Incident Response is all about Planning

Incident Reponse

Incident Response is the activities that address the short-term, direct effects of an incident and may also support short-term recovery. Incident Response in cybersecurity work is where a team responds …

Phases in Security Incident Handling

Recovery

Recovery refers to phase four (4) in CyberHoot’s view of Cybersecurity Incident Handling. In this phase, incident handlers proceed with activities that seek to restore essential services and operations in …

Personal Identifying Information (PII)

Personal Identity Information or Personally Identifiable Information (PII) is information that permits the identity of an individual to be directly or indirectly inferred. An example of PII would be a …

Response

Response is the activities that address the short-term, direct effects of an incident and may also support short-term recovery. In cybersecurity, response encompasses both automated and manual activities. What Does …

blue team cybrary

Blue Team

Secure your business with CyberHoot Today!!! Sign Up Now A Blue Team ‘defends’ in a Red/Blue team exercise. Modeled after military training exercises, this activity is a face-off between two …

red team cybrary

Red Team

Secure your business with CyberHoot Today!!! Sign Up Now A Red Team is made up of offensive security experts who try to attack an organization’s cybersecurity defenses. These exercises are …

Integrated Risk Management

Integrated Risk Management is the structured approach that enables an enterprise or organization to share risk information and risk analysis and to synchronize independent yet complementary risk management strategies to …

Enterprise Risk Management

Enterprise Risk Management is a comprehensive approach to risk management that engages people, processes, and systems across an organization to improve the quality of decision making for managing risks that …

Risk Analysis

Risk Analysis is the systematic examination of the components and characteristics of risk. This is often done through a risk assessment, where a professional will analyze the risk that a …

Risk Assessment

A Risk Assessment is the product or process which collects information and assigns values to risks for the purpose of informing priorities, developing or comparing courses of action, and informing …

Risk Management

Risk Management is the process of identifying, analyzing, assessing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any …

Risk-Based Data Management

Risk-Based Data Management is a structured approach to managing risks to data and information by which an organization selects and applies appropriate security controls in compliance with policy and commensurate …

Private Key

A Private Key is a cryptographic key that must be kept confidential and is used to enable the operation of an asymmetric (public key) cryptographic algorithm. This is the secret …

Public Key Infrastructure

Public Key Infrastructure refers to a framework consisting of standards and services to enable secure, encrypted communication and authentication over potentially insecure networks such as the Internet. Related Terms: Secret …

Secret Key

A Secret Key is a cryptographic key that is used for both encryption and decryption, enabling the operation of a symmetric key cryptography scheme. Also, a cryptographic algorithm that uses …

Public Key

A Public Key is a cryptographic key that may be widely published and is used to enable the operation of an asymmetric (public key) cryptographic algorithm. The is the public …

Cryptographic Algorithm

A Cryptographic Algorithm is a well-defined computational procedure that takes variable inputs, including a cryptographic key, and produces an output. What Does This Mean For An SMB? Your business needs …

Security Automation

Security Automation refers to the use of information technology in place of manual processes for cyber incident identification, response and management. What Does This Mean For An SMB? Your business …

Signature

 A signature is a recognizable, distinguishing pattern. This is related to a digital signature, where a signature is required to ensure authenticity and that the document or data is coming …

Software Assurance

Software Assurance is the level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that …

Spam

Spam is the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. Email does not cost SPAMMERS anything to send. All they need is access to an open …

Spoofing

Related Terms: Social Engineering, Phishing Source: CNSSI 4009 If you would like more information on spoofing, watch this short video: Watch this video on YouTube

Spyware

Spyware is software that is secretly or surreptitiously installed into an information system without the knowledge of the system user or owner. What Does This Mean For An SMB? Your …

Subject

A subject is an individual, process, or device causing information to flow among objects or a change to the system state; in other words, an active entity. What Should My …

Industrial Control System

An Industrial Control System is an information system used to control industrial processes such as manufacturing, product handling, production, and distribution or to control infrastructure assets. What Does This Mean …

Supervisory Control and Data Acquisition

Supervisory Control and Data Acquisition (SCADA) is a generic name for a control system architecture comprising computers networked data communications and graphical user interfaces(GUI) for high-level process supervisory management, while …

Suply Chain Risks

Supply Chain

A Supply Chain is a system of organizations, people, activities, information and resources, for creating and moving products including product components and/or services from suppliers through to their customers. Supply …

Supply Chain Risk Management

Supply Chain Risk Management refers to the process of identifying, analyzing, and assessing supply chain risk and accepting, avoiding, transferring, reducing, or controlling it to an acceptable level considering associated …

Risk Reduction (Limitation)

Risk Reduction (limitation) is the most common risk management strategy used by businesses. This strategy limits a company’s exposure by taking some action. It is a strategy employing a bit …

Acceptance of risk

Risk Acceptance (Accept)

Risk Acceptance (Accept) refers to accepting the risk that is presented to you or your organization. When assessing risk, there are four strategies used when mitigating the risks that are …

Avoidance mitigation risk

Risk Avoidance

Avoidance refers to avoiding the risk that is found altogether. When mitigating risk, there are four strategies used, one of them being avoidance. Avoidance is to avoid the risk altogether; …

Risk Mitigation

Mitigation occurs when assessing risk. When assessing risk there are many ways to work with the risks that are found in an organization. Risk mitigation is broken down into four …

Investigation

An investigation is a systematic and formal inquiry into a qualified threat or incident using digital forensics and perhaps other traditional criminal inquiry techniques to determine the events that transpired …

How to Protect Yourself From Malware

Malicious Applet

A malicious applet is a small application program that is automatically downloaded and executed and that performs an unauthorized function on an information system. It is essentially malware that is deployed …

Malicious Logic

Malicious Logic is hardware, firmware, or software that is intentionally included or inserted in a system to perform an unauthorized function or process that will have adverse impact on the …

Intersection of Threats, Assets, and Vulnerabilities is your Risk

Risk

Risk is the potential for an unwanted or adverse outcome resulting from an incident, event, or occurrence, as determined by the likelihood that a particular threat will exploit a particular …

Symmetric Cryptography

Symmetric Cryptography is a branch of cryptography in which a cryptographic system or algorithms use the same cryptographic key for both encryption and decryption of ciphertext. The keys may be …

Symmetric Key Encryption

Symmetric Key

A Symmetric Key is a cryptographic key that is used to perform both the cryptographic operation and its inverse, for example to encrypt plaintext and decrypt ciphertext, or create a …

System Integrity

System Integrity is the attribute of an information system when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. What …

Tailored Trustworthy Space

Tailored Trustworthy Space refers to a cyberspace environment that provides a user with confidence in its security, using automated mechanisms to ascertain security conditions and adjust the level of security …

Physical Check Fraud Protections

Threat Agent

A Threat Agent is an individual, group, organization, or government that conducts or has the intent to conduct detrimental activities.  What they represent is a potential Risk to your organization …

Threat

A threat is a circumstance or event that has or could potentially exploit vulnerabilities or adversely impact (create adverse consequences for) organizational operations, organizational assets (including information and information systems), …

Threat Analysis

Threat Analysis in cybersecurity work is where a person identifies and assesses the capabilities and activities of cyber criminals or foreign intelligence entities and produces findings to help initialize or …

Ticket

A ticket, in access control, is data that authenticates the identity of a client or a service and, together with a temporary encryption key (a session key), forms a credential. …

traffic light protocol (TLP)

Traffic Light Protocol (TLP)

Secure your business with CyberHoot Today!!! Sign Up Now Traffic Light Protocol (TLP) is a set of designations employing four colors (RED, AMBER, GREEN, and WHITE) used to ensure that …

trojan horse cybersecurity breaches

Trojan Horse

A Trojan Horse is a computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting …

Unauthorized Access

Unauthorized Access is any access that violates the stated security policy. This can be done via an employee accidentally attempting to access a program that only administrators are allowed to …

Virus

A virus is a computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer. An example …

Weakness

A weakness is a shortcoming or imperfection in software code, design, architecture, or deployment that, under proper conditions, could become a vulnerability or contribute to the introduction of vulnerabilities. What …