Privacy & Security Glossary

Key terms in data protection, cybersecurity, and Swiss compliance. Explained clearly.

Threats

Credential Stuffing: An automated attack that uses stolen username/password pairs from one data breach to attempt logins on other services, exploiting the widespread habit of password reuse.
Dark Web: A part of the internet only accessible through specialized software (like Tor), where stolen credentials, personal data, and hacking tools are frequently traded on anonymous marketplaces.
DDoS (Distributed Denial of Service): An attack that floods a website, server, or network with traffic from thousands of sources simultaneously, overwhelming it and making it unavailable to legitimate users.
Malware: An umbrella term for any malicious software designed to damage, disrupt, or gain unauthorized access to a computer system, including viruses, trojans, spyware, and ransomware.
Phishing: A social engineering attack that tricks users into revealing credentials, clicking malicious links, or downloading malware by impersonating a trusted entity.
Ransomware: Malicious software that encrypts your files and demands payment for the decryption key, often combined with threats to publish stolen data.
Social Engineering: Manipulation techniques that exploit human psychology rather than technical vulnerabilities to trick people into revealing sensitive information, granting access, or transferring money.
Zero-Day: A software vulnerability that is unknown to the vendor and has no available patch, giving defenders zero days to prepare before it can be exploited.

Firewall: A network security system that monitors and controls incoming and outgoing traffic based on predefined rules, acting as a barrier between trusted and untrusted networks.
VPN (Virtual Private Network): A technology that creates an encrypted tunnel between your device and the internet, protecting your data from interception and masking your IP address.

2FA (Two-Factor Authentication): A security method that requires two different forms of verification before granting access, typically a password plus a code from a device you own.
Passkeys: A passwordless authentication standard that uses cryptographic key pairs stored on your device, replacing traditional passwords with phishing-resistant, biometric-backed login.
Password Manager: Software that generates, stores, and auto-fills strong, unique passwords for every account, secured behind a single master password.

Encryption: The process of converting data into an unreadable format that can only be decoded with the correct key, protecting it from unauthorized access.
SSL/TLS: Cryptographic protocols that encrypt communication between your browser and a website (the padlock icon), ensuring data cannot be intercepted or tampered with in transit.

BACS (Federal Office for Cybersecurity): Switzerland's federal cybersecurity authority (Bundesamt für Cybersicherheit), responsible for national cyber threat monitoring, incident coordination, and the mandatory 24-hour reporting requirement for critical infrastructure.
FINMA: Switzerland's financial market supervisory authority (Eidgenössische Finanzmarktaufsicht), which sets binding cybersecurity and data protection requirements for banks, insurers, and financial intermediaries.
nDSG (Swiss Data Protection Act): The revised Swiss Federal Act on Data Protection (nDSG), effective September 1, 2023, governs how personal data must be handled by businesses operating in or targeting Switzerland.

Backup: A copy of your data stored separately from the original, allowing recovery after data loss from ransomware, hardware failure, accidental deletion, or natural disaster.
Endpoint Protection: Security software that protects individual devices (laptops, phones, servers) from malware, ransomware, and other threats using behavioral analysis, real-time monitoring, and automated response.
Patch Management: The process of identifying, testing, and applying software updates that fix security vulnerabilities, ensuring systems are protected against known exploits.