428 relations: ACARS, Accelerometer, Access control, Access control list, Activity tracker, Adam Back, Advanced driver-assistance systems, Advanced Encryption Standard, Advanced persistent threat, Agencies of the European Union, Air navigation service provider, Air traffic control, Airbag, Airbus A380, Algorithm, Amazon (company), Annie Antón, Anonymous (group), Anti-keylogger, Anti-lock braking system, Anti-Subversion Software, Anti-tamper software, Antivirus software, Apache Hadoop, Apple Inc., Application software, Artifact (software development), Artificial cardiac pacemaker, Assurance services, AT&T, Attack surface, Attack tree, Audit trail, Authentication, Authorization, Automated teller machine, Automated theorem proving, Automated threat, Autonomous car, Aviation, Backdoor (computing), Backup, Bank, Bank account, Barack Obama, Bicycle attack, Big data, Biometrics, Black market, Bluetooth, ..., Bluetooth Low Energy, Botnet, Brian LaMacchia, Bruce Schneier, Bulletproof hosting, Bureau of Justice Assistance, Business Insider, Butler Lampson, Cable modem, CAN bus, Canadian Cyber Incident Response Centre, Capability-based security, CAPTCHA, Carl Landwehr, Carnivore (software), CD-ROM, Central Cyberspace Affairs Commission, CERT Coordination Center, Chain of trust, Cheque, China, Cipher, Cisco Systems, Classified information, Clickjacking, Clifford Stoll, Cloud computing security, CNNMoney, Code review, Common Criteria, Common Vulnerabilities and Exposures, Communist Party of China, Compact disc, Comparison of antivirus software, Computer, Computer Crime and Intellectual Property Section, Computer emergency response team, Computer Fraud and Abuse Act, Computer hardware, Computer network, Computer security model, Computer virus, Computer worm, Computer-aided dispatch, Confidentiality, Confused deputy problem, Connected car, Content Disarm & Reconstruction, Content Security Policy, Cornell University, Correctness (computer science), Council of Europe, Countermeasure (computer), Covert listening device, Credit card, Cruise control, Cryptanalysis, Cryptographic protocol, Cryptography, Cryptosystem, Cyber insurance, Cyber security standards, Cyber self-defense, Cyber-security regulation, Cyberattack, Cybercrime, Cyberspace, Cyberterrorism, Cyberwarfare, Cynthia Dwork, Dancing pigs, Daniel J. Bernstein, DARPA, Data (computing), Data breach, Data integrity, Data logger, Data security, Dawn Song, Debit card, Deborah Estrin, Defense in depth (computing), Denial-of-service attack, Differentiated security, Digital evidence, Disk encryption, DNA, Dongle, Dorothy E. Denning, Dynamic DNS, E (programming language), Eavesdropping, Edward Snowden, Electrical grid, Electromagnetism, Electronics, Email spoofing, Embedded system, Employee offboarding, Encryption, Encryption software, Endpoint security, Equifax, European Union, European Union Agency for Network and Information Security, Evaluation Assurance Level, Executable, Executive order, Expected value, Exploit (computer security), Facebook, Fail-safe, Fast flux, Fault tolerance, Federal Aviation Administration, Federal Bureau of Investigation, Federal Communications Commission, Federal Criminal Police Office (Germany), Federal Intelligence Service (Germany), Federal Office for Information Security, File Transfer Protocol, Firewall (computing), Firmware, Food and Drug Administration, Forensic science, Form W-2, Formal verification, Fox Business Network, Full disclosure (computer security), Gene Spafford, General Secretary of the Communist Party of China, Google, Gordon–Loeb model, Government Accountability Office, Government of China, Government of the United Kingdom, Hacktivism, Hardware security, HBGary, Home automation, Honeypot (computing), Human–computer interaction (security), Ian Goldberg, Identity document, Identity management, Identity theft, Identity-based security, Indian Computer Emergency Response Team, Information security, Information security awareness, Information technology, Information technology architecture, InfraGard, Inoculation theory, Insider threat, Instant messaging, Insulin pump, Insurance, Integrity (operating system), Intellectual property, International Data Group, Internet, Internet access, Internet Crime Complaint Center, Internet of things, Internet privacy, Internet security, Internet service provider, Intrusion detection system, IP address, IP address spoofing, IT risk, Joan Feigenbaum, Jurisdiction, Kernel (operating system), Kevin Mitnick, Keystroke logging, KGB, Kill chain, L. Jean Camp, L4 microkernel family, Lance Cottrell, Law, Law enforcement officer, Lawrence A. Gordon, Linux, List of computer security certifications, Local area network, Log file, Log management, Login, Lorrie Cranor, MAAWG, MAC address, MAC spoofing, Machine learning, Malpractice, Malware, Markus Hess, Matt Blaze, McAfee, Medical device, Medical device manufacturing, Microkernel, Microsoft, Military, Military Counterintelligence Service (Germany), Milwaukee Bucks, MIRACL (security firm), Mobile device, Monica S. Lam, Moti Yung, Multi-factor authentication, MySecureCyberspace, Narus (company), NASA, National Basketball Association, National Cyber Security Division, National Cyber Security Policy 2013, National Cyberdefence Centre, National Highway Traffic Safety Administration, National Institute of Standards and Technology, National Security Agency, National White Collar Crime Center, Near-field communication, Nest Learning Thermostat, Network administrator, Network interface, Network packet, Network security, Network segmentation, Next Generation Air Transportation System, Nuclear power plant, Office of Personnel Management data breach, Open port, Open security, Operating system, Orange S.A., Outline of computer security, OWASP, Packet capture appliance, Page hijacking, Pan-European Network Service, Passport, Password, Patch (computing), Paul Kocher, Payment card number, Penetration test, Personal computer, Personal identification number, Personally identifiable information, Peter G. Neumann, Peter Gutmann (computer scientist), Peter J. Denning, Phishing, Phone cloning, Physical information security, Physical security, PikeOS, Ping (networking utility), Port (computer networking), Port scanner, Presumed security, Prime Minister's Office (India), Principle of least privilege, Privacy software, Privilege escalation, Proactive cyber defence, Programmable logic controller, Protocol stack, Public key certificate, Public-key cryptography, QR code, Quantified self, Radio-frequency identification, Ransomware, Records management, Richard A. Clarke, Risk cybernetics, Risk management, Robert Tappan Morris, Roger R. Schell, Rome Laboratory, Rootkit, Ross J. Anderson, RSA Conference, Ruby Corp., Russia, Safety engineering, Salvatore J. Stolfo, San Francisco, Sandbox (computer security), Search warrant, Sebastian Heilmann, Secure by design, Secure coding, Security, Security engineering, Security hacker, Security information and event management, Security information management, Self-checkout, Sensor, Separation of protection and security, Shafi Goldwasser, Smart card, Smart device, Smart meter, Smartphone, Smartwatch, Social engineering (security), Social Security number, Software, Software Defined Perimeter, Software Engineering Institute, Sony Pictures, Sony Pictures hack, Spoofing attack, Sprint Corporation, Spyware, Staples Inc., Stefan Brands, Stuxnet, Superuser, Susan Nycum, Symmetric-key algorithm, SYSGO, System administrator, Tablet computer, Tampering (crime), Target Corporation, Telecommunication, Television, Tempest (codename), TERENA, Tesla, Inc., The Christian Science Monitor, The Cuckoo's Egg, The Guardian, The Home Depot, The Washington Post, Threat (computer), Threat model, TJX Companies, Traffic light, Trojan horse (computing), Trusted Computer System Evaluation Criteria, Trusted Platform Module, U.S. Securities and Exchange Commission, UK Cyber Security Forum, Ukraine, Unit testing, United Kingdom, United States Computer Emergency Readiness Team, United States Cyber Command, United States Department of Defense, United States Department of Homeland Security, United States Department of Justice, United States Department of Justice Criminal Division, United States Department of Transportation, United States Office of Personnel Management, Unix, User (computing), User space, Vandalism, Verizon Communications, Virtual private network, Virtual reality, Vulnerability (computing), Vulnerability scanner, Wi-Fi, Willis Ware, Windows XP, Wireless network, Xi Jinping, Zippe-type centrifuge, Zombie (computer science). Expand index (378 more) » « Shrink index
In aviation, ACARS (an acronym for aircraft communications addressing and reporting system) is a digital datalink system for transmission of short messages between aircraft and ground stations via airband radio or satellite.
An accelerometer is a device that measures proper acceleration.
In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource.
An access control list (ACL), with respect to a computer file system, is a list of permissions attached to an object.
An activity tracker, also known as a fitness tracker, is a device or application for monitoring and tracking fitness-related metrics such as distance walked or run, calorie consumption, and in some cases heartbeat and quality of sleep.
Adam Back (born July 1970) is a British cryptographer and crypto-hacker.
Advanced driver-assistance system, or ADAS, is a system to help the driver in the driving process.
The Advanced Encryption Standard (AES), also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.
An advanced persistent threat is a set of stealthy and continuous computer hacking processes, often orchestrated by a person or persons targeting a specific entity.
An agency of the European Union is a decentralised body of the European Union (EU), which is distinct from the institutions.
An air navigation service provider (ANSP) is a public or a private legal entity providing Air Navigation Services.
Air traffic control (ATC) is a service provided by ground-based air traffic controllers who direct aircraft on the ground and through controlled airspace, and can provide advisory services to aircraft in non-controlled airspace.
An airbag is a type of vehicle safety device and is an occupant restraint system.
The Airbus A380 is a double-deck, wide-body, four-engine jet airliner manufactured by multi-national manufacturer Airbus.
In mathematics and computer science, an algorithm is an unambiguous specification of how to solve a class of problems.
Amazon.com, Inc., doing business as Amazon, is an American electronic commerce and cloud computing company based in Seattle, Washington that was founded by Jeff Bezos on July 5, 1994.
Annie Antón is Chair of Georgia Tech's School of Interactive Computing within its College of Computing.
Anonymous is a decentralized international hacktivist group that is widely known for its various DDOS cyber attacks against several governments, government institutions & government agencies, corporations, and the Church of Scientology.
An anti-keylogger (or anti–keystroke logger) is a type of software specifically designed for the detection of keystroke logger software; often, such software will also incorporate the ability to delete or at least immobilize hidden keystroke logger software on a computer.
An anti-lock braking system (ABS) is a safety anti-skid braking system used on aircraft and on land vehicles, such as cars, motorcycles, trucks and buses.
Software subversion is the process of making software perform unintended actions either by tampering with program code or by altering behavior in another fashion.
Anti-tamper software (or tamper-resistant software) is software which makes it harder for an attacker to modify it.
Antivirus software, or anti-virus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware.
Apache Hadoop is a collection of open-source software utilities that facilitate using a network of many computers to solve problems involving massive amounts of data and computation.
Apple Inc. is an American multinational technology company headquartered in Cupertino, California, that designs, develops, and sells consumer electronics, computer software, and online services.
An application software (app or application for short) is a computer software designed to perform a group of coordinated functions, tasks, or activities for the benefit of the user.
An artifact is one of many kinds of tangible by-products produced during the development of software.
A pacemaker (or artificial pacemaker, so as not to be confused with the heart's natural pacemaker) is a medical device that generates electrical impulses delivered by electrodes to contract the heart muscles and regulate the electrical conduction system of the heart.
Assurance service is an independent professional service, typically provided by Chartered or Certified Public Accountants or Chartered Certified Accountant, with the goal of improving information or the context of information so that decision makers can make more informed, and presumably better, decisions.
AT&T Inc. is an American multinational conglomerate holding company headquartered at Whitacre Tower in Downtown Dallas, Texas.
The attack surface of a software environment is the sum of the different points (the "attack vectors") where an unauthorized user (the "attacker") can try to enter data to or extract data from an environment.
Attack trees are conceptual diagrams showing how an asset, or target, might be attacked.
An audit trail (also called audit log) is a security-relevant chronological record, set of records, and/or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, or event.
Authentication (from authentikos, "real, genuine", from αὐθέντης authentes, "author") is the act of confirming the truth of an attribute of a single piece of data claimed true by an entity.
Authorization is the function of specifying access rights/privileges to resources related to information security and computer security in general and to access control in particular.
An automated teller machine (ATM) is an electronic telecommunications device that enables customers of financial institutions to perform financial transactions, such as cash withdrawals, deposits, transfer funds, or obtaining account information, at any time and without the need for direct interaction with bank staff.
Automated theorem proving (also known as ATP or automated deduction) is a subfield of automated reasoning and mathematical logic dealing with proving mathematical theorems by computer programs.
An automated threat is a type of computer security threat to a computer network or web application, characterised by the malicious use of automated tools such as Internet bots.
An autonomous car (also known as a driverless car, self-driving car, and robotic car) is a vehicle that is capable of sensing its environment and navigating without human input.
Aviation, or air transport, refers to the activities surrounding mechanical flight and the aircraft industry.
A backdoor is a method, often secret, of bypassing normal authentication or encryption in a computer system, a product, or an embedded device (e.g. a home router), or its embodiment, e.g. as part of a cryptosystem, an algorithm, a chipset, or a "homunculus computer" (such as that as found in Intel's AMT technology).
In information technology, a backup, or the process of backing up, refers to the copying into an archive file of computer data so it may be used to restore the original after a data loss event.
A bank is a financial institution that accepts deposits from the public and creates credit.
A bank account is a financial account maintained by a bank for a customer.
Barack Hussein Obama II (born August 4, 1961) is an American politician who served as the 44th President of the United States from January 20, 2009, to January 20, 2017.
A TLS Bicycle Attack refers to a method of discovering password length on encrypted packets transmitted via SSL, or HTTPS.
Big data is data sets that are so big and complex that traditional data-processing application software are inadequate to deal with them.
Biometrics is the technical term for body measurements and calculations.
A black market, underground economy, or shadow economy is a clandestine market or transaction that has some aspect of illegality or is characterized by some form of noncompliant behavior with an institutional set of rules.
Bluetooth is a wireless technology standard for exchanging data over short distances (using short-wavelength UHF radio waves in the ISM band from 2.4 to 2.485GHz) from fixed and mobile devices, and building personal area networks (PANs).
Bluetooth Low Energy (Bluetooth LE, colloquially BLE, formerly marketed as Bluetooth Smart) is a wireless personal area network technology designed and marketed by the Bluetooth Special Interest Group (Bluetooth SIG) aimed at novel applications in the healthcare, fitness, beacons, security, and home entertainment industries.
A botnet is a number of Internet-connected devices, each of which is running one or more bots.
Brian A. LaMacchia is a computer security specialist.
Bruce Schneier (born January 15, 1963, is an American cryptographer, computer security professional, privacy specialist and writer. He is the author of several books on general security topics, computer security and cryptography. Schneier is a fellow at the Berkman Center for Internet & Society at Harvard Law School, a program fellow at the New America Foundation's Open Technology Institute. He has been working for IBM since they acquired Resilient Systems where Schneier was CTO. He is also a contributing writer for The Guardian news organization.
Bulletproof hosting is a service provided by some domain hosting or web hosting firms that allows their customer considerable leniency in the kinds of material they may upload and distribute.
The Bureau of Justice Assistance (BJA) is a component of the Office of Justice Programs, within the United States Department of Justice.
Business Insider is an American financial and business news website that also operates international editions in the UK, Australia, China, Germany, France, South Africa, India, Italy, Indonesia, Japan, Malaysia, Netherlands, Nordics, Poland, Spanish and Singapore.
Butler W. Lampson (born December 23, 1943) is an American computer scientist best known for his contributions to the development and implementation of distributed personal computing.
A cable modem is a type of network bridge that provides bi-directional data communication via radio frequency channels on a hybrid fibre-coaxial (HFC) and radio frequency over glass (RFoG) infrastructure.
A Controller Area Network (CAN bus) is a robust vehicle bus standard designed to allow microcontrollers and devices to communicate with each other in applications without a host computer.
The Canadian Cyber Incident Response Centre (CCIRC; Centre canadien de réponse aux incidents cybernétiques, CCRIC) is a Government of Canada program that is responsible for monitoring threats and coordinating the national response to any cyber security incident.
Capability-based security is a concept in the design of secure computing systems, one of the existing security models.
A CAPTCHA (an acronym for "Completely Automated Public '''T'''uring test to tell Computers and Humans Apart") is a type of challenge–response test used in computing to determine whether or not the user is human.
Carl E. Landwehr is an American computer scientist whose research focus is cybersecurity and trustworthy computing.
Carnivore, later renamed DCS1000, was a system implemented by the Federal Bureau of Investigation that was designed to monitor email and electronic communications.
A CD-ROM is a pre-pressed optical compact disc which contains data.
The Central Cyberspace Affairs Commission, formerly known as the Central Leading Group for Cybersecurity and Informatization is a policy formulation and implementation body set up under the Central Committee of the Communist Party of China for the purpose of managing internet-related issues.
The CERT Coordination Center (CERT/CC) is the coordination center of the computer emergency response team (CERT) for the Software Engineering Institute (SEI), a non-profit United States federally funded research and development center.
In computer security, a chain of trust is established by validating each component of hardware and software from the end entity up to the root certificate.
A cheque, or check (American English; see spelling differences), is a document that orders a bank to pay a specific amount of money from a person's account to the person in whose name the cheque has been issued.
China, officially the People's Republic of China (PRC), is a unitary one-party sovereign state in East Asia and the world's most populous country, with a population of around /1e9 round 3 billion.
In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure.
Cisco Systems, Inc. is an American multinational technology conglomerate headquartered in San Jose, California, in the center of Silicon Valley, that develops, manufactures and sells networking hardware, telecommunications equipment and other high-technology services and products.
Classified information is material that a government body deems to be sensitive information that must be protected.
Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages.
Clifford Paul "Cliff" Stoll (born June 4, 1950) is an American astronomer, author and teacher.
Cloud computing security or, more simply, cloud security refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing.
CNNMoney.com is a financial news and information website, operated by CNN.
Code review is systematic examination (sometimes referred to as peer review) of computer source code.
The Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification.
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures.
The Communist Party of China (CPC), also referred to as the Chinese Communist Party (CCP), is the founding and ruling political party of the People's Republic of China.
Compact disc (CD) is a digital optical disc data storage format that was co-developed by Philips and Sony and released in 1982.
This is a non-exhaustive list of notable antivirus and Internet Security software, in the form of comparison tables, according to their platform (e.g. desktop, mobile, server, etc.) and their operating systems (e.g. Windows, OS X, Linux, Solaris, Android, iOS, Ubuntu Touch, Windows Phone, etc.).
A computer is a device that can be instructed to carry out sequences of arithmetic or logical operations automatically via computer programming.
The Computer Crime and Intellectual Property Section (CCIPS) is a section of the Criminal Division of the U.S. Department of Justice in charge of investigating computer crime (hacking, viruses, worms) and intellectual property crime and specializing in the search and seizure of digital evidence in computers and on networks.
A computer emergency response team (CERT) is an expert group that handles computer security incidents.
The Computer Fraud and Abuse Act (CFAA) is a United States cybersecurity bill that was enacted in 1986 as an amendment to existing computer fraud law, which had been included in the Comprehensive Crime Control Act of 1984.
Computer hardware includes the physical parts or components of a computer, such as the central processing unit, monitor, keyboard, computer data storage, graphic card, sound card and motherboard.
A computer network, or data network, is a digital telecommunications network which allows nodes to share resources.
A computer security model is a scheme for specifying and enforcing security policies.
A computer virus is a type of malicious software program ("malware") that, when executed, replicates itself by modifying other computer programs and inserting its own code.
A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers.
Computer-aided dispatch (CAD), also called computer-assisted dispatch, is a method of dispatching taxicabs, couriers, field service technicians, mass transit vehicles or emergency services assisted by computer.
Confidentiality involves a set of rules or a promise usually executed through confidentiality agreements that limits access or places restrictions on certain types of information.
A confused deputy is a computer program that is innocently fooled by some other party into misusing its authority.
A connected car is a car that is equipped with Internet access, and usually also with a wireless local area network.
Content Disarm & Reconstruction (CDR) is a computer security technology for removing malicious code from files.
Content Security Policy (CSP) is a computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context.
Cornell University is a private and statutory Ivy League research university located in Ithaca, New York.
In theoretical computer science, correctness of an algorithm is asserted when it is said that the algorithm is correct with respect to a specification.
The Council of Europe (CoE; Conseil de l'Europe) is an international organisation whose stated aim is to uphold human rights, democracy and the rule of law in Europe.
In computer security a countermeasure is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken.
A covert listening device, more commonly known as a bug or a wire, is usually a combination of a miniature radio transmitter with a microphone.
A credit card is a payment card issued to users (cardholders) to enable the cardholder to pay a merchant for goods and services based on the cardholder's promise to the card issuer to pay them for the amounts so paid plus the other agreed charges.
Cruise control (sometimes known as speed control or autocruise, or tempomat in some countries) is a system that automatically controls the speed of a motor vehicle.
Cryptanalysis (from the Greek kryptós, "hidden", and analýein, "to loosen" or "to untie") is the study of analyzing information systems in order to study the hidden aspects of the systems.
A security protocol (cryptographic protocol or encryption protocol) is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods, often as sequences of cryptographic primitives.
Cryptography or cryptology (from κρυπτός|translit.
In cryptography, a cryptosystem is a suite of cryptographic algorithms needed to implement a particular security service, most commonly for achieving confidentiality (encryption).
Cyber-insurance is an insurance product used to protect businesses and individual users from Internet-based risks, and more generally from risks relating to information technology infrastructure and activities.
Cybersecurity standards (also styled cyber security standards) are techniques generally set forth in published materials that attempt to protect the cyber environment of a user or organization.
Cyber self-defense refers to self-defense in cybersecurity to defend against cyberattack.
A cybersecurity regulation comprises directives that safeguard information technology and computer systems with the purpose of forcing companies and organizations to protect their systems and information from cyberattacks like viruses, worms, Trojan horses, phishing, denial of service (DOS) attacks, unauthorized access (stealing intellectual property or confidential information) and control system attacks.
A cyberattack is any type of offensive maneuver that targets computer information systems, infrastructures, computer networks, or personal computer devices.
Cybercrime, or computer oriented crime, is crime that involves a computer and a network.
Cyberspace is interconnected technology.
Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten, loss of life or significant bodily harm, in order to achieve political gains through intimidation.
Cyberwarfare is the use or targeting in a battlespace or warfare context of computers, online control systems and networks.
Cynthia Dwork (born 1958) is an American computer scientist at Harvard University, where she is Gordon McKay Professor of Computer Science, Radcliffe Alumnae Professor at the Radcliffe Institute for Advanced Study, and Affiliated Professor, Harvard Law School.
In computer security, the "dancing pigs" is a term or problem that describes computer users' attitudes to computer security.
Daniel Julius Bernstein (sometimes known simply as djb; born October 29, 1971) is a German-American mathematician, cryptologist, and programmer.
The Defense Advanced Research Projects Agency (DARPA) is an agency of the United States Department of Defense responsible for the development of emerging technologies for use by the military.
Data (treated as singular, plural, or as a mass noun) is any sequence of one or more symbols given meaning by specific act(s) of interpretation.
A data breach is the intentional or unintentional release of secure or private/confidential information to an untrusted environment.
Data integrity is the maintenance of, and the assurance of the accuracy and consistency of, data over its entire life-cycle, and is a critical aspect to the design, implementation and usage of any system which stores, processes, or retrieves data.
A data logger (also datalogger or data recorder) is an electronic device that records data over time or in relation to location either with a built in instrument or sensor or via external instruments and sensors.
Data security means protecting digital data, such as those in a database, from destructive forces and from the unwanted actions of unauthorized users, such as a cyberattack or a data breach.
Dawn Song is a professor at the University of California, Berkeley, in the Electrical Engineering and Computer Science Department.
A debit card (also known as a bank card, plastic card or check card) is a plastic payment card that can be used instead of cash when making purchases.
Deborah Estrin (born December 6, 1959) is a Professor of Computer Science at Cornell Tech.
Defense in depth (also known as Castle Approach) is an information assurance (IA) concept in which multiple layers of security controls (defense) are placed throughout an information technology (IT) system.
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
Differentiated security is a form of computer security that deploys a range of different security policies and mechanisms according to the identity and context of a user or transaction.
Digital evidence or electronic evidence is any probative information stored or transmitted in digital form that a party to a court case may use at trial.
Disk encryption is a technology which protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people.
Deoxyribonucleic acid (DNA) is a thread-like chain of nucleotides carrying the genetic instructions used in the growth, development, functioning and reproduction of all known living organisms and many viruses.
A dongle is a small piece of hardware that connects to another device to provide it with additional functionality.
Dorothy Elizabeth Denning, born August 12, 1945, is a US-American information security researcher known for lattice-based access control (LBAC), intrusion detection systems (IDS), and other cyber security innovations.
Dynamic DNS (DDNS or DynDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.
E is an object-oriented programming language for secure distributed computing, created by Mark S. Miller, Dan Bornstein, and others at Electric Communities in 1997.
Eavesdropping is secretly or stealthily listening to the private conversation or communications of others without their consent.
Edward Joseph Snowden (born June 21, 1983) is an American computer professional, former Central Intelligence Agency (CIA) employee, and former contractor for the United States government who copied and leaked classified information from the National Security Agency (NSA) in 2013 without authorization.
An electrical grid is an interconnected network for delivering electricity from producers to consumers.
Electromagnetism is a branch of physics involving the study of the electromagnetic force, a type of physical interaction that occurs between electrically charged particles.
Electronics is the discipline dealing with the development and application of devices and systems involving the flow of electrons in a vacuum, in gaseous media, and in semiconductors.
Email spoofing is the creation of email messages with a forged sender address.
An embedded system is a computer system with a dedicated function within a larger mechanical or electrical system, often with real-time computing constraints.
Employee exit management or offboarding describes the consciously designed separation process when an employee leaves the company, for which he has previously worked within the scope of a work or service contract.
In cryptography, encryption is the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot.
Encryption software is software that uses cryptography to prevent unauthorized access to digital information.
Endpoint security or endpoint protection is an approach to the protection of computer networks that are remotely bridged to client devices.
Equifax Inc. is a consumer credit reporting agency.
The European Union (EU) is a political and economic union of EUnum member states that are located primarily in Europe.
The European Union Agency for Network and Information Security - self-designation ENISA from the abbreviation of its original name - is an agency of the European Union.
The Evaluation Assurance Level (EAL1 through EAL7) of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999.
In computing, executable code or an executable file or executable program, sometimes simply referred to as an executable or binary, causes a computer "to perform indicated tasks according to encoded instructions," as opposed to a data file that must be parsed by a program to be meaningful.
In the United States, an executive order is a directive issued by the President of the United States that manages operations of the federal government and has the force of law.
In probability theory, the expected value of a random variable, intuitively, is the long-run average value of repetitions of the experiment it represents.
An exploit (from the English verb to exploit, meaning "to use something to one’s own advantage") is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized).
Facebook is an American online social media and social networking service company based in Menlo Park, California.
A fail-safe in engineering is a design feature or practice that in the event of a specific type of failure, inherently responds in a way that will cause no or minimal harm to other equipment, the environment or to people.
Fast flux is a DNS technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies.
Fault tolerance is the property that enables a system to continue operating properly in the event of the failure (or one or more faults within) some of its components.
The Federal Aviation Administration (FAA) of the United States is a national authority with powers to regulate all aspects of civil aviation.
The Federal Bureau of Investigation (FBI), formerly the Bureau of Investigation (BOI), is the domestic intelligence and security service of the United States, and its principal federal law enforcement agency.
The Federal Communications Commission (FCC) is an independent agency of the United States government created by statute (and) to regulate interstate communications by radio, television, wire, satellite, and cable.
The Federal Criminal Police Office of Germany (in German:, abbreviated) is the federal investigative police agency of Germany, directly subordinated to the Federal Ministry of the Interior.
The Federal Intelligence Service (German: Bundesnachrichtendienst;, BND) is the foreign intelligence agency of Germany, directly subordinated to the Chancellor's Office.
The Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, abbreviated as BSI) is the German upper-level federal agency in charge of managing computer and communication security for the German government.
The File Transfer Protocol (FTP) is a standard network protocol used for the transfer of computer files between a client and server on a computer network.
In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
In electronic systems and computing, firmware is a specific class of computer software that provides the low-level control for the device's specific hardware.
The Food and Drug Administration (FDA or USFDA) is a federal agency of the United States Department of Health and Human Services, one of the United States federal executive departments.
Forensic science is the application of science to criminal and civil laws, mainly—on the criminal side—during criminal investigation, as governed by the legal standards of admissible evidence and criminal procedure.
Form W-2 (officially, the "Wage and Tax Statement") is an Internal Revenue Service (IRS) tax form used in the United States to report wages paid to employees and the taxes withheld from them.
In the context of hardware and software systems, formal verification is the act of proving or disproving the correctness of intended algorithms underlying a system with respect to a certain formal specification or property, using formal methods of mathematics.
Fox Business Network (FBN), also known as Fox Business, is an American cable and satellite business news television channel that is owned by the Fox Entertainment Group division of 21st Century Fox.
In the field of computer security, independent researchers often discover flaws in software that can be abused to cause unintended behaviour; these flaws are called vulnerabilities.
Eugene Howard Spafford (born 1956), commonly known as Spaf, is an American professor of computer science at Purdue University and a leading computer security expert.
The General Secretary of the Central Committee of the Communist Party of China is head of the Communist Party of China and the highest-ranking official within the People's Republic of China.
Google LLC is an American multinational technology company that specializes in Internet-related services and products, which include online advertising technologies, search engine, cloud computing, software, and hardware.
The Gordon–Loeb /ˈgȯr-dən ˈlōb/ Model is a mathematical economic model analyzing the optimal investment level in information security.
The Government Accountability Office (GAO) is a legislative branch government agency that provides auditing, evaluation, and investigative services for the United States Congress.
The central government of the People's Republic of China is divided among several state organs.
The Government of the United Kingdom, formally referred to as Her Majesty's Government, is the central government of the United Kingdom of Great Britain and Northern Ireland.
In Internet activism, hacktivism or hactivism (a portmanteau of hack and activism) is the subversive use of computers and computer networks to promote a political agenda or a social change.
Hardware security as a discipline originated out of cryptographic engineering and involves hardware design, access control, secure multi-party computation, secure key storage, ensuring code authenticity, measures to ensure that the supply chain that built the product is secure among other things.
HBGary is a subsidiary company of ManTech International, focused on technology security.
Home automation or domotics is building automation for a home, called a smart home or smart house.
In computer terminology, a honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems.
HCISec is the study of interaction between humans and computers, or human–computer interaction, specifically as it pertains to information security.
Ian Avrum Goldberg (born March 31, 1973) is a cryptographer and cypherpunk.
An identity document (also called a piece of identification or ID, or colloquially as papers) is any document which may be used to prove a person's identity.
Identity management, also known as identity and access management (IAM) is, in computer security, the security and business discipline that "enables the right individuals to access the right resources at the right times and for the right reasons".
Identity theft is the deliberate use of someone else's identity, usually as a method to gain a financial advantage or obtain credit and other benefits in the other person's name, and perhaps to the other person's disadvantage or loss.
Identity-based security is an approach to control access to a digital product or service based on the authenticated identity of an individual.
The Indian Computer Emergency Response Team (CERT-In) is an office within the Ministry of Electronics and Information Technology.
Information security, sometimes shortened to InfoSec, is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information.
Information security awareness is an evolving part of information security that focuses on raising consciousness regarding potential risks of the rapidly evolving forms of information and the rapidly evolving threats to that information which target human behavior.
Information technology (IT) is the use of computers to store, retrieve, transmit, and manipulate data, or information, often in the context of a business or other enterprise.
Information technology architecture is the process of development of methodical information technology specifications, models and guidelines, using a variety of Information Technology notations, for example UML, within a coherent Information Technology architecture framework, following formal and informal Information Technology solution, enterprise, and infrastructure architecture processes.
InfraGard is a non-profit organization serving as a public-private partnership between U.S. businesses and the Federal Bureau of Investigation.
Inoculation theory was developed by social psychologist William J. McGuire in 1961 to explain how attitudes and beliefs change, and more importantly, how to keep existing attitudes and beliefs consistent in the face of attempts to change them.
An insider threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems.
Instant messaging (IM) technology is a type of online chat that offers real-time text transmission over the Internet.
An insulin pump is a medical device used for the administration of insulin in the treatment of diabetes mellitus, also known as continuous subcutaneous insulin therapy.
Insurance is a means of protection from financial loss.
INTEGRITY and INTEGRITY-178B are real-time operating systems (RTOSes) produced and marketed by Green Hills Software.
Intellectual property (IP) is a category of property that includes intangible creations of the human intellect, and primarily encompasses copyrights, patents, and trademarks.
International Data Group, Inc. (IDG) is a Chinese-owned, American-based media, data and marketing services and venture capital organization.
The Internet is the global system of interconnected computer networks that use the Internet protocol suite (TCP/IP) to link devices worldwide.
Internet access is the ability of individuals and organizations to connect to the Internet using computer terminals, computers, and other devices; and to access services such as email and the World Wide Web.
The mission of the Internet Crime Complaint Center, also known as IC3, is to provide the public with a reliable and convenient reporting mechanism to submit information to the Federal Bureau of Investigation (FBI) concerning suspected Internet-facilitated criminal activity and to develop alliances with law enforcement and industry partners.
The Internet of Things (IoT) is the network of physical devices, vehicles, home appliances, and other items embedded with electronics, software, sensors, actuators, and connectivity which enables these things to connect and exchange data, creating opportunities for more direct integration of the physical world into computer-based systems, resulting in efficiency improvements, economic benefits, and reduced human exertions.
Internet privacy involves the right or mandate of personal privacy concerning the storing, repurposing, provision to third parties, and displaying of information pertaining to oneself via of the Internet.
Internet security is a branch of computer security specifically related to the Internet, often involving browser security but also network security on a more general level, as it applies to other applications or operating systems as a whole.
An Internet service provider (ISP) is an organization that provides services for accessing, using, or participating in the Internet.
An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations.
An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.
In computer networking, IP address spoofing or IP spoofing is the creation of Internet Protocol (IP) packets with a false source IP address, for the purpose of hiding the identity of the sender or impersonating another computing system.
Information technology risk, IT risk, IT-related risk, or Cyber Risk is any risk related to information technology.
Joan Feigenbaum (born 1958 in Brooklyn, New York) is a theoretical computer scientist with a background in mathematics.
Jurisdiction (from the Latin ius, iuris meaning "law" and dicere meaning "to speak") is the practical authority granted to a legal body to administer justice within a defined field of responsibility, e.g., Michigan tax law.
The kernel is a computer program that is the core of a computer's operating system, with complete control over everything in the system.
Kevin David Mitnick (born August 6, 1963) is an American computer security consultant, author, and hacker, best known for his high-profile 1995 arrest and later five years in prison for various computer and communications-related crimes.
Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording (logging) the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored.
The KGB, an initialism for Komitet gosudarstvennoy bezopasnosti (p), translated in English as Committee for State Security, was the main security agency for the Soviet Union from 1954 until its break-up in 1991.
The term kill chain was originally used as a military concept related to the structure of an attack; consisting of target identification, force dispatch to target, decision and order to attack the target, and finally the destruction of the target.
L4 is a family of second-generation microkernels, generally used to implement Unix-like operating systems, but also used in a variety of other systems.
Lance Cottrell develops Internet privacy systems.
Law is a system of rules that are created and enforced through social or governmental institutions to regulate behavior.
A law enforcement officer (LEO) or peace officer, in North American English, is a public-sector employee whose duties primarily involve the enforcement of laws.
Lawrence A. Gordon is the EY Alumni Professor of Managerial Accounting and Information Assurance at the University of Maryland’s Robert H. Smith School of Business.
Linux is a family of free and open-source software operating systems built around the Linux kernel.
Credentialing is the process of establishing the qualifications of licensed professionals, organizational members or organizations, and assessing their background and legitimacy.
A local area network (LAN) is a computer network that interconnects computers within a limited area such as a residence, school, laboratory, university campus or office building.
In computing, a log file is a file that records either events that occur in an operating system or other software runs, or messages between different users of a communication software.
Log management (LM) comprises an approach to dealing with large volumes of computer-generated log messages (also known as audit records, audit trails, event-logs, etc.). Log Management generally covers.
In computer security, logging in (or logging on or signing in or signing on) is the process by which an individual gains access to a computer system by identifying and authenticating themselves.
Lorrie Faith Cranor, Ph.D. is a Professor in the School of Computer Science and the Engineering and Public Policy Department at Carnegie Mellon University and is the director of the Carnegie Mellon Usable Privacy and Security Laboratory.
The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is an international information technology industry forum that works to reduce the threat from bots, malware, spam, viruses, DoS attacks and other online exploitations.
A media access control address (MAC address) of a device is a unique identifier assigned to a network interface controller (NIC) for communications at the data link layer of a network segment.
MAC spoofing is a technique for changing a factory-assigned Media Access Control (MAC) address of a network interface on a networked device.
Machine learning is a subset of artificial intelligence in the field of computer science that often uses statistical techniques to give computers the ability to "learn" (i.e., progressively improve performance on a specific task) with data, without being explicitly programmed.
In the law of torts, malpractice, also known as professional negligence, is an "instance of negligence or incompetence on the part of a professional".
Malware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server or computer network.
Markus Hess, a German citizen, is best known for his endeavours as a hacker in the late 1980s.
Matt Blaze is a researcher in the areas of secure systems, cryptography, and trust management.
McAfee, Inc. (formerly known as Intel Security Group from 2014–2017) is an American global computer security software company headquartered in Santa Clara, California and claims to be the world's largest dedicated security technology company.
A medical device is any apparatus, appliance, software, material, or other article—whether used alone or in combination, including the software intended by its manufacturer to be used specifically for diagnostic and/or therapeutic purposes and necessary for its proper application—intended by the manufacturer to be used for human beings for the purpose of.
Medical device manufacturing, as the name suggests, refers to the production of medical devices.
In computer science, a microkernel (also known as μ-kernel) is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system (OS).
Microsoft Corporation (abbreviated as MS) is an American multinational technology company with headquarters in Redmond, Washington.
A military or armed force is a professional organization formally authorized by a sovereign state to use lethal or deadly force and weapons to support the interests of the state.
The Military Counterintelligence Service (Militärischer Abschirmdienst; MAD) is one of the three federal intelligence agencies in Germany and is responsible for military counterintelligence.
The Milwaukee Bucks are an American professional basketball team based in Milwaukee, Wisconsin.
MIRACL (formally known as CertiVox) is a London-based web 2.0 security firm that develops information security infrastructure as a service (IaaS) and encryption based software as a service (SaaS) solutions for enterprises and individuals.
A mobile device (or handheld computer) is a computing device small enough to hold and operate in the hand.
Monica Sin-Ling Lam is a professor in the Computer Science Department at Stanford, and founder of Moka5 and Omlet.
Mordechai M. (Moti) Yung is an Israeli-American cryptographer and computer scientist with an extensive industrial research career.
Multi-factor authentication (MFA) is a method of confirming a user's claimed identity in which a user is granted access only after successfully presenting 2 or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something they and only they know), possession (something they and only they have), and inherence (something they and only they are).
MySecureCyberspace began in 2003 as an initiative by Carnegie Mellon CyLab and the Information Networking Institute to educate the public about computer security, network security and Internet safety.
Narus Inc. was a software company and vendor of big data analytics for cybersecurity.
The National Aeronautics and Space Administration (NASA) is an independent agency of the executive branch of the United States federal government responsible for the civilian space program, as well as aeronautics and aerospace research.
The National Basketball Association (NBA) is a men's professional basketball league in North America; composed of 30 teams (29 in the United States and 1 in Canada).
The National Cyber Security Division (NCSD) is a division of the Office of Cyber Security & Communications, within the United States Department of Homeland Security's Directorate for National Protection and Programs.
National Cyber Security Policy is a policy framework by Department of Electronics and Information Technology (DeitY) It aims at protecting the public and private infrastructure from cyber attacks.
The National Cyberdefence Centre is a German government agency established to respond to attacks on government computers in Germany.
The National Highway Traffic Safety Administration (NHTSA, pronounced "NITS-uh") is an agency of the Executive Branch of the U.S. government, part of the Department of Transportation.
The National Institute of Standards and Technology (NIST) is one of the oldest physical science laboratories in the United States.
The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence.
The National White Collar Crime Center, also known as NW3C, is a congressionally funded non-profit corporation which trains state and local law enforcement agencies to combat emerging economic and cyber crime problems.
Near-field communication (NFC) is a set of communication protocols that enable two electronic devices, one of which is usually a portable device such as a smartphone, to establish communication by bringing them within 4 cm (1.6 in) of each other.
The Nest Learning Thermostat (or Nest Thermostat) is a smart thermostat developed by Nest Labs and designed by Tony Fadell, Ben Filson, and Fred Bould.
A network administrator is the person designated in an organization whose responsibility includes maintaining computer infrastructures with emphasis on networking.
In computing, a network interface is a system's (software and/or hardware) interface between two pieces of equipment or protocol layers in a computer network.
A network packet is a formatted unit of data carried by a packet-switched network.
Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.
Network segmentation in computer networking is the act or practice of splitting a computer network into subnetworks, each being a network segment.
The Next Generation Air Transportation System (NextGen) is an ongoing multibillion-dollar modernization of the National Airspace System (NAS).
A nuclear power plant or nuclear power station is a thermal power station in which the heat source is a nuclear reactor.
In June 2015, the United States Office of Personnel Management (OPM) announced that it had been the target of a data breach targeting the records of as many as four million people.
In security parlance, the term open port is used to mean a TCP or UDP port number that is configured to accept packets.
Open security is the use of open source philosophies and methodologies to approach computer security and other information security challenges.
An operating system (OS) is system software that manages computer hardware and software resources and provides common services for computer programs.
Orange S.A., formerly France Télécom S.A., is a French multinational telecommunications corporation.
The following outline is provided as an overview of and topical guide to computer security: Computer security – security applied to computing devices such as computers and smartphones, as well as computer networks such as private and public networks, including the whole Internet.
The Open Web Application Security Project (OWASP), an online community, produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.
A packet capture appliance is a standalone device that performs packet capture.
Page hijacking Involves compromising legitimate web pages in order to redirect users to a malicious web site or an Exploit kit via XSS.
The Pan-European Network Service (PENS) is a telecommunications network established (in 2009) by several European Air Navigation Service Providers with support of EUROCONTROL with a view to build transport infrastructure.
A passport is a travel document, usually issued by a country's government, that certifies the identity and nationality of its holder primarily for the purpose of international travel.
A password is a word or string of characters used for user authentication to prove identity or access approval to gain access to a resource (example: an access code is a type of password), which is to be kept secret from those not allowed access.
A patch is a set of changes to a computer program or its supporting data designed to update, fix, or improve it.
Paul Carl Kocher (born June 11, 1973) is an American cryptographer and cryptography consultant, currently the president and chief scientist of Cryptography Research, Inc.
A payment card number, primary account number (PAN), or simply a card number, is the card identifier found on payment cards, such as credit cards and debit cards, as well as stored-value cards, gift cards and other similar cards.
A penetration test, colloquially known as a pen test, is an authorized simulated attack on a computer system, performed to evaluate the security of the system.
A personal computer (PC) is a multi-purpose computer whose size, capabilities, and price make it feasible for individual use.
A personal identification number (PIN, pronounced "pin"; is often spoken out loud "PIN number" by mistake) is a numeric or alpha-numeric password or code used in the process of authenticating or identifying a user to a system and system to a user.
Personal information, described in United States legal fields as either personally identifiable information (PII), or sensitive personal information (SPI), as used in information security and privacy laws, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.
Peter Gabriel Neumann (born 1932) is a computer-science researcher who worked on the Multics operating system in the 1960s.
Peter Claus Gutmann is a computer scientist in the Department of Computer Science at the University of Auckland, Auckland, New Zealand.
Peter James Denning (born January 6, 1942) is an American computer scientist and writer.
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.
Phone cloning is the copying of identity from one cellular device to another.
Physical information security is the intersection, the common ground between physical security and information security.
Physical security describes security measures that are designed to deny unauthorized access to facilities, equipment and resources and to protect personnel and property from damage or harm (such as espionage, theft, or terrorist attacks).
PikeOS is a commercial, hard real-time operating system (RTOS) that offers a separation kernel based hypervisor with multiple partition types for many other operating systems (called GuestOS) and applications.
Ping is a computer network administration software utility used to test the reachability of a host on an Internet Protocol (IP) network.
In computer networking, a port is an endpoint of communication in an operating system, which identifies a specific process or a type of network service running on that system.
A port scanner is an application designed to probe a server or host for open ports.
Presumed security is a principle in security engineering that a system is safe from attack due to an attacker assuming, on the basis of probability, that it is secure.
The Prime Minister's Office (PMO) (IAST: Pradhānamaṃtrī Kāryālaya) consists of the immediate staff of the Prime Minister of India, as well as multiple levels of support staff reporting to the Prime Minister.
In information security, computer science, and other fields, the principle of least privilege (PoLP, also known as the principle of minimal privilege or the principle of least authority) requires that in a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose.
Privacy software is software built to protect the privacy of its users.
Privilege escalation is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user.
Proactive cyber defense or active cyber defense (ACD) means acting in anticipation to oppose an attack involving computers and networks.
A programmable logic controller (PLC), or programmable controller is an industrial digital computer which has been ruggedized and adapted for the control of manufacturing processes, such as assembly lines, or robotic devices, or any activity that requires high reliability control and ease of programming and process fault diagnosis.
The protocol stack or network stack is an implementation of a computer networking protocol suite or protocol family.
In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the ownership of a public key.
Public-key cryptography, or asymmetric cryptography, is any cryptographic system that uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner.
QR code (abbreviated from Quick Response Code) is the trademark for a type of matrix barcode (or two-dimensional barcode) first designed in 1994 for the automotive industry in Japan.
Quantified self, also known as lifelogging, is a specific movement by Gary Wolf and Kevin Kelly from Wired magazine, which began in 2007 and tries to incorporate technology into data acquisition on aspects of a person's daily life.
Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects.
Ransomware is a type of malicious software from cryptovirology that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid.
Records management, also known as records and information management, is an organizational function devoted to the management of information in an organization throughout its life cycle, from the time of creation or inscription to its eventual disposition.
Richard Alan Clarke (born October 27, 1950) is the former National Coordinator for Security, Infrastructure Protection and Counter-terrorism for the United States.
Risk cybernetics by Finamatrix AI (Author: Dr Lanz Chan) is a risk management blockchain project comprising risk specification and risk control techniques using advanced artificial intelligence and computing technologies with circular-causal volatility-feedback in a genetic algorithm neural network (GANN) framework.
Risk management is the identification, evaluation, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinator and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.
Robert Tappan Morris (born November 8, 1965) is an American computer scientist and entrepreneur. He is best known for creating the Morris Worm in 1988, considered the first computer worm on the Internet. Morris was prosecuted for releasing the worm, and became the first person convicted under the then-new Computer Fraud and Abuse Act. He went on to co-found the online store Viaweb, one of the first web-based applications, and later the funding firm Y Combinator—both with Paul Graham. He later joined the faculty in the department of Electrical Engineering and Computer Science at the Massachusetts Institute of Technology, where he received tenure in 2006.
Roger R. Schell is President of ÆSec, a company focused on appliances built on hardened platforms for secure, reliable e-business on the Internet.
Rome Laboratory (Rome Air Development Center until 1991) is the US "Air Force 'superlab' for command, control, and communications" research and development and is responsible for planning and executing the USAF science and technology program.
A root kit is a collection of computer software, typically malicious, designed to enable access to a computer or areas of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software.
Ross John Anderson, FRS, FREng (born 15 September 1956) is a researcher, writer, and industry consultant in security engineering.
The RSA Conference is a series of IT security conferences.
Ruby Corp. (formerly Avid Life Media) is an Internet media company based in Toronto.
Russia (rɐˈsʲijə), officially the Russian Federation (p), is a country in Eurasia. At, Russia is the largest country in the world by area, covering more than one-eighth of the Earth's inhabited land area, and the ninth most populous, with over 144 million people as of December 2017, excluding Crimea. About 77% of the population live in the western, European part of the country. Russia's capital Moscow is one of the largest cities in the world; other major cities include Saint Petersburg, Novosibirsk, Yekaterinburg and Nizhny Novgorod. Extending across the entirety of Northern Asia and much of Eastern Europe, Russia spans eleven time zones and incorporates a wide range of environments and landforms. From northwest to southeast, Russia shares land borders with Norway, Finland, Estonia, Latvia, Lithuania and Poland (both with Kaliningrad Oblast), Belarus, Ukraine, Georgia, Azerbaijan, Kazakhstan, China, Mongolia and North Korea. It shares maritime borders with Japan by the Sea of Okhotsk and the U.S. state of Alaska across the Bering Strait. The East Slavs emerged as a recognizable group in Europe between the 3rd and 8th centuries AD. Founded and ruled by a Varangian warrior elite and their descendants, the medieval state of Rus arose in the 9th century. In 988 it adopted Orthodox Christianity from the Byzantine Empire, beginning the synthesis of Byzantine and Slavic cultures that defined Russian culture for the next millennium. Rus' ultimately disintegrated into a number of smaller states; most of the Rus' lands were overrun by the Mongol invasion and became tributaries of the nomadic Golden Horde in the 13th century. The Grand Duchy of Moscow gradually reunified the surrounding Russian principalities, achieved independence from the Golden Horde. By the 18th century, the nation had greatly expanded through conquest, annexation, and exploration to become the Russian Empire, which was the third largest empire in history, stretching from Poland on the west to Alaska on the east. Following the Russian Revolution, the Russian Soviet Federative Socialist Republic became the largest and leading constituent of the Union of Soviet Socialist Republics, the world's first constitutionally socialist state. The Soviet Union played a decisive role in the Allied victory in World War II, and emerged as a recognized superpower and rival to the United States during the Cold War. The Soviet era saw some of the most significant technological achievements of the 20th century, including the world's first human-made satellite and the launching of the first humans in space. By the end of 1990, the Soviet Union had the world's second largest economy, largest standing military in the world and the largest stockpile of weapons of mass destruction. Following the dissolution of the Soviet Union in 1991, twelve independent republics emerged from the USSR: Russia, Ukraine, Belarus, Kazakhstan, Uzbekistan, Armenia, Azerbaijan, Georgia, Kyrgyzstan, Moldova, Tajikistan, Turkmenistan and the Baltic states regained independence: Estonia, Latvia, Lithuania; the Russian SFSR reconstituted itself as the Russian Federation and is recognized as the continuing legal personality and a successor of the Soviet Union. It is governed as a federal semi-presidential republic. The Russian economy ranks as the twelfth largest by nominal GDP and sixth largest by purchasing power parity in 2015. Russia's extensive mineral and energy resources are the largest such reserves in the world, making it one of the leading producers of oil and natural gas globally. The country is one of the five recognized nuclear weapons states and possesses the largest stockpile of weapons of mass destruction. Russia is a great power as well as a regional power and has been characterised as a potential superpower. It is a permanent member of the United Nations Security Council and an active global partner of ASEAN, as well as a member of the G20, the Shanghai Cooperation Organisation (SCO), the Council of Europe, the Asia-Pacific Economic Cooperation (APEC), the Organization for Security and Co-operation in Europe (OSCE), and the World Trade Organization (WTO), as well as being the leading member of the Commonwealth of Independent States (CIS), the Collective Security Treaty Organization (CSTO) and one of the five members of the Eurasian Economic Union (EEU), along with Armenia, Belarus, Kazakhstan and Kyrgyzstan.
Safety engineering is an engineering discipline which assures that engineered systems provide acceptable levels of safety.
Salvatore J. Stolfo is a tenured professor of computer science at Columbia University in New York and a leading expert in computer security.
San Francisco (initials SF;, Spanish for 'Saint Francis'), officially the City and County of San Francisco, is the cultural, commercial, and financial center of Northern California.
In computer security, a sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading.
A search warrant is a court order that a magistrate or judge issues to authorize law enforcement officers to conduct a search of a person, location, or vehicle for evidence of a crime and to confiscate any evidence they find.
Sebastian Heilmann (born 1965 in Offenbach am Main, Germany) is a German political scientist and sinologist.
Secure by design, in software engineering, means that the software has been designed from the ground up to be secure.
Secure coding is the practice of developing computer software in a way that guards against the accidental introduction of security vulnerabilities.
Security is freedom from, or resilience against, potential harm (or other unwanted coercive change) from external forces.
Security engineering is a specialized field of engineering that focuses on the security aspects in the design of systems that need to be able to deal robustly with possible sources of disruption, ranging from natural disasters to malicious acts.
A security hacker is someone who seeks to breach defenses and exploit weaknesses in a computer system or network.
In the field of computer security, security information and event management (SIEM) software products and services combine security information management (SIM) and security event management (SEM).
Security information management (SIM) is an information security industry term for the collection of data such as log files into a central repository for trend analysis.
Self-checkout (also known as self-service checkout and as semi-attended customer-activated terminal, SACAT) machines provide a mechanism for customers to process their own purchases from a retailer.
In the broadest definition, a sensor is a device, module, or subsystem whose purpose is to detect events or changes in its environment and send the information to other electronics, frequently a computer processor.
In computer sciences the separation of protection and security is a design choice.
Shafrira Goldwasser (שפרירה גולדווסר; born 1959) is an American-Israeli computer scientist and winner of the Turing Award in 2012.
A smart card, chip card, or integrated circuit card (ICC), is any pocket-sized card that has embedded integrated circuits.
A smart device is an electronic device, generally connected to other devices or networks via different wireless protocols such as Bluetooth, NFC, Wi-Fi, LiFi, 3G, etc., that can operate to some extent interactively and autonomously.
A smart meter is an electronic device that records consumption of electric energy and communicates the information to the electricity supplier for monitoring and billing.
A smartphone is a handheld personal computer with a mobile operating system and an integrated mobile broadband cellular network connection for voice, SMS, and Internet data communication; most, if not all, smartphones also support Wi-Fi.
A smartwatch is a touchscreen wearable computer in the form of a wristwatch.
Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information.
In the United States, a Social Security number (SSN) is a nine-digit number issued to U.S. citizens, permanent residents, and temporary (working) residents under section 205(c)(2) of the Social Security Act, codified as.
Computer software, or simply software, is a generic term that refers to a collection of data or computer instructions that tell the computer how to work, in contrast to the physical hardware from which the system is built, that actually performs the work.
Software Defined Perimeter (SDP), also called a "Black Cloud", is an approach to computer security which evolved from the work done at the Defense Information Systems Agency (DISA) under the Global Information Grid (GIG) Black Core Network initiative around 2007.
The Software Engineering Institute (SEI) is an American research and development center headquartered in Pittsburgh, Pennsylvania.
Sony Pictures Entertainment Inc. (known simply as Sony Pictures and abbreviated as SPE) is a Japanese-owned American entertainment company that produces, acquires and distributes filmed entertainment (theatrical motion pictures, television programs and recorded videos) through multiple platforms.
On November 24, 2014, a hacker group which identified itself by the name "Guardians of Peace" (GOP) leaked a release of confidential data from the film studio Sony Pictures.
In the context of network security, a spoofing attack is a situation in which a person or program successfully masquerades as another by falsifying data, to gain an illegitimate advantage.
Sprint Corporation is an American telecommunications company that provides wireless services and is an internet service provider.
Spyware is software that aims to gather information about a person or organization sometimes without their knowledge, that may send such information to another entity without the consumer's consent, that asserts control over a device without the consumer's knowledge, or it may send such information to another entity with the consumer's consent, through cookies.
Staples, Inc. is an American multinational office supply retailing corporation.
Stuxnet is a malicious computer worm, first uncovered in 2010.
In computing, the superuser is a special user account used for system administration.
Susan H. Nycum is a lawyer who specialises in computer security and intellectual property issues.
Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext.
SYSGO AG is a German information technologies company that supplies operating systems and services for embedded systems with high safety and security-related requirements, using Linux.
A system administrator, or sysadmin, is a person who is responsible for the upkeep, configuration, and reliable operation of computer systems; especially multi-user computers, such as servers.
A tablet computer, commonly shortened to tablet, is a portable personal computer, typically with a mobile operating system and LCD touchscreen display processing circuitry, and a rechargeable battery in a single thin, flat package.
Tampering can refer to many forms of sabotage but the term is often used to mean intentional modification of products in a way that would make them harmful to the consumer.
Target Corporation is the second-largest department store retailer in the United States, behind Walmart, and is a component of the S&P 500 Index.
Telecommunication is the transmission of signs, signals, messages, words, writings, images and sounds or information of any nature by wire, radio, optical or other electromagnetic systems.
Television (TV) is a telecommunication medium used for transmitting moving images in monochrome (black and white), or in colour, and in two or three dimensions and sound.
TEMPEST is a National Security Agency specification and a NATO certification referring to spying on information systems through leaking emanations, including unintentional radio or electrical signals, sounds, and vibrations.
The Trans-European Research and Education Networking Association (TERENA) was a not-for-profit association of European national research and education networks (NRENs) incorporated in Amsterdam, The Netherlands.
Tesla, Inc. (formerly Tesla Motors) was founded in 2003, and is an American multinational corporation based in Palo Alto, California, that specializes in electric vehicles, lithium-ion battery energy storage and solar panel manufacturing (through the subsidiary company SolarCity).
The Christian Science Monitor (CSM) is a nonprofit news organization that publishes daily articles in electronic format as well as a weekly print edition.
The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage is a 1989 book written by Clifford Stoll.
The Guardian is a British daily newspaper.
The Home Depot Inc. or Home Depot is an American home improvement supplies retailing company that sells tools, construction products, and services.
The Washington Post is a major American daily newspaper founded on December 6, 1877.
In computer security, a threat is a possible danger that might exploit a vulnerability to breach security and therefore cause possible harm.
Threat modeling is a process by which potential threats, such as structural vulnerabilities can be identified, enumerated, and prioritized – all from a hypothetical attacker’s point of view.
The TJX Companies, Inc. is an American multinational off-price department store corporation, headquartered in Framingham, Massachusetts.
Traffic lights, also known as traffic signals, traffic lamps, traffic semaphore, signal lights, stop lights, robots (in South Africa and most of Africa), and traffic control signals (in technical parlance), are signalling devices positioned at road intersections, pedestrian crossings, and other locations to control flows of traffic.
In computing, a Trojan horse, or Trojan, is any malicious computer program which misleads users of its true intent.
Trusted Computer System Evaluation Criteria (TCSEC) is a United States Government Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.
Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys.
The U.S. Securities and Exchange Commission (SEC) is an independent agency of the United States federal government.
The UK Cyber Security Forum is a social enterprise spanning the United Kingdom, representing small and medium-sized enterprises (SMEs) in the UK cyber sector.
Ukraine (Ukrayina), sometimes called the Ukraine, is a sovereign state in Eastern Europe, bordered by Russia to the east and northeast; Belarus to the northwest; Poland, Hungary, and Slovakia to the west; Romania and Moldova to the southwest; and the Black Sea and Sea of Azov to the south and southeast, respectively.
In computer programming, unit testing is a software testing method by which individual units of source code, sets of one or more computer program modules together with associated control data, usage procedures, and operating procedures, are tested to determine whether they are fit for use.
The United Kingdom of Great Britain and Northern Ireland, commonly known as the United Kingdom (UK) or Britain,Usage is mixed with some organisations, including the and preferring to use Britain as shorthand for Great Britain is a sovereign country in western Europe.
The United States Computer Emergency Readiness Team (US-CERT) is an organization within the Department of Homeland Security’s (DHS) National Protection and Programs Directorate (NPPD).
United States Cyber Command (USCYBERCOM) is one of ten unified commands of the United States Department of Defense.
The Department of Defense (DoD, USDOD, or DOD) is an executive branch department of the federal government of the United States charged with coordinating and supervising all agencies and functions of the government concerned directly with national security and the United States Armed Forces.
The United States Department of Homeland Security (DHS) is a cabinet department of the United States federal government with responsibilities in public security, roughly comparable to the interior or home ministries of other countries.
The United States Department of Justice (DOJ), also known as the Justice Department, is a federal executive department of the U.S. government, responsible for the enforcement of the law and administration of justice in the United States, equivalent to the justice or interior ministries of other countries. The department was formed in 1870 during the Ulysses S. Grant administration. The Department of Justice administers several federal law enforcement agencies including the Federal Bureau of Investigation (FBI), and the Drug Enforcement Administration (DEA). The department is responsible for investigating instances of financial fraud, representing the United States government in legal matters (such as in cases before the Supreme Court), and running the federal prison system. The department is also responsible for reviewing the conduct of local law enforcement as directed by the Violent Crime Control and Law Enforcement Act of 1994. The department is headed by the United States Attorney General, who is nominated by the President and confirmed by the Senate and is a member of the Cabinet. The current Attorney General is Jeff Sessions.
The United States Department of Justice Criminal Division is a federal agency of the United States Department of Justice that develops, enforces, and supervises the application of all federal criminal laws in the United States, except those specifically assigned to other divisions.
The United States Department of Transportation (USDOT or DOT) is a federal Cabinet department of the U.S. government concerned with transportation.
The United States Office of Personnel Management (acronym: OPM) is an independent agency of the United States federal government that manages the government's civilian workforce.
Unix (trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, development starting in the 1970s at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and others.
A user is a person who utilizes a computer or network service.
A modern computer operating system usually segregates virtual memory into kernel space and user space.
Vandalism is an "action involving deliberate destruction of or damage to public or private property".
Verizon Communications Inc., or simply Verizon, is an American multinational telecommunications conglomerate and a corporate component of the Dow Jones Industrial Average.
A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.
Virtual reality (VR) is an interactive computer-generated experience taking place within a simulated environment, that incorporates mainly auditory and visual, but also other types of sensory feedback like haptic.
In computer security, a vulnerability is a weakness which can be exploited by a Threat Actor, such as an attacker, to perform unauthorized actions within a computer system.
A vulnerability scanner is a computer program designed to assess computers, computer systems, networks or applications for known weaknesses.
Wi-Fi or WiFi is technology for radio wireless local area networking of devices based on the IEEE 802.11 standards.
Willis Howard Ware (August 31, 1920 – November 22, 2013) was an American computer pioneer, privacy pioneer, social critic of technology policy, and a founder in the field of computer security.
Windows XP (codenamed Whistler) is a personal computer operating system that was produced by Microsoft as part of the Windows NT family of operating systems.
A wireless network is a computer network that uses wireless data connections between network nodes.
Xi Jinping (born 15 June 1953) is a Chinese politician currently serving as General Secretary of the Communist Party of China (CPC), President of the People's Republic of China, and Chairman of the Central Military Commission.
The Zippe-type centrifuge is a gas centrifuge designed to enrich the rare fissile uranium isotope Uranium-235 out of the mixture of isotopes found in naturally occurring uranium compounds.
In computer science, a zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse program and can be used to perform malicious tasks of one sort or another under remote direction.
COMPUSEC, Car cyber attack, Car hacking, Compsec, Computer Security, Computer insecurity, Computer security and identity theft, Computer security breach, Computer security incident, Computer security industry, Computing security, Cyber Security, Cyber security, Cyber security and countermeasure, Cyber security expert, Cyber-security, Cybersecurity, Cyberspace Security, Data Security, E-Security, E-security, IT Security, IT security, International Cybercrime Reporting and Cooperation Act, It security, Pc security, Securing a computer, Security (computers), Security (computing), Security Architecture, Security Language, Security architecture, Security of computer systems, System security.