The process of determining whether someone or some process may have access to a resource (Access) and to confirm the identity of that person or process (Authentication).
Software designed to detect and destroy computer viruses.
Developing and testing security features within applications to prevent security vulnerabilities against threats.
The measurement of physiological characteristics like – but not limited to – fingerprint, iris patterns, or facial features that can be used to identify an individual.
The processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption.
A discipline that uses various methods to discover, model, analyze, measure, improve and optimize business processes.
A collection of procedures and technology designed to address external and internal threats to devices, servers, repositories, applications amd systems connected via a network.
An online or digitally-based portal where professionals from all relevant departments in an entity can join in to create a holistic compliance program.
The process of managing contract creation, execution, and analysis to maximize operational and financial performance at an organization, all while reducing financial risk.
concern surrounding the protection of systems, networks and assets whose continuous operation is deemed necessary to ensure the security of an entity.
Insurance designed to cover damages, investigation and recovery from cyber attacks.
The collection and evaluation of data from various sources typically to understand the whole of an entity’s data for compliance purposes.
The process of identifying networks and devices on those networks for a complete map of an entity’s network infrastructure. It includes integrating data, building data warehouses, transforming data, or Migrating data from one place to another.
The protection of data at rest and in motion against threats to its confidentiality, integrity and availability.
the process of obtaining and exchanging evidence in a legal case or investigation.
Converting information into secret code that hides the information's true meaning
The process of planning, organizing, directing and controlling the activities of an organization to minimize risk on a holistic level.
The process of using external staff to audit an entity for adherence to standards (e.g. compliance, legal, regulatory, internal policy, etc.).
A network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies
A strategy for handling the interdependencies between corporate governance policies, enterprise risk management programs and regulatory compliance.
An effort to detect an attack, minimize its effects, and investigate those who are responsible.
The process of using internal staff to audit their entity for adherence to standards (e.g. compliance, legal, regulatory, internal policy, etc.).
Protections for cloud-connected devices such as home automation, smart devices, security cameras, and any other technology connected to the cloud over the Internet.
A monitoring system that detects suspicious activities and creates relevant alerts.
A network security tool (which can be a hardware device or software) that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it, when it does occur.
Computational science that focuses on analyzing and interpreting patterns and structures in data to enable learning, reasoning, and decision making outside of human interaction.
Protects your network and data from breaches, intrusions and other threats.
Detecting unwanted people or objects from entering a restricted zone.
Technologies that reduce the risk of improper or unauthorized access to, or disclosure of, private or sensitive data.
The analysis of the likelihood and harm of a threats and the further assessment of reasonable controls to reduce risk to an acceptable state.
Tools and techniques for measuring the likelihood and impact of risks in financial terms.
Security Incident Event Management (SIEM) solution collects logs from your applications for analysis of incidents and research of useful patterns.
Threat intelligence includes platforms and services which help provide insight into threats and threat actors.
Online or in-person training devoted to teaching the audience about the importance of their role in the control of risks.
Vulnerability management is the process of identifying, evaluating, treating, and reporting on security vulnerabilities in systems and the software that runs on them.
