May 2025 Volume 7

OPERATIONS & MANAGEMENT

TECH TALK: SIMPLIFYING FREQUENTLY USED TERMS By Jim Kerr

E very profession has its own shorthand, and IT is no networking terms you may come across. Antivirus and Antimalware Antivirus and antimalware programs are the first line of cybersecurity defense. They are designed to bar malicious actors from entering a system through files and downloads by checking for known threats from a database and taking automatic quarantine actions if it detects one of them. Antivirus and antimalware are designed to search, detect, and remove software viruses and malware from accessing your system. Today, malware is more prevalent than viruses. The terms are often used interchangeably, though there are subtle differences between the two. Application Allowlisting Most environments today are “allow everything.” Allowlisting changes that to “deny everything – allow what you need.” Application allowlisting is a security layer with a twist – rather than letting an application run and then blocking it if something malicious is discovered, it only allows access to applications that are explicitly permitted (allowlisted) to run on your network. This tool is a key part of a zero-trust cybersecurity approach, which assumes that everything – people, applications and devices — poses a risk to your network. Endpoint Detection and Response (EDR) EDR tools add an advanced layer to antivirus and antimalware. EDR tools hunt for as-yet-unknown threats —those that get past the perimeter—by detecting and analyzing suspicious behaviors, otherwise known as indicators of compromise (IOCs). EDR tools monitor and log behaviors on endpoints (desktops, laptops, etc.) around the clock for evidence of threats, perform automatic actions to help mitigate them, and alert security professionals so they can investigate and respond. Firewall A firewall is a hardware device that helps protect your network by managing all traffic going into and coming out of your private network. Based on settings, it filters network traffic to block unauthorized access, including from malicious actors, while allowing legitimate access to authorized users and applications. exception. To help when you’re communicating with your IT team, here are a few commonly used cybersecurity and

Internet Protocol (IP) Address An IP address is the unique identifying number assigned to every device that is connected to the internet. Computers use IP addresses to communicate over the internet or via local networks. Every device with an internet connection has an IP address, including computers, laptops, smart devices like doorbells and home appliances, and even toys. IP addresses identify the network interface of a device and can also reveal information about a device’s general location, such as country, state, city or postal region. IP addresses can be public or private. Managed Detection and Response (MDR) Managed Detection and Response (MDR) is a cybersecurity service that combines technology with human expertise to rapidly identify and limit the impact of threats by performing threat hunting, monitoring, and response. The main benefit of MDR is that it quickly helps in limiting the impact of threats without the need for additional staffing, which can be costly. MDR remotely monitors, detects, and responds to threats detected within your organization. An endpoint detection and response (EDR) tool typically provides the necessary visibility into security events on the endpoint. Relevant threat intelligence, advanced analytics, and forensic data are passed to experienced human analysts, who perform triage on alerts and determine the appropriate response to reduce the impact and risk of positive incidents. Finally, through a combination of human and machine capabilities, the threat is removed. Password Manager A password manager allows a user to easily access and populate passwords by remembering only one master password. It helps protect users from accessing a potentially dangerous website due to a typo (the password is tied to a URL), access passwords if their primary machine is disabled, and assign passwords to other password manager users. The company can also assign a former employee’s password vault to someone else or access an individual user’s vault in case of an emergency or resignation.

FIA MAGAZINE | MAY 2025 54