Glossary
Term / Abbreviation
Domain
Simple Definition
B2B Context / Strategic Importance
Related SPIE service or URL
A
Advanced Persistent Threat (APT)
Threats
A type of stealthy and prolonged attack in which an attacker gains unauthorized access to a network and remains undetected for a long period.
Represents the most dangerous attacks and requires advanced detection solutions (XDR, Threat Intelligence).
Attack Surface
Assessment
The set of all entry points (software, networks, human) through which an attacker could attempt to access the company's information system.
Reducing the attack surface is the primary objective of cyber hygiene and Zero Trust architecture. A key term for audits.
B
Botnet
Threats
A network of infected computer devices (called "bots" or "zombies") remotely controlled by a cybercriminal to carry out coordinated attacks (e.g., DDoS, mass spamming).
Used to conduct large-scale attacks (such as the frequent DDoS attacks in Switzerland) by remotely exploiting a fleet of compromised devices.
BYOD
Governance
Bring Your Own Device. Company policy allowing employees to use their own devices (phones, computers) for work purposes.
Requires strict security policies and EDR/MDM tools to prevent data leaks.
C
CASB
Technology
Cloud Access Security Broker. Security software placed between users and cloud service providers to enforce company security policies.
Allows you to maintain control over data that migrates to external cloud platforms (Shadow IT, compliance).
Chairman's Office Fraud (COB)
Threats
Business Email Compromise (BEC). A sophisticated form of Spear Phishing where the attacker impersonates an executive (the President or CEO) to order an urgent or confidential bank transfer.
A costly threat that specifically targets management and finance departments.
CISO
Roles
Chief Information Security Officer (Chief Information Security Officer). Executive responsible for the company's overall security strategy and program.
The key role that bridges the gap between technology and management. Can be provided as a service.
CISO (as a Service)
Roles / Services
Information Systems Security Manager provided as an external service. A SPIE expert assumes this strategic leadership role on a part-time or ad-hoc basis.
A flexible solution enabling companies to access high-level expertise without hiring a full-time executive.
Critical Infrastructure
Regulation
An entity or installation essential to the proper functioning of society and whose failure or destruction would have a major impact (e.g., finance, energy, health, administrations).
Key term of the LSI: the obligation to report attacks to the OFCS (Federal Office of Cybersecurity) applies to these actors.
Cryptography
Technology
The set of techniques and methods used to encrypt information (make it unreadable without a key) in order to ensure its confidentiality and integrity.
Ensures secure communications (VPN, HTTPS) and protection of sensitive data at rest (LPD).
CVE
Threats
Common Vulnerabilities and Exposures. Public reference database listing known software vulnerabilities.
Key term in patch management and risk management.
Cyber
Governance
An organization's ability to resist, recover from, and adapt to cyberattacks, thereby ensuring the continuity of its essential operations.
A central theme of national debates and the ultimate goal: to go beyond simple protection to guarantee the survival of the company.
Cyber
Governance
An organization's ability to anticipate, resist, recover, and adapt to changing conditions, including cyberattacks.
The ultimate goal of cybersecurity strategies is no longer to avoid attacks, but to minimize their impact and recover quickly.
D
DDoS attack
Threats
Distributed Denial of Service (DDS). An attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.
Type of attack frequently reported in Switzerland (18% of recent cases) targeting the availability of services (banks, telecoms).
Deepfake
Threats
Hyper-realistic multimedia content (video or audio) created by Artificial Intelligence to imitate a person (a CEO, a manager) for the purpose of carrying out fraud or advanced social engineering.
A new form of spear phishing fraud (e.g., a fake video call from the CEO requesting a wire transfer) requires specific employee training.
DevSecOps
Architecture
Integration of security practices at each stage of the software development cycle (Development, Security and Operations).
Crucial for companies developing their own applications: security is built in from the start, not added later.
DLP
Technology
Data Loss Prevention (DLP). Tools and processes designed to ensure that sensitive data does not leave the company network in an unauthorized manner.
Essential for FADP/GDPR compliance and to prevent accidental or malicious leaks.
DPO
Roles / Compliance
Data Protection Officer (Data Protection Advisor in Switzerland). Expert responsible for ensuring that the company complies with current regulations concerning personal data (in particular the Swiss Federal Act on Data Protection (FADP) and the GDPR in Europe).
Its role is crucial for legal compliance and for managing the risk of fines. It acts as an intermediary between the company and the supervisory authorities.
DRP
Governance
Disaster Recovery Plan (DRP). A detailed plan to restore systems and IT infrastructure following an interruption (often included in the Business Continuity Plan).
Measures how quickly the business can become operational again (RTO/RPO).
E
EDR
Technology
Endpoint Detection and Response. A solution that continuously monitors end devices (workstations, servers) to detect and respond to advanced threats.
Essential protection of endpoints, where most attacks begin or end.
End-to-End Encryption
Technology
A communication method in which only the communicating users can read the messages, ensuring that no intermediary, including the service provider, can access the content.
Guarantees maximum confidentiality of exchanges and is often required for sensitive communications (emails, messaging).
Ethical Hacking
Services
The practice of hiring professionals (ethical hackers) to test the security of a system using the same methods as malicious attackers, but in a legal and authorized manner.
Term often used to refer to Pentest (Intrusion Testing) services; proactive and responsible evaluation.
F
FADP
Regulation
Federal Act on Data Protection. Regulates the use of personal data and imposes security and transparency measures in Switzerland.
It requires enhanced security of personal data under penalty of sanctions.
Feat
Threats
Software, data, or a sequence of commands that exploits a vulnerability (known or Zero-Day) in a system to cause unexpected behavior (e.g., take control).
The tool used by the attacker to transform a vulnerability into a successful attack.
Fine (LSI/LPD)
Regulation
Financial penalties may be imposed on companies (up to CHF 100,000 for the LSI) or on those responsible (LPD) in the event of non-compliance with reporting or data protection obligations.
The risk of sanctions (in force since October 2025 for the LSI) is a powerful catalyst for investment in cybersecurity.
G
Governance
Governance
The set of rules, processes and responsibilities for managing cybersecurity at the management and Board of Directors level.
Defines who is responsible for what and ensures that security is aligned with business objectives.
I
IAM
Governance
Identity and Access Management. The set of processes and technologies used to manage digital identities and control user access to resources.
Crucial for operational efficiency and compliance, including the principle of least privilege.
Insider Threat
Threats
Security risk posed by an employee, former employee, partner or subcontractor who has access to systems and uses that access to cause harm (theft, sabotage).
Often overlooked. Requires strict DLP and IAM solutions to monitor behavior.
Intrusion Test (Pentest)
Services
Simulation of a real and ethical attack against a computer system by experts (ethical hackers) to discover vulnerabilities before malicious attackers.
Proactive evaluation is essential to validate the effectiveness of the security measures in place.
ISL
Regulation
Federal Information Security Act. It notably requires operators of critical infrastructure to report cyberattacks to the NCSC.
Defines reporting and risk management obligations for key players in Switzerland.
ISO 27001
Compliance
International standard defining the requirements for the establishment, implementation, maintenance and continual improvement of an Information Security Management System (ISMS).
Formal proof for clients and partners of the company's commitment to information security.
L
Living-off-the-Land (LotL)
Threats
An attack technique where cybercriminals use legitimate tools and programs already present in the victim's network (PowerShell, WMI) to carry out their actions, making detection difficult.
Illustrates the need for advanced detection solutions (XDR, Threat Hunting) to identify abnormal activities rather than known malware.
M
Malicious AI
Threats
Use of Artificial Intelligence (AI) by cybercriminals to automate, personalize and optimize attacks (e.g., creating more credible fake emails).
An emerging threat that requires AI-based defense solutions (EDR/XDR) to counter the speed of attacks.
Malware
Threats
Abbreviation for "malware". Generic term for any program designed to damage, steal data or disrupt a system (includes viruses, ransomware, etc.).
Essential basic term for defining the general category of cybercrime software.
MDR
Services
Managed Detection and Response. Outsourcing service specializing in proactive threat detection and rapid incident response, often 24/7.
More responsive than a traditional SOC, the MDR is ideal for companies needing an emergency response team.
MFA
Authentication
Multi-Factor Authentication (or Multiple Factor Authentication). An identity verification method requiring at least two separate forms of identification (e.g., password + code on a phone).
Significantly reduces the risk associated with stolen or weak passwords; often required by cyber insurers.
Minimum Privilege
Hygiene and Safety
Security principle according to which a user should only have the access rights strictly necessary to perform their job, and no more.
A key measure in access management (IAM) to limit damage in the event of a compromised account.
MSSP
Services
Managed Security Service Provider. A managed security service provider that takes care of all or part of IT security (e.g., SOC management, 24/7 monitoring).
Outsourcing solution for companies that do not have the internal resources to maintain constant security monitoring.
Multi-Factor Authentication (MFA)
Hygiene and Safety
An identity verification method that requires two separate pieces of evidence to access an account or system, for example, a password and a code generated by an application or a physical key.
Strengthens the security of business accounts, limits the risk of compromise even in the event of theft or password leakage, and meets compliance requirements and the expectations of cyber insurers.
N
Network Segmentation
Architecture
The practice of dividing a company's network into several isolated subnets, thereby limiting the propagation of a potential compromise.
Crucial for containing the damage of an attack (e.g., Ransomware) by preventing the lateral movement of attackers.
Network Segmentation
Assessment
A weakness or deficiency in a system (hardware, software, or human) that can be exploited by a threat to compromise security.
Identifying and prioritizing vulnerabilities are at the heart of any successful security audit.
Next Generation Firewall (NGFW)
Technology
Next-Generation Firewall. Firewall that integrates more advanced security features than traditional models (deep packet inspection, application control, intrusion detection).
Crucial core technology that ensures not only filtering, but also intelligent perimeter protection.
P
Password Generator
Hygiene and Safety
A software tool that creates complex, long, and random passwords, helping users comply with security policies.
An indispensable complement to a Password Manager to guarantee the robustness of credentials.
Patch Management
Hygiene and Safety
Systematic process of applying software updates (patches) and security fixes to correct known vulnerabilities.
Essential for reducing the attack surface. Lack of patch management is a major cause of successful cyberattacks.
PCA
Governance
Business Continuity Plan. A set of measures aimed at ensuring the resumption and maintenance of essential business functions after a disaster (including cyberattacks).
Essential for the resilience and survival of the company after a major incident.
Pentest
Services
Penetration Testing. Simulation of a cyberattack against a system to assess its security and identify its vulnerabilities.
Proactive assessment is essential to measure the actual level of security before an attacker does.
Phishing
Threats
A fraud technique aimed at stealing confidential information (passwords, bank details) by impersonating a trusted entity.
Primary cause of security breaches; need for regular awareness programs.
R
Ransomware
Threats
Malicious software that encrypts data or blocks access to a computer system, demanding a ransom to unlock it.
Direct impact on business continuity (BCP) and reputation; requires a robust backup strategy.
Risk Analysis
Assessment
A formal process aimed at identifying, analyzing, and assessing cybersecurity risks to company assets, determining the probability and impact.
Enables managers to make informed decisions about investing in security measures (residual risk).
RTO / RPO
Resilience
Recovery Time Objective (RTO) / Recovery Point Objective (RPO). Key metrics defining the acceptable downtime and the maximum amount of data the business can afford to lose.
Fundamental elements of any Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP).
S
SASE
Architecture
Secure Access Service Edge. A model that combines wide area network (WAN) and security (ZTNA, Cloud firewall) services into a single cloud platform.
Simplifies hybrid and remote work security by applying uniform policies regardless of user location.
Shadow IT
Governance
Use of IT systems, applications or services within a company without the formal approval or knowledge of the IT department.
Represents a major security and compliance risk; requires a CASB solution for visibility and control.
SI
Technology
Information System. The set of resources (hardware, software, human, processes) that enable the collection, storage, processing and communication of information within the company.
A general but fundamental term: cybersecurity aims to protect the integrity and availability of the entire information system.
SIEM
Technology
Security Information and Event Management. A tool that collects and analyzes real-time security event logs from all sources on a network.
Provides a comprehensive and centralized view of security threats and events.
SOC
Operations
Security Operations Center. A physical operational center where analysts monitor and manage company security 24/7.
Enables rapid detection and response to incidents, ensuring constant monitoring.
SOC-as-a-Service
Services
Complete outsourcing of security incident monitoring, detection and response to a service provider (such as SPIE), via its own SOC.
Allows large companies to benefit from 24/7/365 monitoring without the heavy investment in infrastructure and personnel.
Social Engineering
Threats
The set of psychological manipulation techniques used by attackers to deceive victims and induce them to disclose sensitive information (closely related to Phishing and CEO Fraud).
Human risk is the weakest link. This underscores the crucial need for awareness.
Spear Phishing
Threats
A highly targeted form of phishing, aimed at a specific individual or group within an organization, often using personal information to gain trust.
More dangerous than mass phishing, it requires advanced awareness training for key personnel.
Spoofing
Threats
A technique that involves impersonating a legitimate entity (IP address, email, domain name) to deceive the victim.
An essential component of phishing and fraud attacks.
T
Threat Hunting
Operations
Proactive and iterative search for threats that have successfully bypassed existing security systems (firewall, antivirus, etc.), often conducted by SOC/MDR teams.
Transition from a passive defense to an active approach; essential for detecting Advanced Persistent Threats (APTs).
Threat Intelligence
Operations
Threat intelligence. Data and analysis on the intentions, capabilities, and methods of cyber attackers.
Enables proactive defense and anticipates threats specific to the industry.
Trojan Horse
Malware
A type of malware that disguises itself within legitimate or harmless software. Once installed, it opens a backdoor into the system.
A classic infiltration technique that bypasses user vigilance and signature-based systems.
V
Virus
Malware
Malicious computer program that attaches itself to a host file (executable) and replicates itself by inserting itself into other programs, often designed to damage the system.
The generic term is often confused with malware. The difference lies in its ability to self-replicate by infecting other files.
VPN
Technology
Virtual Private Network. Allows you to establish a secure and encrypted connection over a public network (Internet).
Traditional method for securing remote access for teleworkers.
W
WAF
Technology
Web Application Firewall. Filters and monitors HTTP traffic between a web application and the internet, protecting against attacks such as SQL injection or cross-site scripting.
Essential protection for any company managing critical online applications (e-commerce, customer portals).
X
XDR
Technology
Extended Detection and Response. An evolution of EDR that extends threat detection and response beyond endpoints, encompassing the network, cloud, and emails.
Offers much broader visibility and correlation of security data for an integrated and rapid response.
Z
Zero Trust
Architecture
A security model that assumes that no person, machine, or network is trustworthy by default, including within the perimeter.
Modern access strategy essential for securing hybrid and cloud environments.
Zero-Day
Vulnerability
A software vulnerability that is unknown to the publisher or for which no patch is yet available. Attackers exploit it before the defenses can react.
Represents the most critical risk. Requires behavioral detection solutions (XDR/MDR) to defend against the unknown.