AI Cybersecurity Glossary

• AI Governance . The set of rules, policies, and ethical guidelines that ensure AI systems work safely, securely, and responsibly within your organization.
• AI Jailbreaking . Techniques used to bypass the safety and ethical guardrails built into AI models like ChatGPT, potentially exploiting them for harmful purposes.
• AI Native . A cybersecurity approach where AI is the fundamental operating principle woven into every layer of security infrastructure, not just an add-on.
• Business Email Compromise . The most financially damaging form of cybercrime where criminals impersonate executives or vendors to send fraudulent payment instructions.
• Deepfake . Synthetic media using AI to replace a person's likeness in images or video, increasingly used as a weapon in corporate cyber threats.
• Malvertising . The use of seemingly legitimate online advertisements to spread malware, often executing without even clicking the ad.
• Pretexting . A form of social engineering where attackers create elaborate, believable scenarios to justify requests for your private information.
• Quishing . Phishing conducted via QR codes, bypassing traditional email security scanners that fail to analyze embedded images.
• Ransomware-as-a-Service . A criminal business model where expert ransomware developers sell or rent their malicious programs to less-skilled attackers.
• Shadow AI . The use of AI tools within a company without IT knowledge or approval, creating significant cybersecurity vulnerabilities.
• Smishing . Phishing conducted via SMS text messages, exploiting the trust people have in text communications.
• Social Engineering . The art of manipulating people—"hacking the human"—exploiting trust, curiosity, urgency, and fear to gain access to systems.
• Spear Phishing . Highly personalized phishing attacks targeting specific individuals using researched information from LinkedIn and social media.
• Spoofing . The act of forging communications to appear from a trusted source, the foundational technique behind BEC and Whaling attacks.
• Whaling . Elite phishing attacks targeting senior executives like CEOs and CFOs, leveraging their authority for massive financial payoffs.
• Zero Day Attacks . Attacks exploiting security flaws unknown to software vendors, bypassing traditional defenses because no patch exists yet.