Security
This cyber security glossary explains the meaning of terms about different types of computer security threats as well as words about application security, access control, network intrusion detection, security awareness training and computer forensics.
Authentication and access control
Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.
-
What is cyber extortion?
Cyber extortion is a crime involving an attack or threat of an attack, coupled with a demand for money or some other response, in return for stopping an attack or preventing one from happening.
-
What is a time-based one-time password?
A time-based one-time password (TOTP) is a temporary passcode generated by an algorithm that uses the current time of day as one of its authentication factors.
-
What is triple extortion ransomware?
Triple extortion ransomware is a type of ransomware attack in which a cybercriminal extorts their victim multiple times -- namely by encrypting data, exposing exfiltrated data and then threatening an additional third attack vector.
Compliance, risk and governance
This glossary contains definitions related to compliance. Some definitions explain the meaning of words used in compliance regulations. Other definitions are related to the strategies that compliance officers use to mitigate risk and create a manageable compliance infrastructure.
-
What is the Department of Health and Human Services (HHS)?
The U.S. Department of Health and Human Services (HHS) is a cabinet-level agency in the executive branch of the federal government, tasked with protecting the health and well-being of all Americans.
-
What is scenario analysis?
Scenario analysis is a risk management and strategic planning process used to evaluate the risk and potential effects of a future event.
-
What is a chief risk officer (CRO)? A detailed CRO job description
The chief risk officer (CRO) is a senior executive tasked with assessing, overseeing and mitigating an organization's risks.
Network security
Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.
-
What is cyber extortion?
Cyber extortion is a crime involving an attack or threat of an attack, coupled with a demand for money or some other response, in return for stopping an attack or preventing one from happening.
-
What is the WannaCry ransomware attack?
WannaCry ransomware is a cyberattack that spread by exploiting vulnerabilities in earlier and unpatched versions of the Windows operating system (OS).
-
What is a SIM card and how does it work?
A SIM card, also known as a subscriber identity module, is a smart card that stores the information necessary for a smartphone to connect to a mobile network.
Security Admin
Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.
-
What is the WannaCry ransomware attack?
WannaCry ransomware is a cyberattack that spread by exploiting vulnerabilities in earlier and unpatched versions of the Windows operating system (OS).
-
What is a chief risk officer (CRO)? A detailed CRO job description
The chief risk officer (CRO) is a senior executive tasked with assessing, overseeing and mitigating an organization's risks.
-
What is a next-generation firewall (NGFW)?
A next-generation firewall (NGFW) is a network security device that combines traditional firewall capabilities with advanced features to detect and block sophisticated cyberattacks.
Threat management
Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.
-
What is a cookie?
A cookie is a text file carrying some information that a website places on a user's computer.
-
What is the WannaCry ransomware attack?
WannaCry ransomware is a cyberattack that spread by exploiting vulnerabilities in earlier and unpatched versions of the Windows operating system (OS).
-
What is double extortion ransomware? How to defend your organization
Double extortion ransomware is a type of cyberattack that encrypts a victim's data, like in a traditional ransomware attack, while also adding a second attack vector of stealing that data.