Glossary 301 cyber risk: the potential for a cyber threat actor to exploit a vulnerability that allows him to disclose, alter, or deny access to a cyber asset (5) cyber risk management: a detailed process of identifying cyber assets, enumerating how threats and vulnerabilities pose risks to assets, analyzing the severity of the risks, and then choosing how to handle the risks (5) cyber threat: an action taken with malicious intent that discloses, alters, or denies access to a cyber asset (5) cyber threat actor: a person that poses a cyber threat (5) cyber threat modeling: a systematic approach to identifying cyber vulnerabilities (5) cyber warriors: individuals that hack with the authorization of the government (3) cyberbullying: harrassment through cyberspace (10) cybersecurity: the practice of protecting and respecting the rights of every individual and organization in cyberspace (1) Cybersecurity and Infrastructure Agency (CISA): a United States government agency devoted to the cyber defense of our nation that provides resources to organizations (5) cybersecurity audit: an accounting of how an organization’s cybersecurity complies with a standard (5) Cybersecurity Framework (CSF): a NIST standard that focuses on the functions of cyber risk management (5) cybersecurity governance: the oversight of the security risks of an organization (5) cyberspace: an electronic world composed of computer devices that transmit, receive, and process data (digital information) (2) cyberspace perimeter: the domain names and IP addresses that belong to the target and all the software and hardware accessible via those domain names and IP addresses (4) DAD: the three goals of a cyber attack: disclosure, alteration, and denial (4) dancing men cipher: a monoalphabetic substitution cipher that uses stick figures for the ciphertext alphabet that was devised by Arthur Conan Doyle (7) Dark Dante: the hacker nick used by Kevin Poulsen, a phone phreaker turned hacker journalist (3) dark web: a collection of websites accessible via specialized web browsers designed to protect the anonymity of the website hosts and clients (5) data breach: a type of cyber attack where hackers obtain unauthorized access to an organization’s data (3) data encoding: representing information using bit strings (2) data exfiltration (exfil): copying data from a victim to the attacker (4) data leak: the unauthorized disclosure of private information (3)
RkJQdWJsaXNoZXIy MTM4ODY=