Search Knowledge Base by Keyword
Data Security / Privacy / Breach Law
- 23 NYCRR 500
- Alaska's Data Breach & Data Security Laws
- Arizona Data Breach Law
- Arkansas Data Breach Law
- Arkansas DHS Breach 2017
- Arkansas Government on 2017 Equifax Breach
- Business Email Compromise (BEC)
- California CCPA
- California Cybersecurity & Data Breach Laws
- Colorado Cybersecurity, Privacy & Data Breach Laws
- Connecticut Cybersecurity & Privacy Laws
- COPPA
- Delaware Cybersecurity & Privacy Regulations
- Florida Cybersecurity, Privacy & Data Breach Laws
- GDPR
- Georgia Cybersecurity, Data Privacy Laws & Insurance Regulations
- Hawaii Cybersecurity, Privacy & Data Security Laws
- Idaho Cybersecurity, Privacy & Data Security Laws
- Illinois Cybersecurity, Privacy & Data Security Laws
- Indiana Cybersecurity, Privacy & Data Security Laws
- Iowa | Data Breach Law
- Kansas Cybersecurity, Privacy & Data Security Law
- Kentucky | Data Breach Law
- Louisiana | Data Breach Law
- Maine | Data Breach Law
- Maryland Cybersecurity, Privacy & Data Regulations
- Massachusetts | Data Breach Law
- Michigan Data Security & Breach Laws
- Nevada Insurance Data Security Law (SB21)
- North Carolina Cybersecurity Laws
- PCI DSS
- Regulatory Requirements
- Tennessee Data Breach Law
- Third Party Risk Management (TPRM)
- Washington, D.C. Data Breach Law
- What are South Carolina Data Security & Breach Laws?
- What is HIPAA?
- WISP
- Show all articles (18) Collapse Articles
Definitions
- Access
- Access Authority
- Access Control
- Access Control List (ACL)
- Access Control Lists (ACLs)
- Access Control Mechanism
- Access Level
- Access List
- Access Point
- Access Profile
- Access Type
- Account Management, User
- Accountability
- Accounting Legend Code (ALC)
- Accounting Number
- Accreditation
- Accreditation Authority
- Accreditation Boundary
- Accreditation Package
- Accrediting Authority
- Activation Data
- Active Attack
- Active Content
- Active Security Testing
- Activities
- Ad Hoc Network
- Add-on Security
- Adequate Security
- Administrative Account
- Administrative Safeguards
- Advanced Encryption Standard (AES)
- Advanced Key Processor (AKP)
- Advanced Persistent Threats (APTs)
- Adversary
- Advisory
- Agency
- Agency Certification Authority (CA)
- Agent
- Alert
- Allocation
- Alternate COMSEC Custodian
- Alternate Work Site
- Analysis
- Anomaly-Based Detection
- Anti-jam
- Anti-spoof
- Antispyware Software
- Antivirus Software
- Applicant
- Application
- Approval to Operate (ATO)
- Approved
- Approved Mode of Operation
- Approved Security Function
- Assessment
- Assessment Findings
- Assessment Method
- Assessment Object
- Assessment Objective
- Assessment Procedure
- Assessor
- Asset
- Asset Identification
- Asset Reporting Format (ARF)
- Assurance
- Assurance Case
- Assured Information Sharing
- Assured Software
- Asymmetric Cryptography
- Asymmetric Keys
- Attack
- Attack Sensing and Warning (AS&W)
- Attack Signature
- Attribute Authority
- Attribute-Based Access Control
- Attribute-Based Authorization
- Audit
- Audit Data
- Audit Log
- Audit Reduction Tools
- Audit Review
- Audit Trail
- Authenticate
- Authentication
- Authentication Code
- Authentication Mechanism
- Authentication Mode
- Authentication Period
- Authentication Protocol
- Authentication Tag
- Authentication Token
- Authenticator
- Authenticity
- Authority
- Authorization
- Authorization (to operate)
- Authorization Boundary
- Authorize Processing
- Authorized Vendor
- Authorized Vendor Program(AVP)
- Authorizing Official
- Authorizing Official Designated Representative
- Automated Key Transport
- Automated Password Generator
- Automated Security Monitoring
- Automatic Remote Rekeying
- Autonomous System (AS)
- Availability
- Awareness (Information Security)
- Back Door
- Backdoor
- Backtracking Resistance
- Backup
- Banner
- Banner Grabbing
- Baseline
- Baseline Configuration
- Baseline Security
- Baselining
- Basic Testing
- Bastion Host
- Behavioral Outcome
- Benign Environment
- Binding
- Biometric
- Biometric Information
- Biometric System
- Biometrics
- Bit
- Bit Error Rate
- Bitcoin
- BLACK
- Black Box Testing
- Black Core
- Blacklist
- Blacklisting
- Blended Attack
- Blinding
- Block
- Block Cipher
- Block Cipher Algorithm
- Blue Team
- Body of Evidence (BoE)
- botnet
- Boundary
- Boundary Protection
- Boundary Protection Device
- Browsing
- Brute Force Password Attack
- Buffer Overflow
- Buffer Overflow Attack
- Bulk Encryption
- Business Continuity Plan (BCP)
- Business Email Compromise (BEC)
- Business Impact Analysis (BIA)
- Cyber Risks at Accounting Firms
- Show all articles (136) Collapse Articles
- California CCPA
- Call Back
- Canister
- Capstone Policies
- Capture
- Cardholder
- Cascading
- Category
- CBC/MAC
- CCM
- Central Office of Record (COR)
- Central Services Node (CSN)
- Certificate
- Certificate Management
- Certificate Management Authority – (CMA)
- Certificate Policy (CP)
- Certificate Revocation List (CRL)
- Certificate Status Authority
- Certificate-Related Information
- Certification
- Certification Analyst
- Certification Authority (CA)
- Certification Authority Facility
- Certification Authority Workstation (CAW)
- Certification Package
- Certification Practice Statement – (CPS)
- Certification Test and Evaluation(CT&E)
- Certified TEMPEST Technical Authority (CTTA)
- Certifier
- Chain of Custody
- Chain of Evidence
- Challenge and Reply Authentication
- Challenge-Response Protocol
- Check Word
- Checksum
- Chief Information Officer (CIO)
- Chief Information Security Officer (CISO)
- Cipher
- Cipher Block Chaining-Message Authentication Code(CBC-MAC)
- Cipher Suite
- Cipher Text Auto-Key (CTAK)
- Ciphertext
- Ciphertext/Cipher Text
- Ciphony
- Claimant
- Classified Information
- Classified Information Spillage
- Classified National Security Information
- Clear
- Clear Text
- Clearance
- Clearing
- Client
- Client (Application)
- Clinger-Cohen Act of 1996
- Closed Security Environment
- Closed Storage
- Cloud Computing
- CMMC
- Code
- Code Book
- Code Group
- Code Vocabulary
- Cold Site
- Cold Start
- Collision
- Command Authority
- Commercial COMSEC Evaluation Program (CCEP)
- Commodity Service
- Common Access Card (CAC)
- Common Carrier
- Common Configuration Enumeration (CCE)
- Common Configuration Scoring System (CCSS)
- Common Control
- Common Control Provider
- Common Criteria
- Common Fill Device
- Common Misuse Scoring System (CMSS)
- Common Platform Enumeration (CPE)
- Common Vulnerabilities and Exposures (CVE)
- Common Vulnerability Scoring System (CVSS)
- Communications Cover
- Communications Deception
- Communications Profile
- Communications Security (COMSEC)
- Community of Interest (COI)
- Community Risk
- Comparison
- Compartmentalization
- Compartmented Mode
- Compensating Security Control
- Compensating Security Controls
- Comprehensive Testing
- Compromise
- Compromising Emanations
- Computer Abuse
- Computer Cryptography
- Computer Forensics
- Computer Incident Response Team (CIRT)
- Computer Network Attack (CNA)
- Computer Network Defense(CND)
- Computer Network Exploitation – (CNE)
- Computer Network Operations (CNO)
- Computer Security (COMPUSEC)
- Computer Security Incident
- Computer Security Incident Response Team (CSIRT)
- Computer Security Object (CSO)
- Computer Security Objects Register
- Computer Security Subsystem
- Computer Virus
- Computing Environment
- COMSEC
- COMSEC Account
- COMSEC Account Audit
- COMSEC Aid
- COMSEC Assembly
- COMSEC Boundary
- COMSEC Chip Set
- COMSEC Control Program
- COMSEC Custodian
- COMSEC Demilitarization
- COMSEC Element
- COMSEC End-item
- COMSEC Equipment
- COMSEC Facility
- COMSEC Incident
- COMSEC Insecurity
- COMSEC Manager
- COMSEC Material
- COMSEC Material Control System (CMCS)
- COMSEC Modification
- COMSEC Module
- COMSEC Monitoring
- COMSEC Profile
- COMSEC Survey
- COMSEC System Data
- COMSEC Training
- Concentration Risk
- Concept of Operations (CONOP)
- Confidentiality
- Configuration Control
- Configuration Control Board (CCB)
- Confinement Channel
- Container
- Contamination
- Content Filtering
- Contingency Key
- Contingency Plan
- Contingent Business Interruption (CBI)
- Continuity of Government (COG)
- Continuity of Operations Plan(COOP)
- Continuous Monitoring
- Control Information
- Controlled Access Area
- Controlled Access Protection
- Controlled Area
- Controlled Cryptographic Item (CCI)
- Controlled Cryptographic Item (CCI) Assembly
- Controlled Cryptographic Item (CCI) Component
- Controlled Cryptographic Item (CCI) Equipment
- Controlled Interface
- Controlled Space
- Controlled Unclassified Information (CUI)
- Controlling Authority
- Cookie
- Cooperative Key Generation
- Cooperative Remote Rekeying
- COPPA
- Correctness Proof
- Counter with Cipher Block Chaining-Message Authentication Code (CCM)
- Countermeasure
- Countermeasures
- Cover-Coding
- Coverage
- Covert Channel
- Covert Channel Analysis
- Covert Storage Channel
- Covert Testing
- Covert Timing Channel
- Credential
- Credential Service Provider (CSP)
- Critical Infrastructure
- Critical Security Parameter (CSP)
- Criticality
- Criticality Level
- Cross Site Scripting (XSS)
- Cross-Certificate
- Cross-Domain Capabilities
- Cross-Domain Solution (CDS)
- Cryptanalysis
- Crypto Officer
- Cryptographic
- Cryptographic Alarm
- Cryptographic Algorithm
- Cryptographic Ancillary Equipment
- Cryptographic Binding
- Cryptographic Boundary
- Cryptographic Component
- Cryptographic Equipment
- Cryptographic Hash Function
- Cryptographic Ignition Key (CIK)
- Cryptographic Initialization
- Cryptographic Key
- Cryptographic Logic
- Cryptographic Material (slang CRYPTO)
- Cryptographic Module
- Cryptographic Module Security Policy
- Cryptographic Module Validation Program (CMVP)
- Cryptographic Net
- Cryptographic Period
- Cryptographic Product
- Cryptographic Randomization
- Cryptographic Security
- Cryptographic Strength
- Cryptographic Synchronization
- Cryptographic System
- Cryptographic System Analysis
- Cryptographic System Evaluation
- Cryptographic System Review
- Cryptographic System Survey
- Cryptographic Token
- Cryptography
- Cryptology
- CVE
- Cyber Attack
- Cyber Incident
- Cyber Infrastructure
- Cybersecurity
- Cyberspace
- Cyclical Redundancy Check (CRC)
- Show all articles (210) Collapse Articles
- Data
- Data Aggregation
- Data Asset
- Data Breach
- Data Element
- Data Encryption Algorithm (DEA)
- Data Encryption Standard (DES)
- Data Flow Control
- Data Harvesting
- Data Integrity
- Data Loss
- Data Mapping
- Data Origin Authentication
- Data Security
- Data Transfer Device (DTD)
- Decertification
- Decipher
- Decode
- Decrypt
- Decryption
- Dedicated Mode
- Default Classification
- Defense-in-Breadth
- Defense-in-Depth
- Degauss
- Delaware Cybersecurity & Privacy Regulations
- Delegated Development Program
- Deleted File
- Demilitarized Zone (DMZ)
- Denial of Service (DoS)
- Depth
- Descriptive Top-Level Specification (DTLS)
- Designated Approval Authority (DAA)
- Designated Approving (Accrediting) Authority
- Deterministic Random Bit Generator (DRBG)
- Deterministic Random Bit Generator (DRBG) Mechanism
- Device Distribution Profile
- Device Registration Manager
- Dial Back
- Differential Power Analysis (DPA)
- Digital Ecosystem
- Digital Evidence
- Digital Forensics
- Digital Signature
- Digital Signature Algorithm
- Direct Shipment
- Disaster Recovery Plan (DRP)
- Disconnection
- Discretionary Access Control
- Disk Imaging
- Disruption
- Distinguished Name (DN)
- Distinguishing Identifier
- Distributed Denial of Service – (DDoS)
- DKIM
- DMZ
- Domain
- Drop Accountability
- Dual-Use Certificate
- Duplicate Digital Evidence
- Duration
- Dynamic Subsystem
- E-Government (e-gov)
- Easter Egg
- Eavesdropping Attack
- Education (Information Security)
- Egress Filtering
- Electronic Authentication (E-authentication)
- Electronic Business (e-business)
- Electronic Credentials
- Electronic Evidence
- Electronic Key Entry
- Electronic Key Management System (EKMS)
- Electronic Messaging Services
- Electronic Signature
- Electronically Generated Key
- Emanations Security (EMSEC)
- Embedded Computer
- Embedded Cryptographic System
- Embedded Cryptography
- Encipher
- Enclave
- Enclave Boundary
- Encode
- Encrypt
- Encrypted Key
- Encrypted Network
- Encryption
- Encryption Algorithm
- Encryption Certificate
- End Cryptographic Unit (ECU)
- End-Item Accounting
- End-to-End Encryption
- End-to-End Security
- Enrollment Manager
- Enterprise
- Enterprise Architecture (EA)
- Enterprise Risk Management
- Enterprise Service
- Entity
- Entrapment
- Entropy
- Environment
- Environment of Operation
- Ephemeral Key
- Erasure
- Error Detection Code
- Escrow
- Evaluation Assurance Level (EAL)
- Evaluation Products List (EPL)
- Event
- Examination
- Examine
- Exculpatory Evidence
- Executive Agency
- Exercise Key
- Expected Output
- Exploit Code
- Exploitable Channel
- Extensible Configuration Checklist Description Format (XCCDF)
- External Information System Service
- External Information System (or Component)
- External Information System Service Provider
- External Network
- External Security Testing
- Extraction Resistance
- Extranet
- Show all articles (107) Collapse Articles
- Fail Safe
- Fail Soft
- Failover
- Failure Access
- Failure Control
- False Acceptance
- False Acceptance Rate (FAR)
- False Positive
- False Rejection
- False Rejection Rate (FRR)
- Federal Agency
- Federal Bridge Certification Authority (FBCA)
- Federal Bridge Certification Authority Membrane
- Federal Bridge Certification Authority Operational Authority
- Federal Enterprise Architecture
- Federal Information Processing Standard (FIPS)
- Federal Information Security Management Act (FISMA)
- Federal Information System
- Federal Information Systems Security Educators’ Association (FISSEA)
- Federal Public Key Infrastructure Policy Authority (FPKI PA)
- File Encryption
- File Name Anomaly
- File Protection
- File Security
- Fill Device
- FIPS
- FIPS PUB
- FIPS-Approved Security Method
- FIPS-Validated Cryptography
- FIREFLY
- Firewall
- Firewall Control Proxy
- Firmware
- FISMA
- Fixed COMSEC Facility
- Flaw
- Flooding
- Focused Testing
- Forced Leave
- Forensic Copy
- Forensic Specialist
- Forensically Clean
- Forensics
- Formal Access Approval
- Formal Development Methodology
- Formal Method
- Formal Proof
- Formal Security Policy
- Formatting Function
- Forward Cipher
- Frequency Hopping
- Full Disk Encryption (FDE)
- Full Maintenance
- Functional Testing
- Gateway
- GDPR
- General Support System
- Geolocation Data
- Global Information Grid (GIG)
- Global Information Infrastructure (GII)
- Governance
- Graduated Security
- Gray Box Testing
- Group Authenticator
- Guard (System)
- Guessing Entropy
- What Is Flaw Hypothesis Methodology?
- Show all articles (47) Collapse Articles
- Hacker
- Handshaking Procedures
- Hard Copy Key
- Hardening
- Hardware Security Module (HSM) Keys
- Hardwired Key
- Hash Function
- Hash Total
- Hash Value
- Hash Value/Result
- Hash-based Message Authentication Code (HMAC)
- Hashing
- Hashword
- Health Information Exchange (HIE)
- High Assurance Guard (HAG)
- High Availability
- High Impact
- High-Impact System
- Honeypot
- Hot Site
- Hot Wash
- Hybrid Security Control
- IA Architecture
- IA Infrastructure
- IA Product
- IA-Enabled Information Technology Product
- IA-Enabled Product
- Identification
- Identifier
- Identity
- Identity Binding
- Identity Proofing
- Identity Registration
- Identity Token
- Identity Validation
- Identity Verification
- Identity-Based Access Control
- Identity-Based Security Policy
- Image
- Imitative Communications Deception
- Impact
- Impact Level
- Impact Value
- Implant
- Inadvertent Disclosure
- Incident
- Incident Handling
- Incident Response Plan
- Incident Response Plan
- Incomplete Parameter Checking
- Inculpatory Evidence
- Independent Validation Authority (IVA)
- Independent Verification & Validation (IV&V)
- Indicator
- Individual
- Individual Accountability
- Individuals
- Industrial Control System
- Informal Security Policy
- Information
- Information Assurance (IA)
- Information Assurance (IA) Professional
- Information Assurance Component (IAC)
- Information Assurance Manager (IAM)
- Information Assurance Officer (IAO)
- Information Assurance Vulnerability Alert (IAVA)
- Information Domain
- Information Environment
- Information Flow Control
- Information Management
- Information Operations (IO)
- Information Owner
- Information Resources
- Information Resources Management (IRM)
- Information Security
- Information Security Architect
- Information Security Architecture
- Information Security Continuous Monitoring (ISCM)
- Information Security Continuous Monitoring (ISCM) Process
- Information Security Continuous Monitoring (ISCM) Program
- Information Security Policy
- Information Security Program Plan
- Information Security Risk
- Information Sharing
- Information Sharing Environment
- Information Steward
- Information System
- Information System Boundary
- Information System Contingency Plan (ISCP)
- Information System Life Cycle
- Information System Owner
- Information System Owner (or Program Manager)
- Information System Resilience
- Information System Security Officer (ISSO)
- Information System-Related Security Risks
- Information Systems Security (INFOSEC)
- Information Systems Security Engineer (ISSE)
- Information Systems Security Engineering (ISSE)
- Information Systems Security Equipment Modification
- Information Systems Security Manager (ISSM)
- Information Systems Security Officer (ISSO)
- Information Systems Security Product
- Information Technology
- Information Type
- Information Value
- Inheritance
- Initialization Vector (IV)
- Initialize
- Initiator
- Inside(r) Threat
- Insider Threat
- Inspectable Space
- Integrity
- Integrity Check Value
- Intellectual Property
- Interconnection Security Agreement (ISA)
- Interface
- Interface Control Document
- Interim Approval to Operate (IATO)
- Interim Approval to Test (IATT)
- Intermediate Certification Authority (CA)
- Internal Network
- Internal Security Controls
- Internal Security Testing
- Internet
- Internet Protocol (IP)
- Interoperability
- Interview
- Intranet
- Intrusion
- Intrusion Detection and Prevention System (IDPS)
- Intrusion Detection Systems (IDS)
- Intrusion Detection Systems (IDS) – (Host-Based)
- Intrusion Detection Systems (IDS) – (Network-Based)
- Intrusion Prevention System(s) (IPS)
- Inverse Cipher
- IP Security (IPsec)
- IT Security Architecture
- IT Security Awareness
- IT Security Awareness and Training Program
- IT Security Education
- IT Security Investment
- IT Security Metrics
- IT Security Policy
- IT Security Training
- IT-Related Risk
- What is HIPAA?
- Show all articles (127) Collapse Articles
- Jamming
- Joint Authorization
- Kerberos
- Key
- Key Bundle
- Key Distribution Center (KDC)
- Key Escrow
- Key Escrow System
- Key Establishment
- Key Exchange
- Key Expansion
- Key Generation Material
- Key List
- Key Loader
- Key Logger
- Key Management
- Key Management Device
- Key Management Infrastructure (KMI)
- Key Pair
- Key Production Key (KPK)
- Key Recovery
- Key Stream
- Key Tag
- Key Tape
- Key Transport
- Key Updating
- Key Wrap
- Key-Auto-Key (KAK)
- Key-Encryption-Key (KEK)
- Keyed-hash based message authentication code (HMAC)
- Keying Material
- Keystroke Monitoring
- KMI Operating Account (KOA)
- KMI Protected Channel (KPC)
- KMI-Aware Device
- KOA Agent
- KOA Manager
- KOA Registration Manager
- Show all articles (18) Collapse Articles
- Label
- Labeled Security Protections
- Laboratory Attack
- Least Privilege
- Least Trust
- Level of Concern
- Level of Protection
- Likelihood of Occurrence
- Limited Maintenance
- Line Conditioning
- Line Conduction
- Line of Business
- Link Encryption
- List-Oriented
- LLMjacking
- Local Access
- Local Authority
- Local Management Device/Key Processor (LMD/KP)
- Local Registration Authority (LRA)
- Logic Bomb
- Logical Completeness Measure
- Logical Perimeter
- Long Title
- Low Impact
- Low Probability of Detection
- Low Probability of Intercept
- Low-Impact System
- Macro Virus
- Magnetic Remanence
- Maintenance Hook
- Maintenance Key
- Major Application
- Major Information System
- Malicious Applets
- Malicious Code
- Malicious Logic
- Malware
- Man-in-the-middle Attack (MitM)
- Management Client (MGC)
- Management Controls
- Management Security Controls
- Mandatory Access Control (MAC)
- Mandatory Modification
- Manipulative Communications Deception
- Manual Cryptosystem
- Manual Key Transport
- Manual Remote Rekeying
- Marking
- Masquerading
- Master Cryptographic Ignition Key
- Match/matching
- Maximum Tolerable Downtime
- Mean Time to Contain (MTTC)
- Mean Time to Detect (MTTD)
- Mean Time To Repair (MTTR)
- Mean Time To Respond (MTTR)
- Mechanisms
- Media
- Media Sanitization
- Memorandum of Understanding/Agreement (MOU/A)
- Memory Scavenging
- Message Authentication Code (MAC)
- Message Digest
- Message Externals
- Message Indicator
- Metrics
- MIME
- Mimicking
- Min-Entropy
- Minimalist Cryptography
- Minor Application
- Misnamed Files
- Mission Assurance Category (MAC)
- Mission Critical
- Mission/Business Segment
- Mobile Code
- Mobile Code Technologies
- Mobile Device
- Mobile Software Agent
- Mode of Operation
- Moderate Impact
- Moderate-Impact System
- Multi-Hop Problem
- Multi-Releasable
- Multifactor Authentication
- Multilevel Device
- Multilevel Mode
- Multilevel Security (MLS)
- Multiple Security Levels (MSL)
- Mutual Authentication
- Mutual Suspicion
- The Null Hypothesis in Cybersecurity
- Show all articles (72) Collapse Articles
- 23 NYCRR 500
- Naming Authority
- National Information Infrastructure
- National Information Assurance Partnership (NIAP)
- National Security Emergency Preparedness Telecommunications Services
- National Security Information
- National Security Information(NSI)
- National Security System
- National Vulnerability Database (NVD)
- Need To Know Determination
- Need-To-Know
- Needs Assessment (IT Security Awareness Training)
- Net-centric Architecture
- Network
- Network Access
- Network Access Control (NAC)
- Network Address Translation (NAT)
- Network Front-End
- Network Reference Monitor
- Network Resilience
- Network Security
- Network Security Officer
- Network Sniffing
- Network Sponsor
- Network System
- Network Weaving
- Nevada Insurance Data Security Law (SB21)
- No-Lone Zone (NLZ)
- Non-deterministic Random Bit Generator (NRBG)
- Non-Local Maintenance
- Non-Organizational User
- Non-repudiation
- Nonce
- North Carolina Cybersecurity Laws
- NSA-Approved Cryptography
- Nth Tier Risk
- Null
- Object
- Object Identifier
- Object Reuse
- Off-Card
- Off-line Attack
- Off-line Cryptosystem
- Official Information
- On-Card
- One-part Code
- One-time Cryptosystem
- One-time Pad
- One-time Tape
- One-Way Hash Algorithm
- Online Attack
- Online Certificate Status Protocol (OCSP)
- Online Cryptosystem
- Open Checklist Interactive Language (OCIL)
- Open Storage
- Open Vulnerability and Assessment Language (OVAL)
- Operating System (OS) Fingerprinting
- Operational Controls
- Operational Key
- Operational Vulnerability Information
- Operational Waiver
- Operations Code
- Operations Security (OPSEC)
- Optional Modification
- Organization
- Organizational Information Security Continuous Monitoring
- Organizational Maintenance
- Organizational Registration Authority (ORA)
- Organizational User
- Outside Threat
- Outside(r) Threat
- Over-The-Air Key Distribution
- Over-The-Air Key Transfer
- Over-The-Air Rekeying (OTAR)
- Overt Channel
- Overt Testing
- Overwrite Procedure
- Show all articles (57) Collapse Articles
- Packet Filter
- Packet Sniffer
- Parity
- Partitioned Security Mode
- Passive Attack
- Passive Security Testing
- Passive Wiretapping
- Password
- Password Cracking
- Password Protected
- Patch
- Patch Management
- Path Histories
- Payload
- PCI DSS
- Peer Entity Authentication
- Penetration
- Penetration Testing
- Per-Call Key
- Performance Reference Model (PRM)
- Perimeter
- Periods Processing
- Perishable Data
- Permuter
- Personal Firewall
- Personal Identification Number (PIN)
- Personal Identity Verification Issuer
- Personal Identity Verification (PIV)
- Personal Identity Verification Accreditation
- Personal Identity Verification Authorizing Official
- Personal Identity Verification Card (PIV Card)
- Personal Identity Verification Registrar
- Personal Identity Verification Sponsor
- Personally Identifiable Information (PII)
- Personnel Registration Manager
- Phishing
- Physically Isolated Network
- Piconet
- PII Confidentiality Impact Level
- Plaintext
- Plaintext Key
- Plan of Action and Milestones (POA&M)
- Policy Approving Authority (PAA)
- Policy Certification Authority (PCA)
- Policy Management Authority (PMA)
- Policy Mapping
- Policy-Based Access Control (PBAC)
- Port
- Port Scanning
- Portable Electronic Device (PED)
- Portal
- Positive Control Material
- Potential Impact
- Practice Statement
- Precursor
- Prediction Resistance
- Predisposing Condition
- Preproduction Model
- Primary Services Node (PRSN)
- Principal
- Principal Accrediting Authority (PAA)
- Principal Certification Authority – (CA)
- Print Suppression
- Privacy
- Privacy Impact Assessment (PIA)
- Privacy System
- Private Key
- Privilege
- Privilege Management
- Privileged Access Management (PAM)
- Privileged Account
- Privileged Accounts
- Privileged Command
- Privileged Process
- Privileged User
- Probability of Occurrence
- Probe
- Product Source Node (PSN)
- Production Model
- Profiling
- Promiscuous Mode
- Proprietary Information (PROPIN)
- Protected Distribution System (PDS)
- Protection Philosophy
- Protection Profile
- Protective Distribution System
- Protective Packaging
- Protective Technologies
- Protocol
- Protocol Data Unit
- Protocol Entity
- Proxy
- Proxy Agent
- Proxy Server
- Pseudonym
- Pseudorandom Number Generator (PRNG)
- Public Domain Software
- Public Key
- Public Key (Asymmetric) Cryptographic Algorithm
- Public Key Certificate
- Public Key Cryptography
- Public Key Enabling (PKE)
- Public Key Infrastructure (PKI)
- Public Seed
- Purge
- Quadrant
- Qualitative Assessment
- Quality of Service
- Quantitative Assessment
- Quarantine
- Show all articles (90) Collapse Articles
- Radio Frequency Identification (RFID)
- Random Bit Generator (RBG)
- Random Number Generation (RNG)
- Randomizer
- Ransomware
- RBAC
- Read
- Read Access
- Real-Time Reaction
- Recipient Usage Period
- Reciprocity
- Records
- Records Management
- Recovery Point Objective
- Recovery Procedures
- Recovery Time Objective
- Recovery Time Objective (RTO)
- RED
- Red Signal
- Red Team
- Red Team Exercise
- Red/Black Concept
- Reference Monitor
- Registration
- Registration Authority (RA)
- Regulatory Requirements
- Rekey
- Rekey (a certificate)
- Release Prefix
- Relying Party
- Remanence
- Remediation
- Remediation Plan
- Remote Access
- Remote Diagnostics/Maintenance
- Remote Maintenance
- Remote Rekeying
- Removable Media
- Renew (a certificate)
- Repair Action
- Replay Attacks
- Repository
- Reserve Keying Material
- Residual Risk
- Residue
- Resilience
- Resource Encapsulation
- Responder
- Responsibility to Provide
- Responsible Individual
- Restricted Data
- Revoke a Certificate
- RFID
- Rijndael
- Risk
- Risk Analysis
- Risk Assessment
- Risk Assessment Methodology
- Risk Assessment Report
- Risk Assessor
- Risk Executive (or Risk Executive Function)
- Risk Management
- Risk Management Framework
- Risk Mitigation
- Risk Model
- Risk Monitoring
- Risk Response
- Risk Response Measure
- Risk Tolerance
- Risk-Adaptable Access Control (RAdAC)
- Robust Security Network (RSN)
- Robust Security Network Association (RSNA)
- Robustness
- Rogue Device
- Role
- Role-Based Access Control – (RBAC)
- Root Cause Analysis
- Root Certification Authority
- Rootkit
- Round Key
- Rule-Based Security Policy
- Rules of Engagement (ROE)
- Ruleset
- Show all articles (63) Collapse Articles
- S-box
- S/MIME
- Safeguarding Statement
- Safeguards
- Salt
- Sandboxing
- Sanitization
- SCADA
- Scanning
- Scatternet
- Scavenging
- Scoping Guidance
- Secret Key
- Secret Key (symmetric) Cryptographic Algorithm
- Secret Seed
- Secure Communication Protocol
- Secure Communications
- Secure DNS (SECDNS)
- Secure Erase
- Secure Hash Algorithm (SHA)
- Secure Hash Standard
- Secure Socket Layer (SSL)
- Secure State
- Secure Subsystem
- Secure/Multipurpose Internet Mail Extensions (S/MIME)
- Security
- Security Assertion Markup Language (SAML)
- Security Association
- Security Attribute
- Security Authorization
- Security Authorization (To Operate)
- Security Authorization Boundary
- Security Automation Domain
- Security Banner
- Security Categorization
- Security Category
- Security Concept of Operations (Security CONOP)
- Security Content Automation Protocol (SCAP)
- Security Control Assessment
- Security Control Assessor
- Security Control Baseline
- Security Control Effectiveness
- Security Control Enhancements
- Security Control Inheritance
- Security Controls
- Security Controls Baseline
- Security Domain
- Security Engineering
- Security Fault Analysis (SFA)
- Security Features Users Guide – (SFUG)
- Security Filter
- Security Functions
- Security Goals
- Security Impact Analysis
- Security Incident
- Security Information and Event Management (SIEM) Tool
- Security Inspection
- Security Kernel
- Security Label
- Security Level
- Security Management Dashboard
- Security Marking
- Security Markings
- Security Mechanism
- Security Net Control Station
- Security Objective
- Security Operations Center (SOC)
- Security Perimeter
- Security Plan
- Security Policy
- Security Program Plan
- Security Range
- Security Requirements
- Security Requirements Baseline
- Security Safeguards
- Security Service
- Security Specification
- Security Strength
- Security Tag
- Security Target
- Security Test & Evaluation (ST&E)
- Security Testing
- Security-Relevant Change
- Security-Relevant Event
- Security-Relevant Information
- Seed Key
- Semi-Quantitative Assessment
- Sender Policy Framework (SPF)
- Senior Agency Information Security Officer (SAISO)
- Senior Information Security Officer
- Sensitive Compartmented Information (SCI)
- Sensitive Compartmented Information Facility (SCIF)
- Sensitive Information
- Sensitivity
- Sensitivity Label
- Service-Level Agreement
- Shared Secret
- Shielded Enclosure
- Short Title
- Signature
- Signature Certificate
- Signature Generation
- Signature Validation
- Signature Verification
- Signed Data
- Single Point Keying
- Situational Awareness
- Skimming
- Smart Card
- Smishing
- Sniffer
- Social Engineering
- Software
- Software Assurance
- Software System Test and Evaluation Process
- Software-Based Fault Isolation
- Source Code
- Spam
- Spam Filtering Software
- Special Access Program (SAP)
- Special Access Program Facility – (SAPF)
- Special Character
- Specification
- Spillage
- Split Knowledge
- Spoofing
- Spread Spectrum
- Spyware
- SRTM- Security Requirements Traceability Matrix
- SSL
- Standard
- Start-Up KEK
- State
- Static Key
- Status Monitoring
- Steganography
- Storage Object
- Strength of Mechanism (SoM)
- Striped Core
- Strong Authentication
- Subassembly
- Subject
- Subject Security Level
- Subordinate Certification Authority
- Subscriber
- Subsystem
- Suite A
- Suite B
- Superencryption
- Superior Certification Authority
- Supersession
- Supervisory Control and Data Acquisition (SCADA)
- Supplementation (Security Controls)
- Supplementation (Assessment Procedures)
- Supply Chain
- Supply Chain Attack
- Suppression Measure
- Surrogate Access
- Syllabary
- Symmetric Encryption Algorithm
- Symmetric Key
- Synchronous Crypto-Operation
- System
- System Administrator
- System Assets
- System Development Methodologies
- System Development Life Cycle (SDLC)
- System High
- System High Mode
- System Indicator
- System Integrity
- System Interconnection
- System Low
- System Of Records
- System Owner
- System Profile
- System Security
- System Security Plan
- System Software
- System-Specific Security Control
- Systems Security Engineering
- Systems Security Officer
- What is Security Posture?
- Show all articles (163) Collapse Articles
- Tabletop Exercise
- Tactical Data
- Tactical Edge
- Tailored Security Control Baseline
- Tailoring
- Tailoring (Assessment Procedures)
- Tampering
- Technical Controls
- Technical Non-repudiation
- Technical Reference Model(TRM)
- Technical Security Controls
- Technical Vulnerability Information
- Telecommunications
- Telework
- Tempest
- TEMPEST
- TEMPEST Test
- TEMPEST Zone
- Test
- Test Key
- Third Party
- Third Party Risk Management (TPRM)
- Threat
- Threat Analysis
- Threat Assessment
- Threat Event
- Threat Monitoring
- Threat Scenario
- Threat Shifting
- Threat Source
- Time Bomb
- Time-Compliance Date
- Time-Dependent Password
- TOE Security Functions (TSF)
- TOE Security Policy (TSP)
- Token
- Total Risk
- Tracking Cookie
- Tradecraft Identity
- Traditional INFOSEC Program
- Traffic Analysis
- Traffic Encryption Key (TEK)
- Traffic Padding
- Traffic-Flow Security (TFS)
- Training (Information Security)
- Training Assessment
- Training Effectiveness
- Training Effectiveness Evaluation
- Tranquility
- Transmission
- Transmission Security (TRANSEC)
- Transport Layer Security (TLS)
- Trap Door
- Triple DES
- Trojan Horse
- Trust Agent
- Trust Anchor
- Trust List
- Trusted Agent
- Trusted Certificate
- Trusted Channel
- Trusted Computer System
- Trusted Computing Base (TCB)
- Trusted Distribution
- Trusted Foundry
- Trusted Identification Forwarding
- Trusted Path
- Trusted Platform Module (TPM) Chip
- Trusted Process
- Trusted Recovery
- Trusted Timestamp
- Trustworthiness
- Trustworthy System
- TSEC
- TSEC Nomenclature
- Tunneling
- Two-Part Code
- Two-Person Control (TPC)
- Two-Person Integrity (TPI)
- Type 1 Key
- Type 1 Product
- Type 2 Key
- Type 2 Product
- Type 3 Key
- Type 3 Product
- Type 4 Key
- Type 4 Product
- Type Accreditation
- Type Certification
- U.S. Person
- U.S.-Controlled Facility
- U.S.-Controlled Space
- Unauthorized Access
- Unauthorized Disclosure
- Unclassified
- United States Government Configuration Baseline (USGCB)
- Unsigned data
- Untrusted Process
- Update (a Certificate)
- Update (key)
- US-CERT
- User
- User ID
- User Initialization
- User Partnership Program (UPP)
- User Registration
- User Representative (COMSEC)
- User Representative (Risk Management)
- Show all articles (88) Collapse Articles
- Warm Site
- Web Bug
- Web Content Filtering Software
- Web Risk Assessment
- White Team
- Whitelist
- Wi-Fi Protected Access-2 (WPA2)
- Wiki
- Wired Equivalent Privacy (WEP)
- Wireless Access Point (WAP)
- Wireless Application Protocol (WAP)
- Wireless Local Area Network – (WLAN)
- Wireless Technology
- Work Factor
- Workcraft Identity
- Worm
- Write
- Write Access
- Write-Blocker
- X.509 Certificate
- X.509 Public Key Certificate
- Zero Fill
- Zeroization
- Zeroize
- Zombie
- Zone Of Control
- Show all articles (6) Collapse Articles
Health
Insurance
Mean Time to Detect (MTTD)
Created On
Last Updated On
Views2
Navigation:
< Back
Understanding Mean Time to Detect (MTTD) and Its Critical Role in Your Business’s Cyber Resilience
Understanding Mean Time to Detect (MTTD) and Its Critical Role in Your Business’s Cyber Resilience
In the world of cybersecurity, time is of the essence. The longer a threat goes undetected in your network, the more damage it can do. This is where a critical metric comes into play: Mean Time To Detect (MTTD). For small and medium-sized businesses (SMBs), understanding and minimizing your MTTD is not just a technical detail—it’s a crucial factor in your overall risk management, insurability, and resilience.
What is Mean Time To Detect (MTTD)?
Mean Time To Detect (MTTD) is the average time it takes for your cybersecurity team or systems to identify a security incident or threat. It’s a key performance indicator (KPI) that measures the effectiveness of your monitoring and detection capabilities. A lower MTTD is better, as it signifies that you can spot malicious activity quickly, allowing for a faster response to contain the threat and minimize potential damage.
To calculate MTTD, you would sum the time it took to detect all security incidents over a specific period and then divide that by the number of incidents.
For example, if you had three incidents, and it took 10 hours, 15 hours, and 20 hours to detect them, your MTTD would be (10 + 15 + 20) / 3 = 15 hours.
Why is MTTD So Important for SMBs?
Many SMBs operate under the dangerous assumption that they are too small to be a target for cybercriminals. However, the reality is that SMBs are often seen as easier targets due to potentially having fewer security resources. Here’s why a low MTTD is vital for your business:
- Minimizing Damage: The longer an attacker has access to your systems, the more time they have to steal sensitive data, disrupt operations, and cause financial and reputational harm. A shorter detection time directly translates to less damage.
- Reducing Costs: The cost of a data breach is often directly proportional to the time it takes to contain it. A recent IBM report found that the average time to detect and contain a data breach is 277 days. By reducing your MTTD, you can significantly lower the financial impact of an incident.
- Improving Insurability: When you apply for cyber insurance, underwriters will assess your cybersecurity posture. A low MTTD demonstrates that you have effective security monitoring in place, which can make you a more attractive risk to insure and can lead to better policy terms and premiums. You can learn more about cyber insurance and its importance on our Cyber Insurance page.
- Enhancing Overall Resilience: A strong cybersecurity posture is a key component of business resilience. The ability to quickly detect and respond to threats ensures that you can maintain business operations, even in the face of a cyberattack. Our team at tekrisq, inc. specializes in helping SMBs improve their resilience to cyber threats. Learn more about our approach on our specialized SMB cybersecurity company helping build resilience page.
How to Improve Your MTTD
Improving your MTTD requires a proactive and multi-faceted approach to cybersecurity. Here are some key steps you can take:
- Implement Robust Monitoring and Detection Tools: Utilize tools like Endpoint Detection and Response (EDR) and Security Information and Event Management (SIEM) systems to gain visibility into your network and detect suspicious activity in real-time.
- Develop a Comprehensive Incident Response Plan: A well-defined incident response plan will outline the steps to take when a security incident is detected, ensuring a swift and coordinated response.
- Conduct Regular Security Awareness Training: Educate your employees on how to recognize and report potential security threats, such as phishing emails and suspicious downloads.
- Leverage External Expertise: For many SMBs, partnering with a managed security service provider (MSSP) can provide access to the expertise and resources needed to effectively monitor for threats 24/7.
The Bottom Line
In today’s digital landscape, a reactive approach to cybersecurity is no longer sufficient. By focusing on proactive measures to reduce your Mean Time To Detect, you can achieve many things. You’ll significantly strengthen your security posture, reduce your risk of a major data breach, and improve your overall business resilience.
For more information on how to assess and improve your organization’s cybersecurity, explore our resources. These are found on Risk Management Framework (RMF) and our Interactive Guide to Cybersecurity Regulations.
External Resources:
Last Updated On
Tags:
