Cyber Jargon-Buster

In whatever we do, we try to explain everything in plain English.

Below you’ll find a selection of the most commonly-used technical terms when talking about online and cyber security.

Just click on each to find a plain English explanation of what they mean and real-world examples of how you might come across them.

DATA BREACH
  • What it is: When sensitive, protected, or confidential data is accessed or disclosed without permission.
  • Why it matters for schools: Schools hold personal information about staff, students, and parents. A breach can lead to identity theft, legal consequences, and damage to the school’s reputation. It is a legal requirement that schools report serious breaches to the Information Commissioner’s Office (ICO) under data protection laws.
ENCRYPTION
  • What it is: A method of scrambling data (such as emails or files) so that only authorised people can read it.
  • Why it matters for schools: Using encryption for sensitive information (e.g., student records or staff payroll) helps keep data private and secure, especially when sending it outside the school network.
FIREWALL
    • What it is: A digital ‘gatekeeper’ that monitors and controls incoming and outgoing network traffic based on security rules.
    • Why it matters for schools: It helps block harmful traffic (like hackers trying to break in) while allowing safe traffic (like staff or students accessing the internet for lessons).
MALWARE
  • What it is: Short for “malicious software,” it’s a catch-all term for any software designed to harm or exploit devices and networks (e.g., viruses, worms, trojans, spyware).
  • Why it matters for schools: Infected devices can slow down or crash systems, steal confidential information, or even compromise your entire school network.
PATCH MANAGEMENT
  • What it is: The process of updating software (such as operating systems, apps, and security tools) with the latest fixes and improvements.
  • Why it matters for schools: Outdated software is an easy target for cybercriminals. Regular patches close known vulnerabilities and keep your systems more secure.
PHISHING
    • What it is: A scam where attackers send emails (or sometimes text messages) pretending to be a trusted source—like a bank, government agency, or even a well-known company—to trick you into giving away personal or financial information.
    • Why it matters for schools: Staff may receive emails appearing to come from senior leaders, IT providers, or exam boards. Clicking malicious links or sharing sensitive information can lead to data breaches.
RANSOMWARE
  • What it is: A type of malware that locks you out of your data or systems until you pay a ransom—often in cryptocurrency.
  • Why it matters for schools: Schools are prime targets because they hold valuable data. Paying a ransom is not a guarantee of data recovery and can be very costly and damaging.
SOCIAL ENGINEERING
  • What it is: Manipulating people into divulging confidential information or performing actions, often by posing as someone trustworthy or exploiting human error and curiosity.
  • Why it matters for schools: Even with good technical protections, staff can be tricked into handing over passwords or sensitive data if they aren’t aware of social engineering tactics.
TWO-FACTOR OR MULTI-FACTOR AUTHENTICATION (2FA or MFA)
  • What it is: A security step that requires users to provide two or more forms of identification before logging in (e.g., a password plus a unique code sent to a phone).
  • Why it matters for schools: Adding an extra step to logins significantly reduces the risk of unauthorised access to email accounts, student data, and other vital school systems.
VIRTUAL PRIVATE NETWORK (VPN)
  • What it is: A secure ‘tunnel’ over the internet that encrypts data and masks your real IP address.
  • Why it matters for schools: If staff need to access school systems remotely (e.g., working from home), a VPN adds an extra layer of security to protect school data from prying eyes.