1.0 (43/46) OF TERMS

Technical Security Controls

These are robust hardware or software systems specifically designed to monitor, manage, and enforce security policies throughout an organization. Examples include firewalls, intrusion detection systems, and antivirus software, which work to prevent unauthorized access, detect breaches, and ensure the integrity of sensitive data.

Administrative Security Controls

This encompasses a comprehensive set of policies, procedures, and guidelines established to effectively manage and oversee an organization’s security posture. Key components include mandatory security awareness training for staff, clearly defined incident response plans for addressing security breaches, and ongoing compliance checks to ensure adherence to security protocols.

Operational Security Controls

These are critical security measures that focus on the human element and procedures guiding personnel in safeguarding information systems. An important example is cybersecurity training that equips employees to recognize and respond to potential security threats proactively.

Physical Security Controls

These include an array of measures designed to manage access to physical facilities and hardware, protecting them from various threats. Examples include the use of surveillance cameras to monitor entrances and exits, and building access control systems that utilize ID badges or biometric scans to restrict entry to authorized personnel.

Preventive Controls

Implemented measures aimed at preventing unauthorized access or actions by limiting access either physically or logically. Common examples include system passwords, data encryption techniques, and network firewalls that block unauthorized users from gaining entry into secure systems.

Deterrent Controls

These security mechanisms are specifically designed to discourage potential attackers from even attempting to breach security systems. Effective examples include visible deterrents such as surveillance cameras, the presence of security personnel, and warning signs that alert would-be intruders that security measures are actively in place.

Detective Controls

Controls implemented to identify, monitor, and record attempted or successful security breaches, allowing organizations to respond effectively to incidents. Examples include intrusion detection systems that analyze network traffic for suspicious activities and alert security teams to potential threats.

Corrective Controls

These measures are initiated in response to security incidents to address and rectify the effects of breaches. Examples include antivirus software that removes malware from infected systems and patch management processes that apply security updates to fix vulnerabilities.

Compensating Controls

Alternative security measures implemented when primary controls are insufficient or unavailable. For instance, deploying multifactor authentication can serve as a compensating control when biometric authentication systems are compromised.

Directive Controls

These controls come in the form of guidelines or policies that instruct and direct employee behavior to ensure compliance with security protocols. This includes formal security policies that outline acceptable behavior and incident reporting protocols.

Managerial Security Controls

Controls that focus on the overarching policies, procedures, and organizational frameworks required to ensure security. Examples include conducting regular risk assessments, establishing governance policies for security, and developing incident response plans to prepare for potential threats.

CIA Triad

A foundational model in information security, consisting of three core principles: Confidentiality (protecting information from unauthorized access), Integrity (ensuring the accuracy and consistency of data over time), and Availability (ensuring that authorized users have timely access to information and systems when needed).

Confidentiality

This security principle ensures that sensitive data is only accessible to authorized personnel, thereby protecting it from unauthorized access, breaches, and theft.

Integrity

Integrity involves the assurance that data is accurate, consistent, and unaltered throughout its lifecycle, which is essential for maintaining trustworthiness during storage and transmission of information.

Availability

Availability guarantees that authorized users can access information and systems whenever required, preventing downtimes that could disrupt operations and ensuring continuous service delivery.

Non-repudiation

A principle ensuring that the authenticity of data cannot be denied by the sender; often achieved by utilizing digital signatures that provide verifiable proof of data origin and integrity.

AAA

A crucial framework in security management, encompassing three key components: Authentication (the process of verifying a user's identity), Authorization (granting specific access rights based on identification), and Accounting (tracking and recording user activity for compliance and auditing purposes).

Zero Trust

A progressive security model built on the principle of 'never trust, always verify.' It asserts that no user, device, or network is trusted by default and demands continuous verification to maintain a secure environment.

Adaptive Identity

This approach to security dynamically adjusts user access levels based on their behavior, risk factors, and context, aiming to ensure that access is proportionate to the perceived level of risk associated with user actions.

Policy-driven Access Control

An access control strategy leveraging predefined security policies to govern user permissions, ensuring that access to systems and data is managed according to established guidelines and protocols.

Approval Process in Change Management

A systematic procedure that evaluates, authorizes, and documents changes made to security operations. It ensures that modifications are thoroughly considered and sanctioned by relevant stakeholders before implementation.

Ownership in Change Management

This denotes specific individuals or teams designated with the responsibility of overseeing and managing changes within an organization's security framework, thus ensuring accountability and thorough review during the change process.

Configuration Management

A methodical approach that tracks and controls changes made to an organization's systems and configurations, aiming to maintain integrity, consistency, and compliance with established security standards.

Public Key Infrastructure (PKI)

A robust framework designed for the management of digital certificates and encryption keys that facilitates secure communications and transactions over the internet by ensuring the authenticity of the involved parties.

Data at Rest Encryption

Techniques and protocols used to secure data stored on hard drives, databases, or other storage media against unauthorized access. Examples include full-disk encryption and database encryption methodologies.

Data in Transit Encryption

This involves protecting data while it is being transmitted between systems or over a network; commonly implemented using protocols like TLS (Transport Layer Security) and VPNs (Virtual Private Networks) to safeguard data from interception.

Symmetric Encryption

An encryption method that employs a single shared key for both the encryption and decryption processes, requiring that the same key remains confidential between the communicating parties.

Asymmetric Encryption

An encryption technique utilizing a pair of keys: a public key for encryption and a private key for decryption, which provides a secure means for exchanging sensitive information over potentially insecure channels.

Hashing

A cryptographic function that converts data into a fixed-length string, ensuring integrity by producing a unique output for each unique input. Common hashing algorithms include MD5 and SHA-256, utilized for verifying data authenticity.

Honeypot

A deliberately created decoy system designed to mimic real systems, aiming to attract potential attackers to study their tactics and strengthen overall security measures by learning from their methods.

Honeytoken

A deceptive credential or identifier intentionally designed to lure intruders and trigger alerts when accessed, aiding in the detection of unauthorized access attempts and bolstering security measures.

Hardware Security Module (HSM)

A specialized physical device providing secure key storage and cryptographic processing, ensuring sensitive data and cryptographic keys are protected from unauthorized access and manipulation.

Trusted Platform Module (TPM)

A dedicated chip embedded on computer motherboards that provides hardware-level encryption and secure storage of cryptographic keys, significantly enhancing system security and integrity.

Backout Plan in Change Management

A predefined strategy that allows for the safe restoration of systems to a previous state in case a change fails or introduces complications, ensuring quick recovery and minimal operational disruption.

Stakeholders in Change Management

The various individuals or groups impacted by changes in the security landscape, including end-users, IT personnel, and management, who must be informed and actively involved in the change process to ensure smooth transitions.

Bollards

Sturdy physical barriers designed to protect against vehicular threats, often deployed around sensitive facilities to deter unauthorized access and safeguard people and property.

Access Control Vestibule (Mantrap)

A controlled entry system that requires individuals to authenticate themselves before entering or exiting a secured area, enhancing security by preventing unauthorized access.

Lighting as a Physical Control

The strategic use of lighting to enhance visibility and deter intrusions in sensitive or restricted areas, making potential intruders more visible to security personnel and thus discouraging unauthorized entry.

Video Surveillance

A critical security component that employs cameras to monitor and record activity within secure areas, providing vital evidence in the event of an incident and assisting in response and investigation efforts.

Allow/Deny Lists in Technical Controls

Controlled lists that specify users, IP addresses, or domains permitted or denied access to networks, effectively managing who can interact with systems and protecting sensitive data from unauthorized access.

Patch Management

The systematic process of applying updates to software or hardware aimed at addressing identified security vulnerabilities, ensuring that systems remain fortified against known threats.

Security Awareness Training

Educational programs designed to inform employees about identifying and mitigating security threats, fostering a proactive culture of security awareness and responsibility within the organization.

Authentication Factors (Multifactor Authentication)

A comprehensive security approach that employs multiple verification methods for access, including something you know (password), something you have (security token), and something you are (biometric scan), strengthening access security by minimizing risks