Terms Used in Cyber Security for K-12 Schools

Security spelled out on computer screen

Introduction

Cyber security is the practice of protecting computers, networks, and data from unauthorized access, use, or damage. Cyber security is especially important for k-12 schools, as they store sensitive information about students, staff, and parents, such as grades, attendance, health records, and contact details. Cyber security also helps schools provide a safe and productive learning environment for students, where they can use technology to enhance their education and skills.

However, cyber security also comes with many challenges and risks for k-12 schools. Schools may face cyber threats from hackers, cybercriminals, or even insiders, who may try to steal, manipulate, or destroy data, disrupt online services, or harm the reputation of the school. Schools may also have to comply with various laws and regulations regarding data privacy and security, such as the Family Educational Rights and Privacy Act (FERPA) or the Children’s Online Privacy Protection Act (COPPA). Schools may also have to deal with the human factor of cyber security, such as educating and training staff and students on how to use technology safely and responsibly, and how to prevent and respond to cyber incidents.

To help schools understand and address these cyber security issues, here are some common terms and definitions that are used in the field of cyber security.

 

List of Common Cyber Security Terms and Definitions

  • Antivirus Software: A software program that scans, detects, and removes malware from a computer, network, or system, by using a database of known malware signatures or patterns, or by using heuristic or behavioral analysis.
  • Backup: A copy or duplicate of data or files that is stored in a separate location or device, such as a cloud service, an external hard drive, or a flash drive, to prevent data loss or corruption in case of a cyberattack, a hardware failure, or a human error.
  • Cyber Hygiene: The practices and habits that users should follow to maintain the health and security of their computers, networks, or systems, such as updating software, changing passwords, avoiding suspicious links or attachments, or backing up data.
  • Cyber Incident: Any event or occurrence that affects or threatens the security, functionality, or availability of a computer, network, or system, or the data or information stored or processed by them, such as a cyberattack, a data breach, a malware infection, or a denial-of-service attack.
  • Cyberattack: A deliberate attempt to compromise the confidentiality, integrity, or availability of a computer system, network, or data, by exploiting its vulnerabilities or weaknesses.
  • Cyberbullying: A form of bullying or harassment that occurs online, through the use of digital devices, such as computers, smartphones, or tablets, and digital platforms, such as social media, email, or chat rooms, where the bully may send or post harmful or abusive messages, images, or videos, to or about the target, or may impersonate, exclude, or spread rumors about the target.
  • Cybercrime: Any illegal or unethical activity that involves the use of computers, networks, or data, such as hacking, phishing, identity theft, fraud, or cyberbullying.
  • Cybersecurity Awareness: The knowledge and understanding of the potential threats and risks that may affect the security of computers, networks, or data, and the best practices and behaviors that can prevent or mitigate them.
  • Cybersecurity Education: The process of teaching and learning about the principles, concepts, and skills of cyber security, such as encryption, authentication, firewalls, malware, or digital citizenship.
  • Cybersecurity Policy: A set of rules, guidelines, or standards that define the roles, responsibilities, and procedures for ensuring the security of computers, networks, or data, within an organization or a system.
  • Cybersecurity Risk: The likelihood and impact of a cyber-incident that may compromise the confidentiality, integrity, or availability of a computer, network, or system, or the data or information stored or processed by them, based on the analysis of the threats, vulnerabilities, and consequences.
  • Cybersecurity Strategy: A plan or framework that outlines the goals, objectives, and actions for achieving and maintaining the security of computers, networks, or data, in alignment with the mission, vision, and values of an organization or a system.
  • Data Breach: An unauthorized or accidental disclosure, access, or transfer of sensitive or confidential data, to an external or internal party, that may cause harm or damage to the data owner or the data subject.
  • Data Encryption: A technique that transforms data into an unreadable or unintelligible form, using a secret key or algorithm, to protect it from unauthorized access, use, or modification.
  • Data Privacy: The right or expectation of individuals or groups to control how their personal or sensitive data is collected, used, shared, or stored, by others, in accordance with the applicable laws, regulations, or ethical standards.
  • Data Protection: The measures or actions that are taken to safeguard data from unauthorized access, use, or disclosure, such as encryption, backup, or access control.
  • Digital Citizenship: The norms and behaviors that users should follow when using technology and participating in online communities, such as being respectful, responsible, and ethical, protecting their personal information and privacy, and respecting the rights and privacy of others.
  • Digital Footprint: The trail or record of data or information that users leave behind when they use the internet or digital devices, such as browsing history, cookies, online profiles, social media posts, or online purchases, that may reveal their identity, preferences, interests, or activities, to others, such as websites, advertisers, or hackers.
  • Firewall: A software or hardware device that monitors and filters the incoming and outgoing traffic between a computer, network, or system, and the internet, based on predefined rules or criteria, to prevent or block unwanted or malicious connections or communications.
  • Hacker: A person who uses their technical skills and knowledge to exploit the vulnerabilities or weaknesses of a computer, network, or system, or to create or modify software or hardware, for various purposes, such as testing, learning, curiosity, fun, activism, or malicious intent.
  • Identity Theft: A type of cybercrime that involves stealing or obtaining the personal or financial information of another person, such as name, address, date of birth, social security number, credit card number, or bank account number, and using it to impersonate them or to commit fraud, such as opening accounts, making purchases, or applying for loans, in their name.
  • Malware: A malicious software or code that is designed to harm, disrupt, or compromise the functionality or security of a computer, network, or system, such as viruses, worms, trojans, ransomware, or spyware.
  • Password: A secret word, phrase, or string of characters that is used to authenticate or verify the identity of a user or a device, to access a computer, network, or system, or to perform a specific action or function.
  • Phishing: A fraudulent or deceptive technique that involves sending an email or a message that appears to be from a legitimate or trusted source, such as a bank, a government agency, or a school, but is actually intended to trick the recipient into revealing their personal or financial information, such as passwords, credit card numbers, or social security numbers, or to click on a malicious link or attachment, that may infect their computer, network, or system, with malware or ransomware.
  • Ransomware: A type of malware that encrypts the data or files on a computer, network, or system, and demands a ransom from the victim, usually in the form of cryptocurrency, such as Bitcoin, to decrypt or restore them.
  • Two-Factor Authentication: A method of authentication that requires two pieces of evidence or factors to verify the identity of a user or a device, such as a password and a code sent to a phone or an email, or a password and a biometric feature, such as a fingerprint or a face scan.

 

Conclusion

Cyber security is a vital and complex topic for k-12 schools, as they have to protect their data, systems, and users, from various cyber threats and challenges, while also complying with the relevant laws and regulations, and fostering a culture of cyber security awareness and education. By learning and understanding the basic terms and definitions of cyber security, schools can better prepare and equip themselves with the necessary knowledge and skills to achieve and maintain a high level of cyber security, and to support their students in their digital learning journey.

 

Picture of Working in Schools Team
Working in Schools Team

Latest posts

Did you enjoy this article?

Join our community of 3 million people and get updated every week We have a lot more just for you! Lets join us now

Continue Reading

View More Related Post
 
Required 'Candidate' login to applying this job. Click here to logout And try again
 
 

Answers

 

Job Alerts

 

Account Activation

Before you can login, you must activate your account with the code sent to your email address. If you did not receive this email, please check your junk/spam folder. Click here to resend the activation email. If you entered an incorrect email address, you will need to re-register with the correct email address.