a
- Access Control - Access control is a process that restricts access to resources, such as computers, files, or services, to authorized users only....
- Active Data Collection - Active data collection refers to the process of knowingly and transparently gathering data from users, typically through interactive means like...
- Adequate Level Of Protection - Under the General Data Protection Regulation (GDPR), the “Adequate Level of Protection” refers to the minimum standard of data protection...
- Advanced Persistent Threat - An Advanced Persistent Threat (APT) is a prolonged and targeted cyberattack in which an intruder gains access to a network...
- Anomaly - An anomaly is a type of behavior or action that deviates from the expected or normal pattern within an organization...
- Anonymization - Data anonymization is a process that alters personally identifiable information (PII) in such a way that it can no longer...
- Anonymous Data - Anonymous data refers to information that cannot be linked or associated with an identifiable individual, either directly or indirectly, even...
- API Security - API security involves protecting the integrity and confidentiality of data exchanged between applications through Application Programming Interfaces (APIs). It encompasses...
- Application Security - Application security encompasses measures and practices aimed at protecting applications from threats throughout their lifecycle. This includes coding best practices,...
- Appropriate Safeguards - In the context of the GDPR, “Appropriate Safeguards” refers to the implementation of the GDPR’s data protection principles during the...
- Audit Trail - An audit trail is a chronological record of activities, events, or actions that occur within a system or organization. It...
- Auditing - Auditing is the systematic examination, evaluation, and analysis of an organization’s assets, processes, and controls to ensure compliance with established...
- Authentication - Authentication is the process of verifying and confirming the claimed identity of a user, system, or entity attempting to access...
- Automated Processing - Automated processing refers to the execution of data processing tasks without human intervention or manual effort. It involves the use...
- Availability - Availability is a key aspect of information security, ensuring that data and systems are accessible when needed. This involves implementing...
- Azure - Azure is Microsoft’s cloud computing platform, offering a wide range of services, including computing, analytics, storage, and networking. It provides...
b
- Backup and Recovery - Backup and recovery involve creating copies of data to protect against loss and restoring it in case of data corruption,...
- Behavioral Analysis - Behavioral analysis is a technique used in cybersecurity to detect and analyze patterns in user behavior. By identifying deviations from...
c
- California Consumer Privacy Act (CCPA) - The California Consumer Privacy Act (CCPA) is a legislation enacted by the state of California that recognizes and supports an...
- Cloud Security Posture Management (CSPM) - Cloud Security Posture Management (CSPM) is a category of information technology security tools. These tools were developed to identify issues...
- Controlled Unclassified Information (CUI) - Controlled Unclassified information or CUI is information created or possessed by the U.S. federal government that requires safeguarding or dissemination...
d
- Data Inventory - A data inventory, also known as a records of authority, is a comprehensive list or catalog of personal data held...
- Data Privacy - Data privacy is the practice of protecting confidential, proprietary and personal data from individuals or entities who should not be...
- Data Security Posture - Data security posture refers to the current status of the capabilities required to protect data from unauthorized access, destruction, and/or...
- Dormant Data - Dormant data, or otherwise known as dark data, is data that a business or organization generates and collects but does...
- DSPM - A term originally coined by Gartner, data security posture management (DSPM) is a category of data security products that provide visibility of...
f
- False Positives in Cyber Security - A false positive is an error in which a result incorrectly indicates the presence of a condition. In cybersecurity a...
g
- General Data Privacy Regulation (GDPR) - General Data Protection Regulation (GDPR) is a legislation that went into effect in May 2018. It enhanced and unified data privacy...
- Generative AI - Generative AI refers to artificial intelligence systems designed to generate new data, such as text, images, audio, or video, based...
h
- Health Insurance Portability and Accountability Act (HIPAA) - HIPAA, or the Health Insurance Portability and Accountability Act, is a US law that sets standards for the protection of...
- Hybrid Clouds - Private clouds. Public clouds. Hybrid clouds. All these terms get a little confusing. In a nutshell, a hybrid cloud is...
i
- Identity and Access Management (IAM) - In a nutshell, IAM is a set of policies, processes, and tools a business uses to match specific people with...
- Insider Threat - Simply put, an insider threat is an internal employee or vendor with access to internal tools or data. These can...
m
- Machine Learning - Technology companies deploy machine learning in their technologies along with artificial intelligence to process, make sense of, and learn from...
n
- Network Firewall - Network Firewalls are network security technologies that monitor and control network traffic based on security rules that an organization’s security...
p
- PCI DSS - PCI DSS, or Payment Card Industry Data Security Standard, is a set of security guidelines created to protect credit card...
- PII - Personally identifiable information (PII), is data that is used to identify individuals. It can be information such as social security...
- Private Cloud - In cloud computing, private cloud refers to an internal or corporate cloud in which a business stores data and manages...
- Public Cloud - Public clouds are platforms that allow multiple organizations to share services, computing resources, virtual machines, applications, data storage and workloads...
r
- Ransomware - Ransomware is a from of cyber attack (predominantly describing a type of malware) in which data on a server or...
s
- Server Side Request Forgery - In a Server-Side Request Forgery (SSRF) attack, an attacker abuses server functionality to access resources or modify them in order...
- Strengthening American Cybersecurity Act (SAC) of 2022 - The Strengthening American Cybersecurity Act (SAC) of 2022 is a legislative initiative aimed at fortifying the United States’ cybersecurity infrastructure....
t
- Toxic Combinations - Toxic combinations of privilege in cybersecurity refers to individuals, such as employees, vendors or partners, being granted access privileges to...
v
- Vulnerability - A vulnerability is a weakness or flaw in a system, application, network, or process that can be exploited by threat...
z
- Zero Trust - Zero Trust is a security concept that businesses deploy to secure their networks from unauthorized, unvalidated and unauthenticated users. It...