Information Security Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing IT security and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

Browse Definitions
Search Definitions
  • C

    CSR (Certificate Signing Request)

    A Certificate Signing Request or CSR is a specially formatted encrypted message sent from a Secure Sockets Layer (SSL) digital certificate applicant to a certificate authority (CA) validating the information required by the CA in order for it to issue a certificate.

  • CSSLP (certified secure software lifecycle professional)

    The CSSLP (certified secure software lifecycle professional) is a certification for security professionals who wish to strengthen and demonstrate their knowledge about application security.

  • cut-and-paste attack

    A cut-and-paste attack is an assault on the integrity of a security system in which the attacker substitutes a section of ciphertext (encrypted text) with a different section that looks like (but is not the same as) the one removed.

  • CVSS (Common Vulnerability Scoring System)

    The CVSS (Common Vulnerability Scoring System) rates the severity of software vulnerabilities so organizations are able to prioritize mitigation.

  • cyber attribution

    Cyber attribution is the process of tracking, identifying and laying blame on the perpetrator of a cyberattack or other hacking exploit.

  • Cyber Storm

    Cyber Storm is the name of a simulated attack exercise conducted by the U.S. Department of Homeland Security (DHS) February 6-10, 2006 to evaluate whether or not the country could withstand a real attack of similar magnitude...

  • cybercrime

    Cybercrime is any criminal activity that involves a computer, networked device or a network.

  • cyberextortion

    Cyberextortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack.

  • cybersecurity

    Cybersecurity is the protection of internet-connected systems -- including hardware, software and data -- from cyberattacks.

  • cyberstalking

    Cyberstalking is a crime in which the attacker harasses a victim using electronic communication, such as e-mail or instant messaging (IM), or messages posted to a Web site or a discussion group.

  • cyberterrorism

    According to the U.S. Federal Bureau of Investigation, cyberterrorism is any 'premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents.'

  • cyberwarfare

    Cyberwarfare is computer- or network-based conflict involving politically motivated attacks by a nation-state on another nation-state.

  • cypherpunk

    Cypherpunk, a term that appeared in Eric Hughes' "A Cypherpunk's Manifesto" in 1993, combines the ideas of cyberpunk, the spirit of individualism in cyberspace, with the use of strong encryption (ciphertext is encrypted text) to preserve privacy.

  • D

    data breach

    A data breach is a confirmed incident in which sensitive, confidential or otherwise protected data has been accessed and/or disclosed in an unauthorized fashion.

  • Data Encryption Standard (DES)

    The Data Encryption Standard (DES) is an outdated symmetric-key method of data encryption.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close