Newsflash:

  • Test1

  • Test2

InfoSec Definitions

Availability (of information systems)

Needed continuity in activity of service or information systems. For example: operational systems require for high Availability, breaking the activity of the system can harm the service that the system provides.

APT

Advanced persistent threat – is a set of stealthy continuous computer hacking processes targeting specific target. The attacker use advanced tools and malware fitted to the target to gains access to a network and stay there undetected for a long period. Usually the attack requires a lot of resources and it targets organizations in sectors such as national defense, manufacturing and the financial industry.

Backup

The process of making a copy of information by replication of data to other Volume, it can be performed in few methods starting with copy the data itself up to creating an image of the database. There is a full backups and backups of part from the data. Usually the backup copy/media saved in different site from the site which located the system that contains the data that have been backup. The backup can be performed manually or scheduled, can be on tapes or coping on a network.

BCP – Business Continuity Plan

Detailed activity plan that determents procedures and systems that requires for keeping the Continuity of the organization activity in state of emergency and to recovers it.

CISO – Chief information security officer (information security manager)

Official in the information security formation in charge of monitoring deploying on issues of information security in the organization.

Black hat hacker

Black hat is a terminology for a hacker who breaks into a computer system or network with malicious intent to steal, damage or destroy data. The black hat hacker may also make the exploit known what enables others to exploit the vulnerability before the organization secures it.

CISO – Chief information security officer (information security manager)

Official in the information security formation in charge of monitoring deploying on issues of information security in the organization.

Computer user

Company employee or external personal, on the framework role allowed to use the information systems of the company.

Computer virus

A computer program (malicious code) designed to harm the proper activity of the computer (or even disable it). The program has been named “virus” because the attribute of increasing and spreading inside the computer, among other computers inside or outside a network. There are also other types of malicious software (Vandals), such as: worms, Trojan horses.

Computerized database

Collection of data stored in a computerized implement.

Confidentiality of information

Ensuring accessibility of information only for authenticated users.

Contract with the supplier / external contractor

A contract which signed between the organization to provider/external contractor, in aspect of information security and cyber. The contract deal with the information security requirements and obligations from the supplier/contractor on this topic to the organization.

Cyber

Nickname for cybernetic space, including computers and communication networks, and the world of data.
cyberspace warfare, cybernetic or Cyberwarfare are war acts, offensive to be taken by organization in order to penetrate the cyberspace of the target in purpose of stealing information, usually using spyware and Trojan horses, as well as to disrupt the activity in cyberspace and causing damage or for other systems that rely on it, usually via malware.

Damaging the confidentiality of the information

Giving access or expose the data  to unauthorized person.

Damaging the integrity of the information

Violation of data – change it or erase it.

Data exposure

Vulnerability in defending on information asset that can be exploited by a threat.

Denial of service (Dos)

Blocking of network resources or services as result of cyber or network attack.

DMZ Network

DMZ – demilitarized Zone, it’s additional environment that connects the internal network to the external network while maintaining on separation between networks, the access to networks can be perform with firewall.

Emergency/Disaster

A state of essential failure in functioning of the organization including immediate risk or long term threat on the business activity. The state may be configuring by the organization, or the authorized authorities (for example: the commissioner of Capital Markets, Insurance and Savings).

Exploit

an attack on a computer system, especially one that takes advantage of a vulnerability in the system.

External network

Wide Area Network (WAN). External networks that doesn’t implementing security measures, or networks that the information security level is unknown, unexpected or unsatisfied, will called “unsafe external networks”.

Firewall

Hardware or software network security system  that controls incoming and outcoming network traffic based on a set of rules. Usually use as separator between internal and external networks, making the internal network safer.

IDPS – (intrusion detection/prevention system)

IDS is Device or software that monitors malicious activity or policy violations on networks or hosts. There are two detection methods – signature based detection and anomaly based detection.
IPS – refer to devices or software that also can prevent security event by configured policy and not only detects them.

Image backup

A backup that performs to configuration servers with Low changes frequency. The backup is short and affective and saves only updated version.

Impersonating

Using automated detection tool belong to authenticated user with access to data in order to perform authorized activities in his name or performing of unauthorized activities that will attributed to authenticated user.

Implanting viruses

Using one of various methods to implanting viruses in a network or computer, for example: attachment file in email, downloaded file from a network via browser or file download file via FTP.

Incremental backup

Saving the changes that occurred between the last full backup to the current backup. A file that have been changed is fully backup.

Information security event

Every activity with potential to harm availability, confidentiality and integrity of the information. intentionally or not and every other activity that has been configured as information security threat by the organization or the individual that manage the information.

Information security threat

Potential threat to information assets of the organization. It’s common that organization configures the relevant information security threats, as result from how they manage information assets, the business goals that they wish to protect and obviously, the regulatory procedures that apply it.

Initial password

A password given to a new user, or for user that forgot his password. The user must change the password in the first entry to the system.

Internal network

Local Area Network (LAN), defined as a network under full control, including installation, configuration, managing and maintenance in responsibility of the company.

Mainframe

A central computer unit installed in a network which enables usage to one or more users in addition to the ability of sharing information.

Malware Application

Application that aim to harm the Integrity, availability and reliability of the information. Usually known as “Virus” or “Trojan Horse”. Usually the virus will infect other files on the same computer and will try to spread itself forward by those files or by communication networks.

Necessary work process

Any activity, process or service that it loss can cause fundamental damage in continuity of the organization operation or customers. The definition if specific activity or process is Necessary is depending in the features of the organization activity, and determine by him.

Need to know principle

Confirming that only users with right business needs  can access to data according to his role.

Objects containing data

Floppy disks, CDs, tapes,DOk, Backup tapes, and any other media containing data for use in computer systems. Furthermore, any other asset that is written (such as paper, microfiche, microfilm) or could be read by a man or a machine in any way.

Password

Sequence of characters that the user requires to type next to the user ID for authenticate his ID in computerized systems.

Penetration testing (PEN-TEST)

Penetration testing (also called pen testing or PT) is the practice of testing a computer system, network , Website  or application to find vulnerabilities that an attacker could exploit.
The main objective of penetration testing is to determine security exposures.

Permissions

Giving an administrative permit for user to access to computerized data that requires for the user to perform his tasks. The administrative permit must apply in technical matter in the computerized information system on order to allow the user to execute his permission in access to the information. Permissions can be configured in 4 levels: network, operation system, database and application.

Privileged user

System personnel, programmer with access to operational systems or any other user with permission the modify security factors on the system, configure users in the system, changing ownership on objects, etc.’.

Proxy server

Computer or software using as an intermediary between endpoint (such as client) to server from whom requesting services. Usually used for upgrading the security or for improving anonymity using external networks.

Ransomware

A malware that reach the victims from shrink file (zip) attached to email, when opening the file, it activates the downloading process of the ransomware itself in the background – without the user knowledge. After the infection, the files on the infected computer are encrypted and for removing the encryption, the victims require to pay ransom.

Recovery

A process of retrieval of data, the backup is coping to the system where the data located.

Recovery strategy

Determining and prioritizing the objectives for recovery, based on the business Impact Analysis in case of significant disruption . The strategy set a framework for full resumption of business activities.

Remote access

Connection between client outside the organization network to information systems inside the organization network, via permanent link, in dialing through public network like the internet.

Remote control

Gaining remote control to the company computers that connected to any external network and via the computers to gain a remote control to the company internal network.

Replication / Synchronization

Transferring data to remote location on the existing infrastructure   and using technologies of storage formation for saving the identity of the data between the main site and the Synchronized site.

RTO - Recovery time objective

Target defined by the organization for restoring specific business activity and the systems that supports it to the service level that have been defined, in the defined period.

Server

A central computer unit installed on a network allowing using by more than one user, in addition to the ability of sharing data.

Service target

The Service level for customers or  the public in case of emergency which was decided by the dBoard or mangement of the organization.

Snapshot backup

A backup performs in NETAPP technology that enables a fast restoring of data without using tapes.

Social engineering

Refers to psychological manipulation of people for performing actions or delivering confidential information. Use for information gathering or frauds. It’s common that hackers use social engineering methods when they facing systems with a strong encryption.

Spam

Any act on electronic communication networks, purposed for aggressive marketing, aspiring to revile a product or service for as much as possible people, while ignoring benefits, feelings or modern concepts of marketing and ethics, that considering in the customers’ needs and wishes.

Spyware

Software installed on user computer or network without the knowledge of the user or the system administrators. The spyware role can be determined in serval aspects: information theft, transferring information about users to another, to use the computer for unwanted or illegal activities.

Stealing data

Access/receiving or transferring information from organization systems without approval and not in framework or for business goals of the organization (if manually or installing malicious application as Trojan horse or any other malware).

Supplier / External contractor

Companies that supply services to the organization in different fields, such as: developing and maintaining computer systems, technical support in computer malfunctions, consulting services, internet suppliers, etc.’.’ 

Supplier employee

Employee that work for supplier or External contractor.

Systems at risk

Combination of applications and database that are in use by the organization and do not meet the criterias of information Security

User account

A method for managing identification of user’s authentication in computerized systems. The identification made by user name (name of the account).

White hat hacker

White hat is a terminology for a hacker who identifies security weakness in computer system or network but, instead of exploiting them, exposes them in a way that will allow the system’s owners to fix them before it can be exploit by others.
white hat hacker may work as a consultant or be a permanent personnel

Zero-day attack

Information Security  hole in a software, hardware or firmware that is unknown to the vendor and is exploited by hackers before the vendor becomes aware of it and fix it.