Incident Reponse
Incident Response is the activities that address the short-term, direct effects of an incident and may also support short-term recovery. Incident Response in cybersecurity work is where a team responds …
A Cyber Library of 300+ Cybersecurity Terms.
Incident Response is the activities that address the short-term, direct effects of an incident and may also support short-term recovery. Incident Response in cybersecurity work is where a team responds …
Personal Identity Information or Personally Identifiable Information (PII) is information that permits the identity of an individual to be directly or indirectly inferred. An example of PII would be a …
Integrated Risk Management is the structured approach that enables an enterprise or organization to share risk information and risk analysis and to synchronize independent yet complementary risk management strategies to …
Enterprise Risk Management is a comprehensive approach to risk management that engages people, processes, and systems across an organization to improve the quality of decision making for managing risks that …
Risk Analysis is the systematic examination of the components and characteristics of risk. This is often done through a risk assessment, where a professional will analyze the risk that a …
A Risk Assessment is the product or process which collects information and assigns values to risks for the purpose of informing priorities, developing or comparing courses of action, and informing …
Risk Management is the process of identifying, analyzing, assessing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any …
Risk-Based Data Management is a structured approach to managing risks to data and information by which an organization selects and applies appropriate security controls in compliance with policy and commensurate …
A Private Key is a cryptographic key that must be kept confidential and is used to enable the operation of an asymmetric (public key) cryptographic algorithm. This is the secret …
Public Key Infrastructure refers to a framework consisting of standards and services to enable secure, encrypted communication and authentication over potentially insecure networks such as the Internet. Related Terms: Secret …
A Secret Key is a cryptographic key that is used for both encryption and decryption, enabling the operation of a symmetric key cryptography scheme. Also, a cryptographic algorithm that uses …
A Public Key is a cryptographic key that may be widely published and is used to enable the operation of an asymmetric (public key) cryptographic algorithm. The is the public …
A Cryptographic Algorithm is a well-defined computational procedure that takes variable inputs, including a cryptographic key, and produces an output. What Does This Mean For An SMB? Your business needs …
Security Automation refers to the use of information technology in place of manual processes for cyber incident identification, response and management. What Does This Mean For An SMB? Your business …
Software Assurance is the level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that …
An Industrial Control System is an information system used to control industrial processes such as manufacturing, product handling, production, and distribution or to control infrastructure assets. What Does This Mean …
Supervisory Control and Data Acquisition (SCADA) is a generic name for a control system architecture comprising computers networked data communications and graphical user interfaces(GUI) for high-level process supervisory management, while …
A Supply Chain is a system of organizations, people, activities, information and resources, for creating and moving products including product components and/or services from suppliers through to their customers. Supply …
Supply Chain Risk Management refers to the process of identifying, analyzing, and assessing supply chain risk and accepting, avoiding, transferring, reducing, or controlling it to an acceptable level considering associated …
Risk Reduction (limitation) is the most common risk management strategy used by businesses. This strategy limits a company’s exposure by taking some action. It is a strategy employing a bit …
Risk Acceptance (Accept) refers to accepting the risk that is presented to you or your organization. When assessing risk, there are four strategies used when mitigating the risks that are …
Avoidance refers to avoiding the risk that is found altogether. When mitigating risk, there are four strategies used, one of them being avoidance. Avoidance is to avoid the risk altogether; …
Mitigation occurs when assessing risk. When assessing risk there are many ways to work with the risks that are found in an organization. Risk mitigation is broken down into four …
An investigation is a systematic and formal inquiry into a qualified threat or incident using digital forensics and perhaps other traditional criminal inquiry techniques to determine the events that transpired …
A malicious applet is a small application program that is automatically downloaded and executed and that performs an unauthorized function on an information system. It is essentially malware that is deployed …
Malicious Logic is hardware, firmware, or software that is intentionally included or inserted in a system to perform an unauthorized function or process that will have adverse impact on the …
Symmetric Cryptography is a branch of cryptography in which a cryptographic system or algorithms use the same cryptographic key for both encryption and decryption of ciphertext. The keys may be …
A Symmetric Key is a cryptographic key that is used to perform both the cryptographic operation and its inverse, for example to encrypt plaintext and decrypt ciphertext, or create a …
System Integrity is the attribute of an information system when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. What …
Tailored Trustworthy Space refers to a cyberspace environment that provides a user with confidence in its security, using automated mechanisms to ascertain security conditions and adjust the level of security …
A Threat Agent is an individual, group, organization, or government that conducts or has the intent to conduct detrimental activities. What they represent is a potential Risk to your organization …
Threat Analysis in cybersecurity work is where a person identifies and assesses the capabilities and activities of cyber criminals or foreign intelligence entities and produces findings to help initialize or …
Secure your business with CyberHoot Today!!! Sign Up Now Traffic Light Protocol (TLP) is a set of designations employing four colors (RED, AMBER, GREEN, and WHITE) used to ensure that …
A Trojan Horse is a computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting …
Unauthorized Access is any access that violates the stated security policy. This can be done via an employee accidentally attempting to access a program that only administrators are allowed to …