The process of recognizing a particular user of a computer or online service.
Refer to Security Incident
An organized approach to addressing and managing the aftermath of a security breach or cyber attack.
Indicator of Compromise
An artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion.
Information Security (IS) Policy
A set of rules enacted by an organization to ensure that all users or networks of the IT structure within the organization's domain abide by the prescriptions regarding the security of data stored digitally within the boundaries the organization stretches its authority.
Information Technology (IT) Asset
Gathering a detailed inventory of an organization's hardware, software and network assets.
Information Technology (IT) Directive
Foundational documents with the authority to issue Governance Directives as needed to regulate the user of IT resources. More information can be found here.
A security threat that originates from within the organization being attacked or targeted, often an employee or officer of an organization or enterprise.
Maintaining and assuring the accuracy and completeness of data over its entire lifecycle. This means that data cannot be modified in an unauthorized or undetected manner.
Data retrieved from inside the organization to make decisions for successful operations.
A device or software application that monitors a network or systems for malicious activity or policy violations.
The process law enforcement officers use to track criminals via the computer. This process may be to investigate computer crimes or it may be to track records of criminals using computer forensics.