Cybersecurity
Security engineers communicate risk, write advisories, and lead incident responses. The language must be precise, unambiguous, and calibrated for audiences from developers to the board.
Topics covered
- CVE & advisory language
- Threat modelling
- Pen test reporting
- OWASP vocabulary
- Security incident communication
Vocabulary spotlight
4 terms every Cybersecurity should know in English:
attack surface n.
The sum of all entry points an attacker could exploit
"Removing public cloud storage endpoints reduces our attack surface significantly."
CVSS score n.
Common Vulnerability Scoring System — a 0–10 severity rating for vulnerabilities
"The CVE has a CVSS score of 9.8 — we need to patch today."
threat actor n.
An individual or group that carries out malicious cyber activity
"The TTPs suggest a nation-state threat actor rather than opportunistic crime."
lateral movement n.
Techniques attackers use to move progressively through a network after initial compromise
"There is evidence of lateral movement to three internal systems."
📚 Vocabulary Reference
Key terms organised by category for Cybersecuritys:
Attack Types
Defensive Terms
Vulnerability Management
Compliance & Governance
Recommended exercises
Real-world scenarios you'll practise
- Writing a security advisory for a discovered vulnerability
- Presenting threat model findings to the engineering team
- Communicating a breach incident to executive stakeholders
- Writing a penetration testing executive summary
Recommended reading
Reference glossaries for Cybersecuritys
Deep-dive glossaries covering terminology specific to this role: