with the management of data in a company, an organization or an individual context. It covers the entire life cycle of data, from its creation and collection through to storage, processing, … Read More

Data mining is a process of discovering useful information from large amounts of data by identifying patterns and relationships that might not otherwise be obvious. It is a machine learning method that is frequently used in science, business and other … Read More

Data protection impact assessment (DPIA) is a procedure used in the field of data protection to assess and minimize the impact of data processing on the privacy of data subjects. The purpose of a DPIA is to identify potential risks … Read More

Defense Cyber Security refers to the protective measures taken to protect government and military networks, systems and data from cyber attacks and threats. There are several options for Defence Cyber Security, including: Network monitoring and analysis to detect and prevent … Read More

Email spoofing refers to a practice in which an attacker inserts false information into the sender of an email to trick the recipient into believing the email is legitimate. This is often used by cybercriminals to carry out phishing attacks … Read More

A firewall is a software or hardware component that is used to protect a network or computer from unauthorized access. A firewall monitors data traffic between an internal network and the internet and blocks unwanted traffic such as malware or … Read More

Go Digital is a funding initiative of the Federal Ministry for Economic Affairs and Energy (BMWi) that supports small and medium-sized enterprises (SMEs) with digitalization. The initiative was launched in 2017 and aims to support SMEs in their transition to … Read More

A greylist (also: greylisting) is a method of combating spam in e-mail systems. An email server is temporarily placed on a “gray list” if it attempts to send an email to a recipient with whom it has not yet communicated. … Read More

Spyware is a type of software that is secretly installed on a computer or mobile device to monitor user behavior and collect information. Spyware can enter a system in a number of ways, including downloads from infected websites, email attachments … Read More

A Trojan is a type of malware that disguises itself as a useful application in order to gain access to a computer system or carry out harmful actions. The name Trojan goes back to Greek mythology, in which the Greeks … Read More

Vishing is a form of fraud in which criminals attempt to collect sensitive information from victims through the use of voice technology and phone calls. The term vishing is derived from the English words “voice” and “phishing”. In a vishing … Read More

Vulnerability-Assessment refers to the process of identifying and evaluating security vulnerabilities in a system or application. This can be done using automated tools or manual checks. The aim is to identify potential vulnerabilities before they can be exploited by attackers.

Vulnerability management is a broader approach that includes identifying vulnerabilities, but also assessing risks, prioritizing actions and monitoring changes over time. It is therefore not only about identifying weaknesses, but also about implementing measures to eliminate risks.