Security management

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.
  • data breach - A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed or disclosed in an unauthorized fashion.
  • data integrity - Data integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so.
  • data masking - Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training.
  • data protection management (DPM) - Data protection management (DPM) is the administration, monitoring and management of backup processes to ensure backup tasks run on schedule and data is securely backed up and recoverable.
  • data recovery agent (DRA) - A data recovery agent (DRA) is a Microsoft Windows user account with the ability to decrypt data that was encrypted by other users.
  • data splitting - Data splitting is when data is divided into two or more subsets.
  • dictionary attack - A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary, or word list, as a password.
  • Diffie-Hellman key exchange (exponential key exchange) - Diffie-Hellman key exchange is a method of digital encryption that securely exchanges cryptographic keys between two parties over a public channel without their conversation being transmitted over the internet.
  • digital footprint - A digital footprint -- sometimes called a digital shadow -- is the body of data that an individual creates through their actions online.
  • digital forensics and incident response (DFIR) - Digital forensics and incident response (DFIR) is a combined set of cybersecurity operations that incident response teams use to detect, investigate and respond to cybersecurity events.
  • digital signature - A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or software.
  • Digital Signature Standard (DSS) - The Digital Signature Standard (DSS) is a digital signature algorithm (DSA) developed by the U.
  • directory traversal - Directory traversal is a type of HTTP exploit in which a hacker uses the software on a web server to access data in a directory other than the server's root directory.
  • disaster recovery plan (DRP) - A disaster recovery plan (DRP) is a documented, structured approach that describes how an organization can quickly resume operations after an unplanned incident.
  • disposable email - What is a disposable email?Disposable email is a service that allows a registered user to receive email at a temporary address that expires after a certain time period elapses.
  • distributed denial-of-service (DDoS) attack - A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.
  • DMZ in networking - In computer networks, a DMZ, or demilitarized zone, is a physical or logical subnet that separates a local area network (LAN) from other untrusted networks -- usually, the public internet.
  • document sanitization - Document sanitization is the process of cleaning a document to ensure that only the intended information can be accessed from it.
  • Electronic Code Book (ECB) - Electronic Code Book (ECB) is a simple mode of operation with a block cipher that's mostly used with symmetric key encryption.
  • electronic discovery (e-discovery or ediscovery) - Electronic discovery -- also called e-discovery or ediscovery -- refers to any process of obtaining and exchanging evidence in a civil or criminal legal case.
  • elliptical curve cryptography (ECC) - Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller and more efficient cryptographic keys.
  • email security - Email security is the process of ensuring the availability, integrity and authenticity of email communications by protecting against unauthorized access and email threats.
  • email spoofing - Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source.
  • employee onboarding and offboarding - Employee onboarding involves all the steps needed to get a new employee successfully deployed and productive, while offboarding involves separating an employee from a firm.
  • encoding and decoding - Encoding and decoding are used in many forms of communications, including computing, data communications, programming, digital electronics and human communications.
  • encryption - Encryption is the method by which information is converted into secret code that hides the information's true meaning.
  • encryption key - In cryptography, an encryption key is a variable value that is applied using an algorithm to a string or block of unencrypted text to produce encrypted text or to decrypt encrypted text.
  • encryption key management - Encryption key management is the practice of generating, organizing, protecting, storing, backing up and distributing encryption keys.
  • end-to-end encryption (E2EE) - End-to-end encryption (E2EE) is a method of secure communication that prevents third parties from accessing data while it's transferred from one end system or device to another.
  • enterprise file sync and share (EFSS) - Enterprise file sync and share (EFSS) is a service that allows users to save files in cloud or on-premises storage and then access them on desktop and mobile devices.
  • enterprise mobility management (EMM) - Enterprise mobility management (EMM) is software that allows organizations to securely enable employee use of mobile devices and applications.
  • erasure coding (EC) - Erasure coding (EC) is a method of data protection in which data is broken into fragments, expanded and encoded with redundant data pieces, and stored across a set of different locations or storage media.
  • ethical hacker - An ethical hacker, or white hat hacker, is an information security expert authorized by an organization to penetrate computing infrastructure to find security vulnerabilities a malicious hacker could exploit.
  • event handler - In programming, an event handler is a callback routine that operates asynchronously once an event takes place.
  • evil twin attack - An evil twin attack is a rogue Wi-Fi access point (AP) that masquerades as a legitimate one, enabling an attacker to gain access to sensitive information without the end user's knowledge.
  • facial recognition - Facial recognition is a category of biometric software that maps an individual's facial features to confirm their identity.
  • FACTA (Fair and Accurate Credit Transactions Act) - FACTA (Fair and Accurate Credit Transactions Act) is an amendment to FCRA (Fair Credit Reporting Act ) that was added, primarily, to protect consumers from identity theft.
  • Faraday cage - A Faraday cage is a metallic enclosure that prevents the entry or escape of an electromagnetic field (EM field).
  • federated identity management (FIM) - Federated identity management (FIM) is an arrangement between multiple enterprises or domains that enables their users to use the same identification data (digital identity) to access all their networks.
  • FFIEC compliance (Federal Financial Institutions Examination Council) - FFIEC compliance is conformance to a set of standards for online banking issued in October 2005 by the Federal Financial Institutions Examination Council (FFIEC).
  • filter (computing) - The term filter in computing can mean a variety of things, depending on the technology or technical discipline in question.
  • firewall - A firewall is a network security device that prevents unauthorized access to a network.
  • firewall as a service (FWaaS) - Firewall as a service (FWaaS), also known as a cloud firewall, is a service that provides cloud-based network traffic analysis capabilities to customers as part of an overall cybersecurity program.
  • footprinting - Footprinting is an ethical hacking technique used to gather as much data as possible about a specific targeted computer system, an infrastructure and networks to identify opportunities to penetrate them.
  • frequency-hopping spread spectrum (FHSS) - Frequency-hopping spread spectrum (FHSS) transmission is the repeated switching of the carrier frequency during radio transmission to reduce interference and avoid interception.
  • full-disk encryption (FDE) - Full-disk encryption (FDE) is a security method for protecting sensitive data at the hardware level by encrypting all data on a disk drive.
  • fuzz testing (fuzzing) - Fuzz testing (fuzzing) is a quality assurance technique used to discover coding errors or bugs and security loopholes in software, operating systems and networks.
  • garbage in, garbage out (GIGO) - Garbage in, garbage out, or GIGO, refers to the idea that in any system, the quality of output is determined by the quality of the input.
  • going dark - Going dark describes a scenario in which communication appears to have ceased, but in reality has just moved from a public communication channel to a private, encrypted channel.
  • Google Docs - Google Docs, first released in 2006, is a free web-based word processor in which documents can be created, edited and stored as part of the Google Docs Editors suite of free web applications.
  • Google Play Protect - Google Play Protect is a malware protection and detection service built into Android devices that use Google Mobile Services.
  • hacker - A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.
  • hacktivism - Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason.
  • hard-drive encryption - Hard-drive encryption is a technology that encrypts the data stored on a hard drive using sophisticated mathematical functions.
  • Hash-based Message Authentication Code (HMAC) - Hash-based Message Authentication Code (HMAC) is a message encryption method that uses a cryptographic key in conjunction with a hash function.
  • hashing - Hashing is the process of transforming any given key or a string of characters into another value.
  • health informatics - Health informatics is the practice of acquiring, studying and managing health data and applying medical concepts in conjunction with health information technology systems to help clinicians provide better healthcare.
  • homomorphic encryption - Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.
  • honey monkey - A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet.
  • honeynet - A honeynet is a network set up with intentional vulnerabilities hosted on a decoy server to attract hackers.
  • honeypot (computing) - A honeypot is a network-attached system set up as a decoy to lure cyber attackers and detect, deflect and study hacking attempts to gain unauthorized access to information systems.
  • host intrusion prevention system (HIPS) - A host intrusion prevention system (HIPS) is an approach to security that relies on third-party software tools to identify and prevent malicious activities.
  • hybrid cloud security - Hybrid cloud security is the combination of technologies and practices that protect a hybrid cloud user's sensitive data, infrastructure and applications.
  • Hypertext Transfer Protocol Secure (HTTPS) - Hypertext Transfer Protocol Secure (HTTPS) is a protocol that secures communication and data transfer between a user's web browser and a website.
  • hypervisor security - Hypervisor security is the process of ensuring the hypervisor -- the software that enables virtualization -- is secure throughout its lifecycle.
  • identity theft - Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, to impersonate someone else.
  • incident - An incident is an occurrence where a service or component fails to provide a feature or service that it was designed to deliver.
  • incident response team - An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.
  • indicators of compromise (IOC) - Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.
  • information security (infosec) - Information security (infosec) is a set of policies, procedures and principles for safeguarding digital data and other kinds of information.
  • information security management system (ISMS) - An information security management system (ISMS) is a set of policies and procedures for systematically managing an organization's sensitive data.
  • Information Technology Amendment Act 2008 (IT Act 2008) - The Information Technology Amendment Act 2008 (IT Act 2008) is a substantial addition to India's Information Technology Act 2000.
  • initialization vector - An initialization vector (IV) is an arbitrary number that can be used with a secret key for data encryption to foil cyber attacks.
  • inline frame (iframe) - An inline frame (iframe) is a HTML element that loads another HTML page within the document.
  • input validation attack - An input validation attack is any malicious action against a computer system that involves manually entering strange information into a normal user input field.
  • insider threat - An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.
  • International Data Encryption Algorithm (IDEA) - The International Data Encryption Algorithm (IDEA) is a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet.
  • International Information Systems Security Certification Consortium (ISC)2 - (ISC)2, short for International Information Systems Security Certification Consortium, is a nonprofit organization that provides security training and certificates.
  • Internet Key Exchange (IKE) - Internet Key Exchange (IKE) is a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).
  • IP spoofing - Internet Protocol (IP) spoofing is a type of malicious attack where the threat actor hides the true source of IP packets to make it difficult to know where they came from.
  • ISA Server - Microsoft's ISA Server (Internet Security and Acceleration Server) was the successor to Microsoft's Proxy Server 2.
  • ISO 27001 - ISO 27001, formally known as ISO/IEC 27001:2022, is an information security standard created by the International Organization for Standardization (ISO), which provides a framework and guidelines for establishing, implementing and managing an information security management system (ISMS).
  • ISO 27002 (International Organization for Standardization 27002) - The ISO 27002 standard is a collection of information security management guidelines that are intended to help an organization implement, maintain and improve its information security management.
  • ITIL V3 - ITIL V3 is the third version of the Information Technology Infrastructure Library (ITIL), a globally recognized collection of best practices for managing IT and for implementing IT service management (ITSM) practices.
  • Java Authentication and Authorization Service (JAAS) - The Java Authentication and Authorization Service (JAAS) is a set of application program interfaces (APIs) that can determine the identity of a user or computer attempting to run Java code, and ensure that the entity has the privilege or permission to execute the functions requested.
  • Kerberos - Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet.
  • key fob - A key fob is a small, programmable device that provides access to a physical object.
  • key-value pair (KVP) - A key-value pair (KVP) is a set of two linked data items: a key, which is a unique identifier for some item of data, and the value, which is either the data that is identified or a pointer to the location of that data.
  • keylogger (keystroke logger or system monitor) - A keylogger, sometimes called a keystroke logger, is a type of surveillance technology used to monitor and record each keystroke on a specific device, such as a computer or smartphone.
  • kill switch - A kill switch in an IT context is a mechanism used to shut down or disable a device or program.
  • kiosk mode (Windows assigned access) - Kiosk mode is a feature in Windows operating system (OS) that allows a device to run only specified applications and settings.
  • law of unintended consequences - The law of unintended consequences is a frequently-observed phenomenon in which any action has results that are not part of the actor's purpose.
  • LDAP injection - LDAP (Lightweight Directory Access Protocol) injection is a type of security exploit that is used to compromise the authentication process used by some websites.
  • LEAP (Lightweight Extensible Authentication Protocol) - LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections.
  • logic bomb - A logic bomb is a string of malicious code that is inserted intentionally into a program to harm a network when certain conditions are met.
  • LUN masking - LUN masking is an authorization mechanism used in storage area networks (SANs) to make LUNs available to some hosts but unavailable to other hosts.
  • man in the browser (MitB) - Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is capable of modifying that user's web transactions.
  • mandatory access control (MAC) - Mandatory access control (MAC) is a security strategy that restricts the ability individual resource owners have to grant or deny access to resource objects in a file system.
  • Massachusetts data protection law - What is the Massachusetts data protection law?The Massachusetts data protection law is legislation that stipulates security requirements for organizations that handle the private data of residents.
  • MD5 - The MD5 (message-digest algorithm) hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.