Controlling who has access to a computer or online service and the information it stores.
Any attack that involves actions that are detectable as an attack by the target.
A software application which scans for malicious software and prevents malware from executing.
Something of value to a person, business or organization.
The sum of the different points where an unauthorized user can try to enter data to or extract data from an environment.
The process to verify that someone is who they claim to be when they try to access a computer or online service.
The computing systems used to store and process information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly at all times.
Knowledge and attitude members of an organization possess regarding the protection of the physical, and especially informational, assets of that organization.
To make a copy of data stored on a computer or server to lessen the potential impact of failure or loss.
A group of individuals who perform an analysis of information systems to ensure security, identify security flaws, verify the effectiveness of each security measure, and to make certain all security measures will continue to be effective after implementation.
A number of internet-connected devices controlled by a malicious actor using command & control (C&C) software to execute tasks which may steal data, send spam, or perform a distributed denial-of-service attack (DDoS attack).
Bring Your Own Device (BYOD)
The authorized use of personally owned mobile devices such as smartphones or tablets in the workplace.
Delivery of storage or computing services from remote servers online (ie via the internet).
Data that requires extra sensitivity due to the significant potential for misuse and costly reporting requirements in the event of unauthorized access.
Ensuring that information is not made available or disclosed to unauthorized individuals, entities, or processes.
Activities that, through the use of cyberspace, actively gather information from computers, information systems, or networks, or manipulate, disrupt, deny, degrade, or destroy targeted computers, information systems, or networks.
An organization's ability to continuously deliver the intended outcome despite adverse cyber events.
Any process in which information is gathered and expressed in a summary form, for purposes such as statistical analysis.
Intentional or unintentional release of secure or private/confidential information to an untrusted environment.
An error condition in information systems in which information is destroyed by failures or neglect in storage, transmission, or processing.
Data Loss Prevention (DLP)
A set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.
The process of restoring data that has been lost, accidentally deleted, corrupted or made inaccessible. In enterprise IT, data recovery typically refers to the restoration of data to a desktop, laptop, server or external storage system from a backup.
A computer or program that provides other computers with access to shared files over a network.
A role within an organization responsible for utilizing an organization's data governance processes to ensure fitness of data elements - both the content and metadata.
Discover or identify the presence or existence of a vulnerability, risk, or threat.
A branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime.
Distributed Denial-of-Service Attack (DDoS)
A cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.
The part of a network address that identifies it as belonging to a particular domain.
The transformation of data to hide its information content.
Refer to Security Event
A software tool designed to take advantage of a flaw in a computer system, typically for malicious purposes such as installing malware.
The omission of expected or required action.
Hardware or software designed to prevent unauthorised access to a computer or network from another computer or network.
Someone who violates computer security for malicious reasons, kudos or personal gain.
A function that converts one value to another. Hashing data is a common practice in computer science and is used for several different purposes. Examples include cryptography, compression, checksum generation, and data indexing.
Store (a website or other data) on a server or other computer so that it can be accessed over the Internet.
The process of recognizing a particular user of a computer or online service.
Refer to Security Incident
An organized approach to addressing and managing the aftermath of a security breach or cyber attack.
Indicator of Compromise
An artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion.
Information Security (IS) Policy
A set of rules enacted by an organization to ensure that all users or networks of the IT structure within the organization's domain abide by the prescriptions regarding the security of data stored digitally within the boundaries the organization stretches its authority.
Information Technology (IT) Asset
Gathering a detailed inventory of an organization's hardware, software and network assets.
Information Technology (IT) Directive
Foundational documents with the authority to issue Governance Directives as needed to regulate the user of IT resources. More information can be found here.
A security threat that originates from within the organization being attacked or targeted, often an employee or officer of an organization or enterprise.
Maintaining and assuring the accuracy and completeness of data over its entire lifecycle. This means that data cannot be modified in an unauthorized or undetected manner.
Data retrieved from inside the organization to make decisions for successful operations.
A device or software application that monitors a network or systems for malicious activity or policy violations.
The process law enforcement officers use to track criminals via the computer. This process may be to investigate computer crimes or it may be to track records of criminals using computer forensics.
Keyboard Logger / Keylogger
A virus or physical device that logs keystrokes to secretly capture private information such as passwords or credit card details.
Software intended to infiltrate and damage or disable computers. Shortened form of malicious software.
A set of data that describes and gives information about other data.
The action of reducing the severity, seriousness, or painfulness of something.
The assurance that someone cannot deny the validity of something. Non-repudiation is a legal concept that is widely used in information security and refers to a service, which provides proof of the origin of data and the integrity of the data.
A network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. The purpose is solely to gain information about the target and no data is changed on the target. Passive attacks include active reconnaissance and passive reconnaissance.
A secret series of characters used to authenticate a person’s identity.
An authorized simulated cyber attack on a computer system, performed to evaluate the security of the system. The test is performed to identify both weaknesses (also referred to as vulnerabilities), including the potential for unauthorized parties to gain access to the system's features and data, as well as strengths, enabling a full risk assessment to be completed.
Personal data relating to an identifiable living individual.
Method used by criminals to try to obtain financial or other confidential information (including usernames and passwords) from internet users, usually by sending an email that looks as though it has been sent by a legitimate organization. The email usually contains a link to a fake website that looks authentic.
A person's right to control access to his or her personal information. The right to be free from intrusion or interference is a key element of privacy.
Information that can be freely used, reused and redistributed by anyone with no existing local, national or international legal restrictions on access or usage.
A type of malicious software that cybercriminals use to extort money from their victims.
An independent group that challenges an organization to improve its effectiveness by assuming an adversarial role or point of view.
The recovery of data following computer failure or loss.
Possibility of something that could cause an organization not to meet one of its objectives.
The process of identifying, analysing and evaluating risk.
A virus or physical device that logs information sent to a visual display to capture private or personal information.
Something that modifies or reduces one or more security risks.
Any observable security-related occurrence in a network or system, not yet determined to have negative ramifications.
A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.
Information that is protected against unwarranted disclosure. Access to sensitive data should be safeguarded. Protection of sensitive data may be required for legal or ethical reasons, for issues pertaining to personal privacy, or for proprietary considerations.
A computer or computer program which manages access to a centralized resource or service in a network.
A mobile phone built on a mobile computing platform that offers more advanced computing ability and connectivity than a standard mobile phone.
A fraudulent or malicious practice in which communication is sent from an unknown source disguised as a source known to the receiver.
Malware that passes information about a computer user’s activities to an external party.
Activity in which key personnel assigned emergency management roles and responsibilities are gathered to discuss, in a non-threatening environment, various simulated emergency situations.
A person, object, or place selected as the aim of an attack.
Third-Party Risk Management (TPRM)
The process of analyzing and controlling risks presented to your company, your data, your operations and your finances by parties other than your own company.
Something that could cause harm to a system or organization.
A person who performs a cyber attack or causes an accident.
Malicious programs that pretend to be legitimate software, but actually carry out hidden, harmful functions.
Obtaining evidence of identity by two independent means, such as knowing a password and successfully completing a smartcard transaction.
Uniform Resource Locator (URL)
A location or address identifying where documents can be found on the Internet.
The record of a user kept by a computer to control their access to files and programs.
The short name, usually meaningful in some way, associated with a particular computer user.
Virtual Private Network (VPN)
Link(s) between computers or local area networks across different locations using a wide area network that cannot access or be accessed by other users of the wide area network.
Malware that is loaded onto a computer and then run without the user’s knowledge or knowledge of its full effects.
A flaw or weakness that can be used to attack a system or organization.
Wireless local area network based upon IEEE 802.11standards.
Malware that replicates itself so it can spread to infiltrate other computers.