Top 3 Cybersecurity Truths
Cybersecurity is not an IT responsibility.
Cybersecurity is a business responsibility.
There’s no silver bullet in cybersecurity.
There is no single product or solution that will prevent an organization from getting hacked.
100% prevention is impossible, making cybersecurity compromises inevitable.
Instead of relying solely on prevention, organizations must rely on timely detection through continuous security monitoring and other next-generation cybersecurity measures.
Advanced Persistent Threat
An adversary that possesses sophisticated levels of expertise and significant resources, which allow it to create opportunities to achieve its objectives by using multiple attack vectors (cyber, physical, and deception).
A program that monitors computers or networks to detect or identify major types of malicious code and to prevent or contain malware incidents, sometimes by removing or neutralizing the malicious code.
Similar cyber events or behaviors that may indicate an attack has occurred or is occurring, resulting in a security violation or a potential security violation.
A characteristic or distinctive pattern that can be searched for, or used, to match incidents to previously identified attacks.
The set of ways in which an adversary can enter systems or networks and potentially cause damage.
Observing activities of users, information systems, and processes, and measuring them against organizational policies, rules, baselines of normal activity, thresholds, and trends.
The systems and assets, physical or virtual, so vital that their incapacitation or destruction may have a debilitating impact on the security, economy, public health, environment, and/or safety of society.
The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.
A property that defines data as complete, intact, and trusted, and that data has not been modified or destroyed in an unauthorized or accidental manner.
The result of unintentionally deleting data, forgetting where it’s stored, or exposing it to an unauthorized party.
Data Loss Prevention (DLP)
A set of procedures and mechanisms to stop sensitive data from leaving a security boundary.
Denial of Service
An attack that prevents or impairs the authorized use of information system resources or services.
Distributed Denial of Service
A denial of service technique (see above) that uses numerous systems to perform attacks simultaneously.
The condition of being unprotected, thereby allowing access to information or capabilities that attackers can use to enter a system or network.
Identity and Access Management
The methods and processes used to manage subjects and their authentication, and authorizations to access specific objects.
An occurrence that poses an immediate or potential threat to an information system or the information itself, and that may require a response to mitigate the consequences.
The activities that address the short-term, direct effects of an incident and may also support short-term recovery. Incident response relies on mitigation, preparedness, and a recovery approach, as needed, to maximize the survival of life, preservation of property, and security of information.
Incident Response Plan
A set of predetermined and documented procedures to detect and respond to cyber incidents.
A person or group of persons within an organization who pose a potential risk through violating security policies; one or more individuals with the access and/or inside knowledge of a company, organization, or enterprise that would allow them to exploit the vulnerabilities of that entity's security, systems, services, products, or facilities with the intent to cause harm.
The process and methods for analyzing information from networks and information systems to determine if a security breach or security violation has occurred.
Software or hardware that tracks keystrokes and keyboard events, usually surreptitiously, to monitor actions by the user of an information system.
Program code intended to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system.
Malware (Malicious Software)
Software that compromises the operation of a system by performing an unauthorized function or process.
An evaluation methodology whereby assessors search for vulnerabilities and attempt to circumvent the security features of a network and/or information system.
A digital form of social engineering to deceive individuals into providing sensitive information, typically conducted over email.
The potential for an unwanted or adverse outcome resulting from an incident, event, or occurrence, as determined by the likelihood that a particular threat will exploit a particular vulnerability, with the associated consequences.
A set of software tools with administrator-level access privileges installed on an information system and designed to hide the presence of the tools, maintain the access privileges, and conceal the activities conducted by the tools.
The use of information technology in place of manual processes for cyber incident response and management.
A circumstance or event that has or indicates the potential to exploit vulnerabilities and to adversely impact organizational operations, assets (including information and information systems), individuals, other organizations, or society.
Any access that violates the stated security policy.
A computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer.
A characteristic or specific weakness that renders an organization or asset (such as information or an information system) open to exploitation by a given threat or susceptible to a given hazard; characteristic of location or security posture or of design, procedures, internal controls, or the implementation of any of these that permit a threat or hazard to occur.
A list of entities that are considered trustworthy and are granted access or privileges.