If you have any suggestions for additions to the glossary, please submit your suggestions below.
The modification of data within a system to achieve a malicious goal
The process of identifying and quantifying vulnerabilities in a system
Formal processes by which employees are terminated from the organization. Proper procedures require a dependency between IT, HR, Business Unit, and Legal
Any verbal or documented contracts between employees and the company
AB 1950 imposes requirements on businesses that maintain personal information, in any form, about one or more California residents. Specifically, businesses were and are required to shred, erase, or otherwise modify the personal information in those records to make it unreadable or undecipherable through any means.
Possible types of entities that may serve as attackers. This is usually a category versus a specific entity.
of an attacker, or what an attacker might try to do to a system. Threats always exist, regardless of mitigation.
The strategy for educating non-security personnel on security concepts.
A process that ensures effective & efficient operations, reliable financial reporting, and compliance with laws & regs
A term used to describe any authentication mechanism where more than one determining item is required to authenticate a user