Search Knowledge Base by Keyword
Data Security / Privacy / Breach Law
- 23 NYCRR 500
- Alaska's Data Breach & Data Security Laws
- Arizona Data Breach Law
- Arkansas Data Breach Law
- Arkansas DHS Breach 2017
- Arkansas Government on 2017 Equifax Breach
- Business Email Compromise (BEC)
- California CCPA
- California Cybersecurity & Data Breach Laws
- Colorado Cybersecurity, Privacy & Data Breach Laws
- Connecticut Cybersecurity & Privacy Laws
- COPPA
- Delaware Cybersecurity & Privacy Regulations
- Florida Cybersecurity, Privacy & Data Breach Laws
- GDPR
- Georgia Cybersecurity, Data Privacy Laws & Insurance Regulations
- Hawaii Cybersecurity, Privacy & Data Security Laws
- Idaho Cybersecurity, Privacy & Data Security Laws
- Illinois Cybersecurity, Privacy & Data Security Laws
- Indiana Cybersecurity, Privacy & Data Security Laws
- Iowa | Data Breach Law
- Kansas Cybersecurity, Privacy & Data Security Law
- Kentucky | Data Breach Law
- Louisiana | Data Breach Law
- Maine | Data Breach Law
- Maryland Cybersecurity, Privacy & Data Regulations
- Massachusetts | Data Breach Law
- Michigan Data Security & Breach Laws
- Nevada Insurance Data Security Law (SB21)
- North Carolina Cybersecurity Laws
- PCI DSS
- Regulatory Requirements
- Tennessee Data Breach Law
- Third Party Risk Management (TPRM)
- Washington, D.C. Data Breach Law
- What are South Carolina Data Security & Breach Laws?
- What is HIPAA?
- WISP
- Show all articles (18) Collapse Articles
Definitions
- Access
- Access Authority
- Access Control
- Access Control List (ACL)
- Access Control Lists (ACLs)
- Access Control Mechanism
- Access Level
- Access List
- Access Point
- Access Profile
- Access Type
- Account Management, User
- Accountability
- Accounting Legend Code (ALC)
- Accounting Number
- Accreditation
- Accreditation Authority
- Accreditation Boundary
- Accreditation Package
- Accrediting Authority
- Activation Data
- Active Attack
- Active Content
- Active Security Testing
- Activities
- Ad Hoc Network
- Add-on Security
- Adequate Security
- Administrative Account
- Administrative Safeguards
- Advanced Encryption Standard (AES)
- Advanced Key Processor (AKP)
- Advanced Persistent Threats (APTs)
- Adversary
- Advisory
- Agency
- Agency Certification Authority (CA)
- Agent
- Alert
- Allocation
- Alternate COMSEC Custodian
- Alternate Work Site
- Analysis
- Anomaly-Based Detection
- Anti-jam
- Anti-spoof
- Antispyware Software
- Antivirus Software
- Applicant
- Application
- Approval to Operate (ATO)
- Approved
- Approved Mode of Operation
- Approved Security Function
- Assessment
- Assessment Findings
- Assessment Method
- Assessment Object
- Assessment Objective
- Assessment Procedure
- Assessor
- Asset
- Asset Identification
- Asset Reporting Format (ARF)
- Assurance
- Assurance Case
- Assured Information Sharing
- Assured Software
- Asymmetric Cryptography
- Asymmetric Keys
- Attack
- Attack Sensing and Warning (AS&W)
- Attack Signature
- Attribute Authority
- Attribute-Based Access Control
- Attribute-Based Authorization
- Audit
- Audit Data
- Audit Log
- Audit Reduction Tools
- Audit Review
- Audit Trail
- Authenticate
- Authentication
- Authentication Code
- Authentication Mechanism
- Authentication Mode
- Authentication Period
- Authentication Protocol
- Authentication Tag
- Authentication Token
- Authenticator
- Authenticity
- Authority
- Authorization
- Authorization (to operate)
- Authorization Boundary
- Authorize Processing
- Authorized Vendor
- Authorized Vendor Program(AVP)
- Authorizing Official
- Authorizing Official Designated Representative
- Automated Key Transport
- Automated Password Generator
- Automated Security Monitoring
- Automatic Remote Rekeying
- Autonomous System (AS)
- Availability
- Awareness (Information Security)
- Back Door
- Backdoor
- Backtracking Resistance
- Backup
- Banner
- Banner Grabbing
- Baseline
- Baseline Configuration
- Baseline Security
- Baselining
- Basic Testing
- Bastion Host
- Behavioral Outcome
- Benign Environment
- Binding
- Biometric
- Biometric Information
- Biometric System
- Biometrics
- Bit
- Bit Error Rate
- Bitcoin
- BLACK
- Black Box Testing
- Black Core
- Blacklist
- Blacklisting
- Blended Attack
- Blinding
- Block
- Block Cipher
- Block Cipher Algorithm
- Blue Team
- Body of Evidence (BoE)
- botnet
- Boundary
- Boundary Protection
- Boundary Protection Device
- Browsing
- Brute Force Password Attack
- Buffer Overflow
- Buffer Overflow Attack
- Bulk Encryption
- Business Continuity Plan (BCP)
- Business Email Compromise (BEC)
- Business Impact Analysis (BIA)
- Cyber Risks at Accounting Firms
- Show all articles (136) Collapse Articles
- California CCPA
- Call Back
- Canister
- Capstone Policies
- Capture
- Cardholder
- Cascading
- Category
- CBC/MAC
- CCM
- Central Office of Record (COR)
- Central Services Node (CSN)
- Certificate
- Certificate Management
- Certificate Management Authority – (CMA)
- Certificate Policy (CP)
- Certificate Revocation List (CRL)
- Certificate Status Authority
- Certificate-Related Information
- Certification
- Certification Analyst
- Certification Authority (CA)
- Certification Authority Facility
- Certification Authority Workstation (CAW)
- Certification Package
- Certification Practice Statement – (CPS)
- Certification Test and Evaluation(CT&E)
- Certified TEMPEST Technical Authority (CTTA)
- Certifier
- Chain of Custody
- Chain of Evidence
- Challenge and Reply Authentication
- Challenge-Response Protocol
- Check Word
- Checksum
- Chief Information Officer (CIO)
- Chief Information Security Officer (CISO)
- Cipher
- Cipher Block Chaining-Message Authentication Code(CBC-MAC)
- Cipher Suite
- Cipher Text Auto-Key (CTAK)
- Ciphertext
- Ciphertext/Cipher Text
- Ciphony
- Claimant
- Classified Information
- Classified Information Spillage
- Classified National Security Information
- Clear
- Clear Text
- Clearance
- Clearing
- Client
- Client (Application)
- Clinger-Cohen Act of 1996
- Closed Security Environment
- Closed Storage
- Cloud Computing
- CMMC
- Code
- Code Book
- Code Group
- Code Vocabulary
- Cold Site
- Cold Start
- Collision
- Command Authority
- Commercial COMSEC Evaluation Program (CCEP)
- Commodity Service
- Common Access Card (CAC)
- Common Carrier
- Common Configuration Enumeration (CCE)
- Common Configuration Scoring System (CCSS)
- Common Control
- Common Control Provider
- Common Criteria
- Common Fill Device
- Common Misuse Scoring System (CMSS)
- Common Platform Enumeration (CPE)
- Common Vulnerabilities and Exposures (CVE)
- Common Vulnerability Scoring System (CVSS)
- Communications Cover
- Communications Deception
- Communications Profile
- Communications Security (COMSEC)
- Community of Interest (COI)
- Community Risk
- Comparison
- Compartmentalization
- Compartmented Mode
- Compensating Security Control
- Compensating Security Controls
- Comprehensive Testing
- Compromise
- Compromising Emanations
- Computer Abuse
- Computer Cryptography
- Computer Forensics
- Computer Incident Response Team (CIRT)
- Computer Network Attack (CNA)
- Computer Network Defense(CND)
- Computer Network Exploitation – (CNE)
- Computer Network Operations (CNO)
- Computer Security (COMPUSEC)
- Computer Security Incident
- Computer Security Incident Response Team (CSIRT)
- Computer Security Object (CSO)
- Computer Security Objects Register
- Computer Security Subsystem
- Computer Virus
- Computing Environment
- COMSEC
- COMSEC Account
- COMSEC Account Audit
- COMSEC Aid
- COMSEC Assembly
- COMSEC Boundary
- COMSEC Chip Set
- COMSEC Control Program
- COMSEC Custodian
- COMSEC Demilitarization
- COMSEC Element
- COMSEC End-item
- COMSEC Equipment
- COMSEC Facility
- COMSEC Incident
- COMSEC Insecurity
- COMSEC Manager
- COMSEC Material
- COMSEC Material Control System (CMCS)
- COMSEC Modification
- COMSEC Module
- COMSEC Monitoring
- COMSEC Profile
- COMSEC Survey
- COMSEC System Data
- COMSEC Training
- Concentration Risk
- Concept of Operations (CONOP)
- Confidentiality
- Configuration Control
- Configuration Control Board (CCB)
- Confinement Channel
- Container
- Contamination
- Content Filtering
- Contingency Key
- Contingency Plan
- Contingent Business Interruption (CBI)
- Continuity of Government (COG)
- Continuity of Operations Plan(COOP)
- Continuous Monitoring
- Control Information
- Controlled Access Area
- Controlled Access Protection
- Controlled Area
- Controlled Cryptographic Item (CCI)
- Controlled Cryptographic Item (CCI) Assembly
- Controlled Cryptographic Item (CCI) Component
- Controlled Cryptographic Item (CCI) Equipment
- Controlled Interface
- Controlled Space
- Controlled Unclassified Information (CUI)
- Controlling Authority
- Cookie
- Cooperative Key Generation
- Cooperative Remote Rekeying
- COPPA
- Correctness Proof
- Counter with Cipher Block Chaining-Message Authentication Code (CCM)
- Countermeasure
- Countermeasures
- Cover-Coding
- Coverage
- Covert Channel
- Covert Channel Analysis
- Covert Storage Channel
- Covert Testing
- Covert Timing Channel
- Credential
- Credential Service Provider (CSP)
- Critical Infrastructure
- Critical Security Parameter (CSP)
- Criticality
- Criticality Level
- Cross Site Scripting (XSS)
- Cross-Certificate
- Cross-Domain Capabilities
- Cross-Domain Solution (CDS)
- Cryptanalysis
- Crypto Officer
- Cryptographic
- Cryptographic Alarm
- Cryptographic Algorithm
- Cryptographic Ancillary Equipment
- Cryptographic Binding
- Cryptographic Boundary
- Cryptographic Component
- Cryptographic Equipment
- Cryptographic Hash Function
- Cryptographic Ignition Key (CIK)
- Cryptographic Initialization
- Cryptographic Key
- Cryptographic Logic
- Cryptographic Material (slang CRYPTO)
- Cryptographic Module
- Cryptographic Module Security Policy
- Cryptographic Module Validation Program (CMVP)
- Cryptographic Net
- Cryptographic Period
- Cryptographic Product
- Cryptographic Randomization
- Cryptographic Security
- Cryptographic Strength
- Cryptographic Synchronization
- Cryptographic System
- Cryptographic System Analysis
- Cryptographic System Evaluation
- Cryptographic System Review
- Cryptographic System Survey
- Cryptographic Token
- Cryptography
- Cryptology
- CVE
- Cyber Attack
- Cyber Incident
- Cyber Infrastructure
- Cybersecurity
- Cyberspace
- Cyclical Redundancy Check (CRC)
- Show all articles (210) Collapse Articles
- Data
- Data Aggregation
- Data Asset
- Data Breach
- Data Element
- Data Encryption Algorithm (DEA)
- Data Encryption Standard (DES)
- Data Flow Control
- Data Harvesting
- Data Integrity
- Data Loss
- Data Mapping
- Data Origin Authentication
- Data Security
- Data Transfer Device (DTD)
- Decertification
- Decipher
- Decode
- Decrypt
- Decryption
- Dedicated Mode
- Default Classification
- Defense-in-Breadth
- Defense-in-Depth
- Degauss
- Delaware Cybersecurity & Privacy Regulations
- Delegated Development Program
- Deleted File
- Demilitarized Zone (DMZ)
- Denial of Service (DoS)
- Depth
- Descriptive Top-Level Specification (DTLS)
- Designated Approval Authority (DAA)
- Designated Approving (Accrediting) Authority
- Deterministic Random Bit Generator (DRBG)
- Deterministic Random Bit Generator (DRBG) Mechanism
- Device Distribution Profile
- Device Registration Manager
- Dial Back
- Differential Power Analysis (DPA)
- Digital Ecosystem
- Digital Evidence
- Digital Forensics
- Digital Signature
- Digital Signature Algorithm
- Direct Shipment
- Disaster Recovery Plan (DRP)
- Disconnection
- Discretionary Access Control
- Disk Imaging
- Disruption
- Distinguished Name (DN)
- Distinguishing Identifier
- Distributed Denial of Service – (DDoS)
- DKIM
- DMZ
- Domain
- Drop Accountability
- Dual-Use Certificate
- Duplicate Digital Evidence
- Duration
- Dynamic Subsystem
- E-Government (e-gov)
- Easter Egg
- Eavesdropping Attack
- Education (Information Security)
- Egress Filtering
- Electronic Authentication (E-authentication)
- Electronic Business (e-business)
- Electronic Credentials
- Electronic Evidence
- Electronic Key Entry
- Electronic Key Management System (EKMS)
- Electronic Messaging Services
- Electronic Signature
- Electronically Generated Key
- Emanations Security (EMSEC)
- Embedded Computer
- Embedded Cryptographic System
- Embedded Cryptography
- Encipher
- Enclave
- Enclave Boundary
- Encode
- Encrypt
- Encrypted Key
- Encrypted Network
- Encryption
- Encryption Algorithm
- Encryption Certificate
- End Cryptographic Unit (ECU)
- End-Item Accounting
- End-to-End Encryption
- End-to-End Security
- Enrollment Manager
- Enterprise
- Enterprise Architecture (EA)
- Enterprise Risk Management
- Enterprise Service
- Entity
- Entrapment
- Entropy
- Environment
- Environment of Operation
- Ephemeral Key
- Erasure
- Error Detection Code
- Escrow
- Evaluation Assurance Level (EAL)
- Evaluation Products List (EPL)
- Event
- Examination
- Examine
- Exculpatory Evidence
- Executive Agency
- Exercise Key
- Expected Output
- Exploit Code
- Exploitable Channel
- Extensible Configuration Checklist Description Format (XCCDF)
- External Information System Service
- External Information System (or Component)
- External Information System Service Provider
- External Network
- External Security Testing
- Extraction Resistance
- Extranet
- Show all articles (107) Collapse Articles
- Fail Safe
- Fail Soft
- Failover
- Failure Access
- Failure Control
- False Acceptance
- False Acceptance Rate (FAR)
- False Positive
- False Rejection
- False Rejection Rate (FRR)
- Federal Agency
- Federal Bridge Certification Authority (FBCA)
- Federal Bridge Certification Authority Membrane
- Federal Bridge Certification Authority Operational Authority
- Federal Enterprise Architecture
- Federal Information Processing Standard (FIPS)
- Federal Information Security Management Act (FISMA)
- Federal Information System
- Federal Information Systems Security Educators’ Association (FISSEA)
- Federal Public Key Infrastructure Policy Authority (FPKI PA)
- File Encryption
- File Name Anomaly
- File Protection
- File Security
- Fill Device
- FIPS
- FIPS PUB
- FIPS-Approved Security Method
- FIPS-Validated Cryptography
- FIREFLY
- Firewall
- Firewall Control Proxy
- Firmware
- FISMA
- Fixed COMSEC Facility
- Flaw
- Flooding
- Focused Testing
- Forced Leave
- Forensic Copy
- Forensic Specialist
- Forensically Clean
- Forensics
- Formal Access Approval
- Formal Development Methodology
- Formal Method
- Formal Proof
- Formal Security Policy
- Formatting Function
- Forward Cipher
- Frequency Hopping
- Full Disk Encryption (FDE)
- Full Maintenance
- Functional Testing
- Gateway
- GDPR
- General Support System
- Geolocation Data
- Global Information Grid (GIG)
- Global Information Infrastructure (GII)
- Governance
- Graduated Security
- Gray Box Testing
- Group Authenticator
- Guard (System)
- Guessing Entropy
- What Is Flaw Hypothesis Methodology?
- Show all articles (47) Collapse Articles
- Hacker
- Handshaking Procedures
- Hard Copy Key
- Hardening
- Hardware Security Module (HSM) Keys
- Hardwired Key
- Hash Function
- Hash Total
- Hash Value
- Hash Value/Result
- Hash-based Message Authentication Code (HMAC)
- Hashing
- Hashword
- Health Information Exchange (HIE)
- High Assurance Guard (HAG)
- High Availability
- High Impact
- High-Impact System
- Honeypot
- Hot Site
- Hot Wash
- Hybrid Security Control
- IA Architecture
- IA Infrastructure
- IA Product
- IA-Enabled Information Technology Product
- IA-Enabled Product
- Identification
- Identifier
- Identity
- Identity Binding
- Identity Proofing
- Identity Registration
- Identity Token
- Identity Validation
- Identity Verification
- Identity-Based Access Control
- Identity-Based Security Policy
- Image
- Imitative Communications Deception
- Impact
- Impact Level
- Impact Value
- Implant
- Inadvertent Disclosure
- Incident
- Incident Handling
- Incident Response Plan
- Incident Response Plan
- Incomplete Parameter Checking
- Inculpatory Evidence
- Independent Validation Authority (IVA)
- Independent Verification & Validation (IV&V)
- Indicator
- Individual
- Individual Accountability
- Individuals
- Industrial Control System
- Informal Security Policy
- Information
- Information Assurance (IA)
- Information Assurance (IA) Professional
- Information Assurance Component (IAC)
- Information Assurance Manager (IAM)
- Information Assurance Officer (IAO)
- Information Assurance Vulnerability Alert (IAVA)
- Information Domain
- Information Environment
- Information Flow Control
- Information Management
- Information Operations (IO)
- Information Owner
- Information Resources
- Information Resources Management (IRM)
- Information Security
- Information Security Architect
- Information Security Architecture
- Information Security Continuous Monitoring (ISCM)
- Information Security Continuous Monitoring (ISCM) Process
- Information Security Continuous Monitoring (ISCM) Program
- Information Security Policy
- Information Security Program Plan
- Information Security Risk
- Information Sharing
- Information Sharing Environment
- Information Steward
- Information System
- Information System Boundary
- Information System Contingency Plan (ISCP)
- Information System Life Cycle
- Information System Owner
- Information System Owner (or Program Manager)
- Information System Resilience
- Information System Security Officer (ISSO)
- Information System-Related Security Risks
- Information Systems Security (INFOSEC)
- Information Systems Security Engineer (ISSE)
- Information Systems Security Engineering (ISSE)
- Information Systems Security Equipment Modification
- Information Systems Security Manager (ISSM)
- Information Systems Security Officer (ISSO)
- Information Systems Security Product
- Information Technology
- Information Type
- Information Value
- Inheritance
- Initialization Vector (IV)
- Initialize
- Initiator
- Inside(r) Threat
- Insider Threat
- Inspectable Space
- Integrity
- Integrity Check Value
- Intellectual Property
- Interconnection Security Agreement (ISA)
- Interface
- Interface Control Document
- Interim Approval to Operate (IATO)
- Interim Approval to Test (IATT)
- Intermediate Certification Authority (CA)
- Internal Network
- Internal Security Controls
- Internal Security Testing
- Internet
- Internet Protocol (IP)
- Interoperability
- Interview
- Intranet
- Intrusion
- Intrusion Detection and Prevention System (IDPS)
- Intrusion Detection Systems (IDS)
- Intrusion Detection Systems (IDS) – (Host-Based)
- Intrusion Detection Systems (IDS) – (Network-Based)
- Intrusion Prevention System(s) (IPS)
- Inverse Cipher
- IP Security (IPsec)
- IT Security Architecture
- IT Security Awareness
- IT Security Awareness and Training Program
- IT Security Education
- IT Security Investment
- IT Security Metrics
- IT Security Policy
- IT Security Training
- IT-Related Risk
- What is HIPAA?
- Show all articles (127) Collapse Articles
- Jamming
- Joint Authorization
- Kerberos
- Key
- Key Bundle
- Key Distribution Center (KDC)
- Key Escrow
- Key Escrow System
- Key Establishment
- Key Exchange
- Key Expansion
- Key Generation Material
- Key List
- Key Loader
- Key Logger
- Key Management
- Key Management Device
- Key Management Infrastructure (KMI)
- Key Pair
- Key Production Key (KPK)
- Key Recovery
- Key Stream
- Key Tag
- Key Tape
- Key Transport
- Key Updating
- Key Wrap
- Key-Auto-Key (KAK)
- Key-Encryption-Key (KEK)
- Keyed-hash based message authentication code (HMAC)
- Keying Material
- Keystroke Monitoring
- KMI Operating Account (KOA)
- KMI Protected Channel (KPC)
- KMI-Aware Device
- KOA Agent
- KOA Manager
- KOA Registration Manager
- Show all articles (18) Collapse Articles
- Label
- Labeled Security Protections
- Laboratory Attack
- Least Privilege
- Least Trust
- Level of Concern
- Level of Protection
- Likelihood of Occurrence
- Limited Maintenance
- Line Conditioning
- Line Conduction
- Line of Business
- Link Encryption
- List-Oriented
- LLMjacking
- Local Access
- Local Authority
- Local Management Device/Key Processor (LMD/KP)
- Local Registration Authority (LRA)
- Logic Bomb
- Logical Completeness Measure
- Logical Perimeter
- Long Title
- Low Impact
- Low Probability of Detection
- Low Probability of Intercept
- Low-Impact System
- Macro Virus
- Magnetic Remanence
- Maintenance Hook
- Maintenance Key
- Major Application
- Major Information System
- Malicious Applets
- Malicious Code
- Malicious Logic
- Malware
- Man-in-the-middle Attack (MitM)
- Management Client (MGC)
- Management Controls
- Management Security Controls
- Mandatory Access Control (MAC)
- Mandatory Modification
- Manipulative Communications Deception
- Manual Cryptosystem
- Manual Key Transport
- Manual Remote Rekeying
- Marking
- Masquerading
- Master Cryptographic Ignition Key
- Match/matching
- Maximum Tolerable Downtime
- Mean Time to Contain (MTTC)
- Mean Time to Detect (MTTD)
- Mean Time To Repair (MTTR)
- Mean Time To Respond (MTTR)
- Mechanisms
- Media
- Media Sanitization
- Memorandum of Understanding/Agreement (MOU/A)
- Memory Scavenging
- Message Authentication Code (MAC)
- Message Digest
- Message Externals
- Message Indicator
- Metrics
- MIME
- Mimicking
- Min-Entropy
- Minimalist Cryptography
- Minor Application
- Misnamed Files
- Mission Assurance Category (MAC)
- Mission Critical
- Mission/Business Segment
- Mobile Code
- Mobile Code Technologies
- Mobile Device
- Mobile Software Agent
- Mode of Operation
- Moderate Impact
- Moderate-Impact System
- Multi-Hop Problem
- Multi-Releasable
- Multifactor Authentication
- Multilevel Device
- Multilevel Mode
- Multilevel Security (MLS)
- Multiple Security Levels (MSL)
- Mutual Authentication
- Mutual Suspicion
- The Null Hypothesis in Cybersecurity
- Show all articles (72) Collapse Articles
- 23 NYCRR 500
- Naming Authority
- National Information Infrastructure
- National Information Assurance Partnership (NIAP)
- National Security Emergency Preparedness Telecommunications Services
- National Security Information
- National Security Information(NSI)
- National Security System
- National Vulnerability Database (NVD)
- Need To Know Determination
- Need-To-Know
- Needs Assessment (IT Security Awareness Training)
- Net-centric Architecture
- Network
- Network Access
- Network Access Control (NAC)
- Network Address Translation (NAT)
- Network Front-End
- Network Reference Monitor
- Network Resilience
- Network Security
- Network Security Officer
- Network Sniffing
- Network Sponsor
- Network System
- Network Weaving
- Nevada Insurance Data Security Law (SB21)
- No-Lone Zone (NLZ)
- Non-deterministic Random Bit Generator (NRBG)
- Non-Local Maintenance
- Non-Organizational User
- Non-repudiation
- Nonce
- North Carolina Cybersecurity Laws
- NSA-Approved Cryptography
- Nth Tier Risk
- Null
- Object
- Object Identifier
- Object Reuse
- Off-Card
- Off-line Attack
- Off-line Cryptosystem
- Official Information
- On-Card
- One-part Code
- One-time Cryptosystem
- One-time Pad
- One-time Tape
- One-Way Hash Algorithm
- Online Attack
- Online Certificate Status Protocol (OCSP)
- Online Cryptosystem
- Open Checklist Interactive Language (OCIL)
- Open Storage
- Open Vulnerability and Assessment Language (OVAL)
- Operating System (OS) Fingerprinting
- Operational Controls
- Operational Key
- Operational Vulnerability Information
- Operational Waiver
- Operations Code
- Operations Security (OPSEC)
- Optional Modification
- Organization
- Organizational Information Security Continuous Monitoring
- Organizational Maintenance
- Organizational Registration Authority (ORA)
- Organizational User
- Outside Threat
- Outside(r) Threat
- Over-The-Air Key Distribution
- Over-The-Air Key Transfer
- Over-The-Air Rekeying (OTAR)
- Overt Channel
- Overt Testing
- Overwrite Procedure
- Show all articles (57) Collapse Articles
- Packet Filter
- Packet Sniffer
- Parity
- Partitioned Security Mode
- Passive Attack
- Passive Security Testing
- Passive Wiretapping
- Password
- Password Cracking
- Password Protected
- Patch
- Patch Management
- Path Histories
- Payload
- PCI DSS
- Peer Entity Authentication
- Penetration
- Penetration Testing
- Per-Call Key
- Performance Reference Model (PRM)
- Perimeter
- Periods Processing
- Perishable Data
- Permuter
- Personal Firewall
- Personal Identification Number (PIN)
- Personal Identity Verification Issuer
- Personal Identity Verification (PIV)
- Personal Identity Verification Accreditation
- Personal Identity Verification Authorizing Official
- Personal Identity Verification Card (PIV Card)
- Personal Identity Verification Registrar
- Personal Identity Verification Sponsor
- Personally Identifiable Information (PII)
- Personnel Registration Manager
- Phishing
- Physically Isolated Network
- Piconet
- PII Confidentiality Impact Level
- Plaintext
- Plaintext Key
- Plan of Action and Milestones (POA&M)
- Policy Approving Authority (PAA)
- Policy Certification Authority (PCA)
- Policy Management Authority (PMA)
- Policy Mapping
- Policy-Based Access Control (PBAC)
- Port
- Port Scanning
- Portable Electronic Device (PED)
- Portal
- Positive Control Material
- Potential Impact
- Practice Statement
- Precursor
- Prediction Resistance
- Predisposing Condition
- Preproduction Model
- Primary Services Node (PRSN)
- Principal
- Principal Accrediting Authority (PAA)
- Principal Certification Authority – (CA)
- Print Suppression
- Privacy
- Privacy Impact Assessment (PIA)
- Privacy System
- Private Key
- Privilege
- Privilege Management
- Privileged Access Management (PAM)
- Privileged Account
- Privileged Accounts
- Privileged Command
- Privileged Process
- Privileged User
- Probability of Occurrence
- Probe
- Product Source Node (PSN)
- Production Model
- Profiling
- Promiscuous Mode
- Proprietary Information (PROPIN)
- Protected Distribution System (PDS)
- Protection Philosophy
- Protection Profile
- Protective Distribution System
- Protective Packaging
- Protective Technologies
- Protocol
- Protocol Data Unit
- Protocol Entity
- Proxy
- Proxy Agent
- Proxy Server
- Pseudonym
- Pseudorandom Number Generator (PRNG)
- Public Domain Software
- Public Key
- Public Key (Asymmetric) Cryptographic Algorithm
- Public Key Certificate
- Public Key Cryptography
- Public Key Enabling (PKE)
- Public Key Infrastructure (PKI)
- Public Seed
- Purge
- Quadrant
- Qualitative Assessment
- Quality of Service
- Quantitative Assessment
- Quarantine
- Show all articles (90) Collapse Articles
- Radio Frequency Identification (RFID)
- Random Bit Generator (RBG)
- Random Number Generation (RNG)
- Randomizer
- Ransomware
- RBAC
- Read
- Read Access
- Real-Time Reaction
- Recipient Usage Period
- Reciprocity
- Records
- Records Management
- Recovery Point Objective
- Recovery Procedures
- Recovery Time Objective
- Recovery Time Objective (RTO)
- RED
- Red Signal
- Red Team
- Red Team Exercise
- Red/Black Concept
- Reference Monitor
- Registration
- Registration Authority (RA)
- Regulatory Requirements
- Rekey
- Rekey (a certificate)
- Release Prefix
- Relying Party
- Remanence
- Remediation
- Remediation Plan
- Remote Access
- Remote Diagnostics/Maintenance
- Remote Maintenance
- Remote Rekeying
- Removable Media
- Renew (a certificate)
- Repair Action
- Replay Attacks
- Repository
- Reserve Keying Material
- Residual Risk
- Residue
- Resilience
- Resource Encapsulation
- Responder
- Responsibility to Provide
- Responsible Individual
- Restricted Data
- Revoke a Certificate
- RFID
- Rijndael
- Risk
- Risk Analysis
- Risk Assessment
- Risk Assessment Methodology
- Risk Assessment Report
- Risk Assessor
- Risk Executive (or Risk Executive Function)
- Risk Management
- Risk Management Framework
- Risk Mitigation
- Risk Model
- Risk Monitoring
- Risk Response
- Risk Response Measure
- Risk Tolerance
- Risk-Adaptable Access Control (RAdAC)
- Robust Security Network (RSN)
- Robust Security Network Association (RSNA)
- Robustness
- Rogue Device
- Role
- Role-Based Access Control – (RBAC)
- Root Cause Analysis
- Root Certification Authority
- Rootkit
- Round Key
- Rule-Based Security Policy
- Rules of Engagement (ROE)
- Ruleset
- Show all articles (63) Collapse Articles
- S-box
- S/MIME
- Safeguarding Statement
- Safeguards
- Salt
- Sandboxing
- Sanitization
- SCADA
- Scanning
- Scatternet
- Scavenging
- Scoping Guidance
- Secret Key
- Secret Key (symmetric) Cryptographic Algorithm
- Secret Seed
- Secure Communication Protocol
- Secure Communications
- Secure DNS (SECDNS)
- Secure Erase
- Secure Hash Algorithm (SHA)
- Secure Hash Standard
- Secure Socket Layer (SSL)
- Secure State
- Secure Subsystem
- Secure/Multipurpose Internet Mail Extensions (S/MIME)
- Security
- Security Assertion Markup Language (SAML)
- Security Association
- Security Attribute
- Security Authorization
- Security Authorization (To Operate)
- Security Authorization Boundary
- Security Automation Domain
- Security Banner
- Security Categorization
- Security Category
- Security Concept of Operations (Security CONOP)
- Security Content Automation Protocol (SCAP)
- Security Control Assessment
- Security Control Assessor
- Security Control Baseline
- Security Control Effectiveness
- Security Control Enhancements
- Security Control Inheritance
- Security Controls
- Security Controls Baseline
- Security Domain
- Security Engineering
- Security Fault Analysis (SFA)
- Security Features Users Guide – (SFUG)
- Security Filter
- Security Functions
- Security Goals
- Security Impact Analysis
- Security Incident
- Security Information and Event Management (SIEM) Tool
- Security Inspection
- Security Kernel
- Security Label
- Security Level
- Security Management Dashboard
- Security Marking
- Security Markings
- Security Mechanism
- Security Net Control Station
- Security Objective
- Security Operations Center (SOC)
- Security Perimeter
- Security Plan
- Security Policy
- Security Program Plan
- Security Range
- Security Requirements
- Security Requirements Baseline
- Security Safeguards
- Security Service
- Security Specification
- Security Strength
- Security Tag
- Security Target
- Security Test & Evaluation (ST&E)
- Security Testing
- Security-Relevant Change
- Security-Relevant Event
- Security-Relevant Information
- Seed Key
- Semi-Quantitative Assessment
- Sender Policy Framework (SPF)
- Senior Agency Information Security Officer (SAISO)
- Senior Information Security Officer
- Sensitive Compartmented Information (SCI)
- Sensitive Compartmented Information Facility (SCIF)
- Sensitive Information
- Sensitivity
- Sensitivity Label
- Service-Level Agreement
- Shared Secret
- Shielded Enclosure
- Short Title
- Signature
- Signature Certificate
- Signature Generation
- Signature Validation
- Signature Verification
- Signed Data
- Single Point Keying
- Situational Awareness
- Skimming
- Smart Card
- Smishing
- Sniffer
- Social Engineering
- Software
- Software Assurance
- Software System Test and Evaluation Process
- Software-Based Fault Isolation
- Source Code
- Spam
- Spam Filtering Software
- Special Access Program (SAP)
- Special Access Program Facility – (SAPF)
- Special Character
- Specification
- Spillage
- Split Knowledge
- Spoofing
- Spread Spectrum
- Spyware
- SRTM- Security Requirements Traceability Matrix
- SSL
- Standard
- Start-Up KEK
- State
- Static Key
- Status Monitoring
- Steganography
- Storage Object
- Strength of Mechanism (SoM)
- Striped Core
- Strong Authentication
- Subassembly
- Subject
- Subject Security Level
- Subordinate Certification Authority
- Subscriber
- Subsystem
- Suite A
- Suite B
- Superencryption
- Superior Certification Authority
- Supersession
- Supervisory Control and Data Acquisition (SCADA)
- Supplementation (Security Controls)
- Supplementation (Assessment Procedures)
- Supply Chain
- Supply Chain Attack
- Suppression Measure
- Surrogate Access
- Syllabary
- Symmetric Encryption Algorithm
- Symmetric Key
- Synchronous Crypto-Operation
- System
- System Administrator
- System Assets
- System Development Methodologies
- System Development Life Cycle (SDLC)
- System High
- System High Mode
- System Indicator
- System Integrity
- System Interconnection
- System Low
- System Of Records
- System Owner
- System Profile
- System Security
- System Security Plan
- System Software
- System-Specific Security Control
- Systems Security Engineering
- Systems Security Officer
- What is Security Posture?
- Show all articles (163) Collapse Articles
- Tabletop Exercise
- Tactical Data
- Tactical Edge
- Tailored Security Control Baseline
- Tailoring
- Tailoring (Assessment Procedures)
- Tampering
- Technical Controls
- Technical Non-repudiation
- Technical Reference Model(TRM)
- Technical Security Controls
- Technical Vulnerability Information
- Telecommunications
- Telework
- Tempest
- TEMPEST
- TEMPEST Test
- TEMPEST Zone
- Test
- Test Key
- Third Party
- Third Party Risk Management (TPRM)
- Threat
- Threat Analysis
- Threat Assessment
- Threat Event
- Threat Monitoring
- Threat Scenario
- Threat Shifting
- Threat Source
- Time Bomb
- Time-Compliance Date
- Time-Dependent Password
- TOE Security Functions (TSF)
- TOE Security Policy (TSP)
- Token
- Total Risk
- Tracking Cookie
- Tradecraft Identity
- Traditional INFOSEC Program
- Traffic Analysis
- Traffic Encryption Key (TEK)
- Traffic Padding
- Traffic-Flow Security (TFS)
- Training (Information Security)
- Training Assessment
- Training Effectiveness
- Training Effectiveness Evaluation
- Tranquility
- Transmission
- Transmission Security (TRANSEC)
- Transport Layer Security (TLS)
- Trap Door
- Triple DES
- Trojan Horse
- Trust Agent
- Trust Anchor
- Trust List
- Trusted Agent
- Trusted Certificate
- Trusted Channel
- Trusted Computer System
- Trusted Computing Base (TCB)
- Trusted Distribution
- Trusted Foundry
- Trusted Identification Forwarding
- Trusted Path
- Trusted Platform Module (TPM) Chip
- Trusted Process
- Trusted Recovery
- Trusted Timestamp
- Trustworthiness
- Trustworthy System
- TSEC
- TSEC Nomenclature
- Tunneling
- Two-Part Code
- Two-Person Control (TPC)
- Two-Person Integrity (TPI)
- Type 1 Key
- Type 1 Product
- Type 2 Key
- Type 2 Product
- Type 3 Key
- Type 3 Product
- Type 4 Key
- Type 4 Product
- Type Accreditation
- Type Certification
- U.S. Person
- U.S.-Controlled Facility
- U.S.-Controlled Space
- Unauthorized Access
- Unauthorized Disclosure
- Unclassified
- United States Government Configuration Baseline (USGCB)
- Unsigned data
- Untrusted Process
- Update (a Certificate)
- Update (key)
- US-CERT
- User
- User ID
- User Initialization
- User Partnership Program (UPP)
- User Registration
- User Representative (COMSEC)
- User Representative (Risk Management)
- Show all articles (88) Collapse Articles
- Warm Site
- Web Bug
- Web Content Filtering Software
- Web Risk Assessment
- White Team
- Whitelist
- Wi-Fi Protected Access-2 (WPA2)
- Wiki
- Wired Equivalent Privacy (WEP)
- Wireless Access Point (WAP)
- Wireless Application Protocol (WAP)
- Wireless Local Area Network – (WLAN)
- Wireless Technology
- Work Factor
- Workcraft Identity
- Worm
- Write
- Write Access
- Write-Blocker
- X.509 Certificate
- X.509 Public Key Certificate
- Zero Fill
- Zeroization
- Zeroize
- Zombie
- Zone Of Control
- Show all articles (6) Collapse Articles
Health
Insurance
Mean Time To Respond (MTTR)
Created On
Last Updated On
Views2
Navigation:
< Back
Mean Time To Respond (MTTR): Why the First Reaction is Everything in SMB Cybersecurity
In the face of a cyberattack, every second counts. Once a threat is detected, the speed of your initial reaction can determine whether an incident is a minor hiccup or a catastrophic business event. This crucial window is measured by Mean Time To Respond (MTTR). For small and medium-sized businesses (SMBs), understanding and minimizing this metric is fundamental to resolving risk, securing cyber insurance, and building true operational resilience.
What is Mean Time To Respond (MTTR)?
It’s important to clarify that the acronym MTTR can refer to both “Repair” and “Respond.” In this context, Mean Time To Respond is the average time it takes for your team to take meaningful action after a security alert is generated.
This isn’t about fixing the entire problem. It’s about the critical first step: acknowledging the alert, triaging its severity, and beginning the investigation and containment process. A low Mean Time to Respond shows that your security operations are alert, efficient, and prepared to engage a threat the moment it’s discovered.
The Critical Role of a Fast Response for SMBs
For SMBs, which are increasingly targeted by cybercriminals, a slow response is a massive liability. A low MTTR is a direct indicator of a company’s ability to manage and mitigate cyber threats effectively.
Containing the Damage and Resolving Risk
The longer an attacker goes unchallenged after detection, the more damage they can inflict. A fast response allows you to:
- Stop Lateral Movement: Quickly prevent attackers from moving from their initial entry point to more critical parts of your network.
- Limit Data Exfiltration: Intervene before sensitive company or customer data can be stolen.
- Prevent Escalation: Stop a minor security event from turning into a full-blown ransomware attack or system-wide outage.
A swift response is a core component of an effective risk management program, as it actively reduces the potential impact of any given threat.
Strengthening Your Insurability
When you apply for cyber insurance, underwriters want to see evidence of a mature security program. A low MTTR, backed by clear procedures and logs, proves that you have a robust incident response capability. This demonstrates to insurers that you can effectively manage a crisis, which can result in:
- More favorable insurance premiums and policy terms.
- A higher likelihood of being approved for coverage.
- A stronger position during the claims process.
Building Proactive Business Resilience
Resilience isn’t just about surviving an attack; it’s about your ability to react and adapt under pressure. A low MTTR is a hallmark of a resilient organization. It shows that your people, processes, and technology are aligned and ready to defend the business, ensuring operational continuity even when faced with a security threat. As a specialized SMB cybersecurity company, building this resilience is at the heart of what we do.
How to Improve Your Mean Time To Respond
Reducing your response time is an achievable goal that hinges on preparation and process.
- Have a Clear Incident Response Plan (IRP): Your IRP should act as a guide, defining who is responsible for what, how to triage alerts, and the immediate first steps for containment. Our Incident Response Plan info page provides a good starting point.
- Define Roles and Responsibilities: When an alert comes in at 2 AM, there should be no confusion about who gets the call and what they are empowered to do.
- Use Playbooks for Common Alerts: Develop simple, step-by-step playbooks for frequent alerts (e.g., a phishing report, a malware detection). This removes guesswork and speeds up the initial reaction.
- Leverage Security Automation: Use tools that can automate initial response actions, such as isolating a suspicious endpoint from the network or blocking a malicious domain, giving your human team time to investigate further.
- Conduct Regular Drills and Tabletop Exercises: Practice makes perfect. To identify bottlenecks and ensure your team is prepared to act decisively, regularly test your Incident Response Plan.
The Bottom Line: Be Ready to Act
For an SMB, Mean Time To Respond is a direct measure of your readiness. By focusing on improving this metric, you empower your business to shut down threats before they can cause significant harm, building a more secure, insurable, and resilient organization.
External Resources for Further Reading:
