a
- Access Control - Access control is a process that restricts access to resources, such as computers, files, or services, to authorized users only....
- Active Data Collection - Active data collection refers to the process of knowingly and transparently gathering data from users, typically through interactive means like...
- Adequate Level Of Protection - Under the General Data Protection Regulation (GDPR), the “Adequate Level of Protection” refers to the minimum standard of data protection...
- Anomaly - An anomaly is a type of behavior or action that deviates from the expected or normal pattern within an organization...
c
- California Consumer Privacy Act (CCPA) - The California Consumer Privacy Act (CCPA) is a legislation enacted by the state of California that recognizes and supports an...
- Cloud Security Posture Management (CSPM) - Cloud Security Posture Management (CSPM) is a category of information technology security tools. These tools were developed to identify issues...
- Controlled Unclassified Information (CUI) - Controlled Unclassified information or CUI is information created or possessed by the U.S. federal government that requires safeguarding or dissemination...
d
- Data Inventory - A data inventory, also known as a records of authority, is a comprehensive list or catalog of personal data held...
- Data Privacy - Data privacy is the practice of protecting confidential, proprietary and personal data from individuals or entities who should not be...
- Data Security Posture - Data security posture refers to the current status of the capabilities required to protect data from unauthorized access, destruction, and/or...
- Dormant Data - Dormant data, or otherwise known as dark data, is data that a business or organization generates and collects but does...
- DSPM - A term originally coined by Gartner, data security posture management (DSPM) is a category of data security products that provide visibility of...
f
- False Positives in Cyber Security - A false positive is an error in which a result incorrectly indicates the presence of a condition. In cybersecurity a...
g
- General Data Privacy Regulation (GDPR) - General Data Protection Regulation (GDPR) is a legislation that went into effect in May 2018. It enhanced and unified data privacy...
- Generative AI - Generative AI refers to artificial intelligence systems designed to generate new data, such as text, images, audio, or video, based...
h
- Health Insurance Portability and Accountability Act (HIPAA) - HIPAA, or the Health Insurance Portability and Accountability Act, is a US law that sets standards for the protection of...
- Hybrid Clouds - Private clouds. Public clouds. Hybrid clouds. All these terms get a little confusing. In a nutshell, a hybrid cloud is...
i
- Identity and Access Management (IAM) - In a nutshell, IAM is a set of policies, processes, and tools a business uses to match specific people with...
- Insider Threat - Simply put, an insider threat is an internal employee or vendor with access to internal tools or data. These can...
m
- Machine Learning - Technology companies deploy machine learning in their technologies along with artificial intelligence to process, make sense of, and learn from...
n
- Network Firewall - Network Firewalls are network security technologies that monitor and control network traffic based on security rules that an organization’s security...
p
- PCI DSS - PCI DSS, or Payment Card Industry Data Security Standard, is a set of security guidelines created to protect credit card...
- PII - Personally identifiable information (PII), is data that is used to identify individuals. It can be information such as social security...
- Private Cloud - In cloud computing, private cloud refers to an internal or corporate cloud in which a business stores data and manages...
- Public Cloud - Public clouds are platforms that allow multiple organizations to share services, computing resources, virtual machines, applications, data storage and workloads...
r
- Ransomware - Ransomware is a from of cyber attack (predominantly describing a type of malware) in which data on a server or...
s
- Server Side Request Forgery - In a Server-Side Request Forgery (SSRF) attack, an attacker abuses server functionality to access resources or modify them in order...
- Strengthening American Cybersecurity Act (SAC) of 2022 - The Strengthening American Cybersecurity Act (SAC) of 2022 is a legislative initiative aimed at fortifying the United States’ cybersecurity infrastructure....
t
- Toxic Combinations - Toxic combinations of privilege in cybersecurity refers to individuals, such as employees, vendors or partners, being granted access privileges to...
z
- Zero Trust - Zero Trust is a security concept that businesses deploy to secure their networks from unauthorized, unvalidated and unauthenticated users. It...