Resource Center



 A flaw or weakness that can be used to attack a system or organization.


The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains or to control system components and functions.
Access Control
Controlling who has access to a computer or online service and the information it stores.
Active Attack
An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources, its data or its operations.
Software which attempts to identify and delete or isolate malware. Antivirus software may use both a database containing signatures of known threats and heuristics to identify malware. Usually run as a background service to scan files and email copied to the protected system.
The process to verify that someone is who they claim to be when they try to access a computer or online service.


Backing Up
To make a copy of data stored on a computer or server to lessen the potential impact of failure or loss.
Black Hat
A black hat is a computer hacker who works to harm others (e.g., steal identities, spread computer viruses, install bot software).
A list of computers, IP addresses, user names or other identifiers to block from access to a computing resource.
A computer connected to the Internet that has been surreptitiously/secretly compromised with malicious logic to perform activities under the remote command and control of a remote administrator.
Bring Your Own Device (BYOD)
The authorized use of personally owned mobile devices such as smartphones or tablets in the workplace.
High-speed data transmission system where the communications circuit is shared between multiple users.
Business Continuity Management
Preparing for and maintaining continued business operations following disruption or crisis.


A payment card transaction where the supplier initially receives payment but the transaction is later rejected by the cardholder or the card issuing company. The supplier’s account is then debited with the disputed amount.
Cloud Computing
A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
Common Text
A structure and series of requirements defined by the International Organization for Standardization, that are being incorporated in all management system International Standards as they are revised.
Software tools designed to aid criminals in perpetrating online crime. Refers only to programs not generally considered desirable or usable for ordinary tasks. Thus, while a criminal may use Internet Explorer in the commission of a cybercrime, the Internet Explorer application itself would not be considered crimeware.
Critical Infrastructure
The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment or any combination of these matters.
The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication and data origin authentication.
Cyber Crime
In its broadest definition, cybercrime includes all crime perpetrated with or involving a computer. Symantec defines it as any crime that is committed using a computer or network, or hardware device. The computer or device may be the agent of the crime, the facilitator of the crime, or the target of the crime. The crime may take place on the computer alone or in addition to other locations.
Cyber Space
The interdependent network of information technology infrastructures, that includes the Internet, telecommunications networks, computer systems and embedded processors and controllers.
Load More Terms