In case you are new to the world of cybersecurity and are struggling to learn or understand some of the new terms you are hearing, don’t worry, we’re here to help! Some concepts have been around for years, but many are gaining traction right now due to high-profile data breaches, advances in cyber technology, and more sophisticated hackers. At Ostendio we are fluent in the language of cybersecurity experts. Here are the top 16 terms we’re hearing from our customers right now.
Capability Maturity Model - a methodology used to develop and refine an organization's software development process.
A type of cybersecurity breach which allows hackers to take information from a previous breach to gain access to other accounts
Performing basic tasks to protect digital assets. For example, use strong passwords, do not write them down for others to see, and change them frequently. Validate the sender before clicking on links/URLs within email or text messages. Do not send a Social Security number or bank account number to another person via email.
The state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this
A security incident in which information is accessed without authorization
The practice of examining large databases in order to generate new information
The overall management of the availability, usability, integrity and security of data used in an enterprise.
A decoy computer system for trapping hackers or tracking unconventional or new hacking methods
A malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems.
Integrated Risk Management
A set of practices and processes supported by a risk-aware culture and enabling technologies, that improves decision making and performance through an integrated view of how well an organization manages its unique set of risks.
Software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system
My Virtual Compliance Manager - our platform that’s helping customers build, operate and showcase compliance to over 100 standards globally.
The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers
Secure Controls Framework - a series of documented processes used to define policies and procedures around the implementation and ongoing management of information security controls in an enterprise environment.
When a hacker impersonates another device or user on a network in order to steal data, spread malware, or bypass access controls.
Software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive.
There are also a lot of standards and regulations that we cover with MyVCM. Some of the more popular ones are:
HIPAA - Health Insurance Portability and Accountability Act
HITRUST - Health Information Trust Alliance
CCPA - California Consumer Privacy Act
GDPR - General Data Protection Regulation
NIST - National Institute of Standards and Technology
SOC 2 - Service Organization Controls
CSA - Cloud Security Alliance
Have you heard any terms that I’ve missed? Drop me a note and share your favorite cybersecurity phrases. And if you have any questions about how we help companies with their cybersecurity programs, or where to start on your cybersecurity journey, I’m happy to help! You can contact me at firstname.lastname@example.org or schedule an Ostendio MyVCM demo here.
Not sure where to start?
The NIST Guide can help. We can also provide you with a free copy of Ostendio’s password policy, as an example. Just contact us at email@example.com.
Avoiding the Hidden Pitfalls of Security Audits
In this webinar, see the 5 most common pitfalls of security audits and learn how you can avoid them with the power of MyVCM CrossWalk Assessments.