Lack of Unified Cyber Security Language Leading to Global Miscommunication

Media Division | March 6, 2017

Before the creation of the earliest dictionaries, you could pretty much spell words however you wanted to, even make up new definitions.  The English language, in particular, became this strange hodgepodge of archaic terms from Latin and Greek, and cross-over words from people living in France, Spain, Germany, Scandinavia, and the British Isles (among other influences).

People could communicate, though.  Sort of.

Then the English language got more codified, American English branched off into their own spellings and idioms, but more linguistic harmony and consistency existed.

Other languages have had similar evolutions: when the Bolsheviks took over they simplified Russian and required all of their conquered nations to spell and speak the same (even getting rid of several letters in the Cyrillic alphabet that were deemed unnecessary!).  When the Communists came into power in China one of the first problems they hoped to solve was the unification of language, requiring more than 200 dialects to be combined into 8 main languages and Mandarin to become the official language of the country.

In the “information age,” however, and through the evolution of digital (instant) communications, shifts in language have changed.  In a way, power has been given back to “the people” to evolve the language—which has given us such terms as “bae” and “selfie,” not to mention alternative spellings like “L8ER” and acronyms such as “BRB” and “LOL.”

With this evolution of “people language,” driven by social media (the origin of a pound sign becoming a hashtag), music (the source of words such as “bling”), and the internet in general, has come a lack of unification, particularly for some cyber security terms.  Definitions emerge and evolve, and even lead to global miscommunications.

The Cyber Dialect

English-language users can’t even seem to decide if cybersecurity is one word or two.  When mainstream media announces a “cyber attack,” they don’t even necessarily agree on whether or not it was an “attack,” since they do not agree on a definition—there are at least 16 different definitions!

Passive attacks, such as malware shared through broad phishing scams, are also often seen in a different light than targeted attacks—aimed specifically at a business.  The problem with such nuances is that in this age of cyber warfare it is also often not obvious whether a company or individual was specifically targeted, or just part of a number of attempts.  Big organizations easily get hundreds of cyber attacks per day, particularly when you consider all of the possible definitions.

There is one good thing about a lack of unity in cyber security language, and that is language origins itself.  For example, when intelligence officials and cyber security experts claimed that a hacker (or hacking group), Fancy Bear, was Russian in origin, they were able to make this determination in part because of the Cyrillic code.

Solving the Language Barrier

Fortunately, we have precedent for solving language barriers in fields or industries that must communicate more universally.  Both music and mathematics are often called “universal languages,” because the agreed-upon terms within those fields cross language barriers.  (The written language of modern musical terminology has Italian roots and the Arabs are credited for evolving much of modern mathematics, including algebra).

In the field of aeronautics, where pilots from all over the world must successfully communicate with landing towers, English is the official language regardless of a pilot’s nation of origin.

The cyberverse is in need of a language makeover.  Unification of law would greatly simplify prosecution.  Agreement on terminology would make cyber intelligence and threat mitigation more universal, more accessible, and more effective.

How can we examine, act upon, trace and possibly prosecute what we do not even know we are talking about?

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.