Attack Surface
An attack surface is the sum of all the points, known as attack vectors, where an unauthorized user can attempt to enter or extract data from an organization's environment, including internet-facing systems, applications, APIs, email infrastructure, and human factors.
Backup and Recovery
Backup and recovery is the practice of creating copies of critical data and systems and establishing procedures to restore them in the event of data loss caused by cyberattacks, hardware failures, natural disasters, or human error.
Business Email Compromise (BEC)
Business email compromise (BEC) is a targeted social engineering attack in which cybercriminals impersonate executives, vendors, or trusted partners via email to trick employees into transferring funds, sharing sensitive data, or modifying payment details.
CIS Controls
CIS Controls are a prioritized set of cybersecurity best practices published by the Center for Internet Security, designed to provide organizations with specific, actionable steps to defend against the most common and dangerous cyberattacks.
Cloud Security
Cloud security is the set of policies, technologies, controls, and practices designed to protect data, applications, and infrastructure hosted in cloud computing environments from unauthorized access, data breaches, and other cyber threats.
CMMC (Cybersecurity Maturity Model Certification)
The Cybersecurity Maturity Model Certification (CMMC) is a Department of Defense framework that requires defense contractors and their subcontractors to implement and certify cybersecurity practices at specified maturity levels in order to handle controlled unclassified information (CUI) and federal contract information (FCI).
Compliance Framework
A compliance framework is a structured set of guidelines, standards, and requirements that organizations must follow to meet regulatory obligations, industry standards, or contractual commitments related to data protection and cybersecurity.
Cyber Insurance
Cyber insurance is a specialized insurance product that helps organizations cover financial losses resulting from cyber incidents such as data breaches, ransomware attacks, business interruption, and regulatory actions.
Cyber Risk Assessment
A cyber risk assessment is a systematic process of identifying, analyzing, and evaluating cybersecurity threats, vulnerabilities, and potential impacts to determine an organization's risk exposure and prioritize security investments.
Dark Web Monitoring
Dark web monitoring is a cybersecurity service that continuously scans dark web forums, marketplaces, paste sites, and data dumps to detect whether an organization's credentials, personal data, or proprietary information has been exposed or is being traded by cybercriminals.
Data Breach
A data breach is a security incident in which sensitive, confidential, or protected information is accessed, disclosed, or stolen by an unauthorized party, whether through a cyberattack, insider threat, or accidental exposure.
Data Encryption
Data encryption is the process of converting readable data (plaintext) into an unreadable format (ciphertext) using a cryptographic algorithm and key, ensuring that only authorized parties with the correct decryption key can access the original information.
DKIM Authentication
DomainKeys Identified Mail (DKIM) is an email authentication method that uses cryptographic signatures to verify that an email message was sent by an authorized server and has not been altered in transit.
DMARC Policy
Domain-based Message Authentication, Reporting, and Conformance (DMARC) is an email authentication policy that instructs receiving mail servers on how to handle messages that fail SPF and DKIM checks, while providing domain owners with visibility into unauthorized use of their domain.
DNS Security
DNS security encompasses the practices, protocols, and technologies used to protect the Domain Name System (DNS) infrastructure from attacks such as DNS spoofing, cache poisoning, hijacking, and tunneling that can redirect traffic, steal data, or disrupt services.
Endpoint Detection and Response (EDR)
Endpoint detection and response (EDR) is a cybersecurity technology that continuously monitors endpoint devices such as laptops, desktops, and servers to detect, investigate, and respond to suspicious activity and threats in real time.
Firewall
A firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predefined security rules, acting as a barrier between a trusted internal network and untrusted external networks.
FTC Safeguards Rule
The FTC Safeguards Rule is a federal regulation under the Gramm-Leach-Bliley Act that requires financial institutions to develop, implement, and maintain a comprehensive information security program to protect customer financial data.
HIPAA Security Rule
The HIPAA Security Rule is a federal regulation that establishes national standards for protecting the confidentiality, integrity, and availability of electronic protected health information (ePHI) by requiring covered entities and their business associates to implement administrative, physical, and technical safeguards.
Incident Response Plan
An incident response plan is a documented, structured approach that outlines the procedures an organization follows to detect, contain, eradicate, and recover from cybersecurity incidents while minimizing damage and downtime.
Managed Security Service Provider (MSSP)
A Managed Security Service Provider (MSSP) is a third-party organization that delivers outsourced cybersecurity monitoring, management, and response services, providing businesses with access to security expertise, technology, and 24/7 protection without building an in-house security team.
Multi-Factor Authentication (MFA)
Multi-factor authentication (MFA) is a security mechanism that requires users to verify their identity through two or more independent factors before gaining access to a system, application, or account.
Network Segmentation
Network segmentation is the practice of dividing a computer network into smaller, isolated sub-networks (segments) to control traffic flow, limit lateral movement, and contain the impact of a security breach.
NIST Cybersecurity Framework
The NIST Cybersecurity Framework (CSF) is a set of guidelines, best practices, and standards published by the National Institute of Standards and Technology to help organizations of all sizes manage and reduce cybersecurity risk through five core functions: Identify, Protect, Detect, Respond, and Recover.
Patch Management
Patch management is the process of identifying, acquiring, testing, and deploying software updates and security patches to fix vulnerabilities, correct bugs, and improve the functionality of operating systems and applications.
Penetration Testing
Penetration testing is an authorized, simulated cyberattack performed by trained security professionals to evaluate the security of an organization's systems, networks, and applications by attempting to exploit vulnerabilities before real attackers do.
Phishing
Phishing is a social engineering attack in which adversaries send deceptive emails, messages, or create fraudulent websites designed to trick recipients into revealing sensitive information, clicking malicious links, or downloading malware.
Privileged Access Management (PAM)
Privileged access management (PAM) is a set of cybersecurity strategies and technologies for controlling, monitoring, and securing access to critical systems and data by users with elevated permissions, such as administrators and service accounts.
Ransomware
Ransomware is a type of malicious software that encrypts an organization's files or locks access to its systems, then demands a ransom payment in exchange for restoring access.
Security Awareness Training
Security awareness training is an ongoing educational program that teaches employees to recognize, avoid, and report cybersecurity threats such as phishing, social engineering, and unsafe computing practices.
SIEM (Security Information and Event Management)
Security Information and Event Management (SIEM) is a technology platform that collects, normalizes, correlates, and analyzes security event data from across an organization's IT infrastructure to detect threats, support incident investigation, and meet compliance reporting requirements.
SOC 2 Compliance
SOC 2 compliance is a voluntary auditing framework developed by the American Institute of Certified Public Accountants (AICPA) that evaluates an organization's information security controls based on five Trust Service Criteria: security, availability, processing integrity, confidentiality, and privacy.
Social Engineering
Social engineering is a manipulation technique that exploits human psychology to trick individuals into divulging confidential information, granting unauthorized access, or performing actions that compromise security.
SPF Record
A Sender Policy Framework (SPF) record is a DNS TXT record that specifies which mail servers are authorized to send email on behalf of a domain, helping receiving servers detect and reject spoofed messages.
SSL/TLS Certificate
An SSL/TLS certificate is a digital certificate that authenticates a website's identity and establishes an encrypted connection between the web server and the visitor's browser using the Transport Layer Security (TLS) protocol.
Supply Chain Attack
A supply chain attack is a cyberattack that targets an organization indirectly by compromising a trusted third-party vendor, software provider, or service partner that has access to the target's systems or data.
Threat Intelligence
Threat intelligence is evidence-based knowledge about existing or emerging cyber threats, including context about threat actors, their motivations, capabilities, indicators of compromise, and recommended defensive actions, that helps organizations make informed security decisions.
VPN (Virtual Private Network)
A Virtual Private Network (VPN) is a technology that creates an encrypted tunnel between a user's device and a remote network, protecting data in transit from eavesdropping and providing secure access to internal resources from any location.
Vulnerability Scanning
Vulnerability scanning is an automated process that systematically examines systems, networks, and applications to identify known security weaknesses, misconfigurations, and missing patches that could be exploited by attackers.
Zero Trust Architecture
Zero trust architecture is a security model that eliminates implicit trust within a network and instead requires continuous verification of every user, device, and connection before granting access to resources.
Get your Cyber Defense Score™ in 60 seconds.
See these concepts in action on your own domain.
Get My Cyber Defense Score™ →