Cyber Resilience Strategy
A comprehensive approach that organizations adopt to protect, respond to, recover, and adapt from cyber threats and incidents. Unlike traditional cybersecurity strategies that often focus solely on prevention, cyber resilience encompasses the ability to continue operation during and after a cyber incident has occurred.
You will find this term commonly used in Security, Business Continuity
Cyber Threat Analysis
The process of examining and interpreting data related to potential cyber threats to understand their nature, origin, and potential impact. Cyber threat analysis involves assessing vulnerabilities, identifying potential attack vectors, and determining the motives and capabilities of threat actors to inform security strategies and defenses.
You will find this term commonly used in Security, Cybersecurity
Cyber Threat Hunting
The proactive technique of searching through networks to detect and isolate advanced threats that evade existing security solutions. This approach involves using knowledge about adversaries and their tactics, techniques, and procedures (TTPs) to actively look for, identify, and mitigate potential threats before they can cause harm.
You will find this term commonly used in Security, Cybersecurity
Cyber Threat Intelligence
Information an organization uses to understand the threats that have, will, or are currently targeting the organization. This information is used to prepare, prevent, and identify cyber threats looking to take advantage of valuable resources. Cyber threat intelligence involves the collection, analysis, and dissemination of information about current and potential attacks that threaten an organization's information security.
You will find this term commonly used in Security, Cybersecurity
Cyber Threat Intelligence Analysis
The collection, evaluation, and interpretation of information regarding potential or current cyber threats and vulnerabilities. This analysis helps in understanding the motives, targets, and attack behaviors of cyber adversaries, enabling organizations to prepare and respond effectively to mitigate risks.
You will find this term commonly used in Cybersecurity, Threat Intelligence
Cyber Threat Landscape
The constantly evolving nature of cybersecurity threats faced by organizations and individuals. The cyber threat landscape includes the types of attacks, their frequency, the attackers' tactics, techniques, and procedures (TTPs), and the targeted vulnerabilities. Understanding the landscape is crucial for effective cybersecurity defense planning.
You will find this term commonly used in Security, Cybersecurity
Cyber Threat Modeling
The process of systematically identifying and evaluating potential threats to digital assets and information systems. Threat modeling helps organizations understand their attack surface, prioritize security efforts, and develop strategies to mitigate identified risks.
You will find this term commonly used in Security, Cybersecurity
Cyber-Enabled Information Warfare
The use of cyber capabilities to manipulate, disrupt, or destroy the information and communication assets of adversaries for strategic, operational, or tactical advantage. Cyber-enabled information warfare includes activities such as disinformation campaigns, cyber espionage, and attacks on critical information infrastructure to influence public opinion, disrupt decision-making processes, or degrade communication systems.
You will find this term commonly used in Security, Information Warfare
Cyber-Physical Attack
An attack that targets the vulnerabilities in the interface between the cyber and physical components of a system. Such attacks can have direct effects on physical assets and infrastructure, such as disrupting industrial control systems or causing physical damage through digital means.
You will find this term commonly used in Security, Cybersecurity
Cyber-Physical System (CPS) Design
The process of creating systems that integrate computational algorithms with physical components. CPS design involves considering both the software and hardware aspects of systems that interact with the physical world, such as autonomous vehicles, industrial automation systems, and smart grid technologies.
You will find this term commonly used in Engineering, Cyber-Physical Systems
Cyber-Physical Systems (CPS)
Engineered systems that are built from, and depend upon, the seamless integration of computational algorithms and physical components. CPSs include systems ranging from smart grid, autonomous automobile systems, medical monitoring, to industrial control systems. They often involve real-time computing, sensor networks, and IoT technologies to interact with the physical world.
You will find this term commonly used in AI, IoT
Cyber-Physical Systems Integration
The process of combining cybernetic systems (computing and networks) with physical processes. The integration allows for automated monitoring and control of the physical systems through cyber means, enhancing efficiency, safety, and functionality in sectors like manufacturing, transportation, and energy.
You will find this term commonly used in Cyber-Physical Systems, Automation
Cyber-Physical Systems Security
The practice of protecting cyber-physical systems (CPS), which integrate computation, networking, and physical processes, from cyber threats. Security measures are designed to safeguard the software and hardware components of CPS, as well as the physical processes they control, from unauthorized access and malicious attacks.
You will find this term commonly used in Security, Cyber-Physical Systems
Cybersecurity
The practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Analyst
Analyzes an organization's cybersecurity posture and implements measures to protect against cyber attacks.
You will find this term commonly used in Cybersecurity, Risk Management
Cybersecurity Assessment Framework
A structured approach to assessing an organization's cybersecurity posture, identifying vulnerabilities, and evaluating the effectiveness of current security measures. The framework typically includes criteria for measuring the maturity of cybersecurity practices and provides a roadmap for improvement.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Assurance Program
A comprehensive set of policies, procedures, and measures implemented by an organization to ensure its cybersecurity practices meet established standards and effectively protect against cyber threats. An assurance program involves regular assessments, audits, and updates to security controls based on evolving threats and business requirements.
You will find this term commonly used in Cybersecurity, Organizational Management
Cybersecurity Audit
A comprehensive review and analysis of an organization's IT infrastructure, policies, and procedures to assess the robustness of its cybersecurity defenses. Cybersecurity audits help identify vulnerabilities, assess the effectiveness of security measures, and ensure compliance with regulatory standards.
You will find this term commonly used in Security, IT Management
Cybersecurity Automation Tools
Software and systems designed to automate repetitive and routine cybersecurity tasks such as vulnerability scanning, threat detection, and incident response. Automation tools help streamline security operations, reduce human error, and enable security teams to focus on more strategic activities.
You will find this term commonly used in Cybersecurity, Automation
Cybersecurity Best Practices
Guidelines and strategies considered most effective in ensuring the protection of information systems from digital attacks. These practices are based on industry standards, regulations, and lessons learned from past cybersecurity incidents.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Capability Maturity Model (C2M2)
A tool that helps organizations evaluate and improve their cybersecurity capabilities and resilience. The model provides a set of practices for managing cybersecurity risk, organized into maturity levels that range from basic cyber hygiene to advanced risk management processes.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Compliance
The adherence to laws, regulations, guidelines, and specifications relevant to an organization's cybersecurity operations. Compliance is critical for avoiding legal penalties and ensuring that data is protected according to industry standards and best practices.
You will find this term commonly used in Security, Legal
Cybersecurity Compliance Auditing
The examination and evaluation of an organization's adherence to regulatory and industry cybersecurity standards and practices. Compliance auditing helps ensure that organizations meet legal and contractual obligations to protect sensitive information and maintain security controls, often involving third-party auditors to assess and verify compliance.
You will find this term commonly used in Cybersecurity, Compliance
Cybersecurity Compliance Management
The process of ensuring that organizational practices, policies, and operations meet established cybersecurity standards and regulatory requirements. Compliance management involves regular audits, risk assessments, and the implementation of controls to mitigate identified risks.
You will find this term commonly used in Security, Legal
Cybersecurity Due Diligence
The process of assessing the cybersecurity practices and risk exposure of a company, typically conducted during mergers and acquisitions (M&A) to identify potential security vulnerabilities that could impact the transaction. Cybersecurity due diligence helps in understanding the cyber risks associated with the business and in making informed decisions.
You will find this term commonly used in Security, Business
Cybersecurity Education and Training Programs
Programs and courses designed to teach individuals the knowledge and skills required to protect information systems from cyber threats. These programs can range from academic degrees to professional certification courses and workshops.
You will find this term commonly used in Education, Cybersecurity
Cybersecurity Education Framework
A structured set of guidelines and curricula designed to provide foundational knowledge and skills in cybersecurity. The framework aims to standardize cybersecurity education across academic institutions and professional training programs, ensuring that learners acquire the competencies needed to address current and emerging cyber threats effectively.
You will find this term commonly used in Education, Cybersecurity
Cybersecurity Framework
A structured set of guidelines for managing cybersecurity risks. Developed by organizations such as the National Institute of Standards and Technology (NIST), these frameworks offer best practices, methodologies, procedures, and processes that can be used to protect networks, devices, programs, and data from attacks, damage, or unauthorized access.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Framework Implementation
The process of adopting and adapting a cybersecurity framework (such as NIST, ISO/IEC 27001, or CIS Controls) within an organization to establish and improve cybersecurity practices. Implementation involves assessing current security measures, identifying gaps, and applying framework guidelines to enhance the organization's security posture.
You will find this term commonly used in Security, IT Management
Cybersecurity Incident Response Plan (CIRP)
A documented plan that outlines an organization's procedures for detecting, responding to, and recovering from cybersecurity incidents. The plan includes roles and responsibilities, communication protocols, and steps for mitigating the impact of security breaches.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Incident Simulation
A training exercise that mimics real-life cybersecurity incidents to prepare IT and security teams for actual cyberattacks. Simulations can range from phishing attacks to complex, multi-stage breaches, providing hands-on experience in detecting, responding to, and mitigating cyber threats.
You will find this term commonly used in Security, Training
Cybersecurity Information Sharing Act (CISA)
Legislation that encourages the voluntary sharing of cybersecurity threat information between the private sector and the government to enhance the collective understanding and defense against cyber threats. The act aims to improve cybersecurity awareness and collaboration while protecting privacy and civil liberties.
You will find this term commonly used in Security, Legal
Cybersecurity Insurance
A contract that an entity can purchase to help protect itself from the financial loss associated with cybercrime, data breaches, and other risks associated with information technology operations and infrastructure. This insurance can cover a range of incidents, including data breaches, business interruption, and network damage.
You will find this term commonly used in Security, Business
Cybersecurity Insurance Framework
A structured approach to evaluating and managing the risks that cybersecurity insurance policies cover. This framework helps organizations understand their coverage, identify gaps in protection, and make informed decisions about cybersecurity insurance purchases.
You will find this term commonly used in Business, Security
Cybersecurity Knowledge Base
A centralized repository of information related to cybersecurity threats, vulnerabilities, best practices, and solutions. A knowledge base supports the ongoing education and awareness of cybersecurity professionals, IT staff, and end-users, offering a resource for understanding and combating cyber threats.
You will find this term commonly used in Cybersecurity, Information Management
Cybersecurity Legal Compliance
The adherence to laws and regulations governing the protection of information and information systems. Legal compliance in cybersecurity involves implementing necessary security measures to protect data privacy and integrity, prevent breaches, and ensure that organizational practices align with legal requirements.
You will find this term commonly used in Legal, Cybersecurity
Cybersecurity Metrics
Quantitative measures used to assess the efficiency and effectiveness of cybersecurity initiatives and controls. Metrics help organizations in evaluating their security posture, identifying vulnerabilities, and making informed decisions to enhance their cyber defenses.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Metrics and KPIs
Quantitative measures and key performance indicators used to evaluate the effectiveness of cybersecurity practices and controls. Metrics and KPIs enable organizations to track security performance, assess the impact of security initiatives, and make data-driven decisions to strengthen their cybersecurity posture.
You will find this term commonly used in Security, Performance Management
Cybersecurity Operations
Activities and processes designed to detect, prevent, respond to, and recover from cyber threats and incidents. Cybersecurity operations involve continuous monitoring, threat intelligence gathering, incident response, and the implementation of security measures to protect information and IT assets.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Operations Center (CSOC)
A centralized unit that deals with security issues on an organizational and technical level. A CSOC is equipped with high-tech software and a skilled security team to monitor, analyze, and protect an organization from cyber threats around the clock.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Policy
A formal set of rules by which those within an organization or network must abide to protect information technology and data from unauthorized access, misuse, modification, or denial of service. Cybersecurity policies are crucial for establishing a secure posture and guiding the implementation of security measures.
You will find this term commonly used in Security, IT Management
Cybersecurity Policy Compliance
The adherence to laws, regulations, and guidelines related to cybersecurity within an organization. Compliance involves ensuring that security policies, procedures, and controls meet the required standards and practices to protect sensitive information and infrastructure from cyber threats.
You will find this term commonly used in Security, Legal
Cybersecurity Policy Development
The creation of policies that define an organization's cybersecurity stance, practices, and procedures. This involves identifying potential cyber risks, establishing guidelines for behavior and technology use, and setting forth response strategies for potential incidents. Effective policy development is crucial for maintaining organizational security and compliance with regulatory standards.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Policy Framework
A set of policies designed to provide a structured approach to implementing and managing an organization's cybersecurity defenses. The framework typically includes guidelines on how to identify, protect, detect, respond, and recover from cyber threats.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Posture
The overall cybersecurity strength and security stance of an organization, indicating its preparedness to defend against cyber attacks and security breaches. A strong cybersecurity posture includes a comprehensive set of policies, practices, tools, and technologies that protect an organization's information assets.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Posture Assessment
A comprehensive evaluation of an organization's cybersecurity strength and readiness against potential cyber threats. This assessment helps identify weaknesses in the current security posture and recommends improvements to mitigate risks.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Regulatory Compliance
Adherence to laws, regulations, and guidelines that govern cybersecurity practices within specific industries or regions. Compliance involves implementing measures to protect data and information systems from cyber threats in accordance with regulatory requirements.
You will find this term commonly used in Security, Legal
Cybersecurity Risk Assessment
The process of identifying, analyzing, and evaluating risk associated with the potential vulnerabilities and threats to an organization's information technology and systems. This assessment helps in prioritizing risks based on their potential impact and the likelihood of occurrence, guiding the allocation of resources towards effective risk management.
You will find this term commonly used in Security, IT Management
Cybersecurity Risk Management
The ongoing process of identifying, analyzing, evaluating, and addressing an organization's cybersecurity risks. The goal is to minimize risks to an acceptable level based on the organization's risk appetite. It involves a comprehensive approach that includes technology, processes, and policies.
You will find this term commonly used in Security, Cybersecurity
Cybersecurity Risk Scoring
The assignment of numerical scores to quantify the severity and potential impact of cybersecurity risks. Risk scoring systems help organizations prioritize their security efforts by identifying the most significant threats based on the likelihood of occurrence and the potential damage they could cause.
You will find this term commonly used in Security, Risk Management
