Get started

Data Security and Cloud Computing

• evil maid attack

  An evil maid attack is a security exploit that targets a computing device that has been shut down and left unattended.  An evil maid attack is characterized by the attacker's ability to physically access the target multiple times without the owner's... Continue Reading

• What is included in the mPOS security standard from PCI SSC?

  The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help. Continue Reading

• Common Body of Knowledge (CBK)

  In security, Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices. Continue Reading

• Metamorphic virus

  A metamorphic virus is a type of malware that is capable of changing its code and signature patterns with each iteration. Continue Reading

• vulnerability assessment (vulnerability analysis)

  A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures and providing the organization doing the assessment with the necessary ... Continue Reading

• Definitions to Get Started

  • Port Scan
  • DMZ (networking)
  • quantum supremacy
  • Web application firewall (WAF)

  • spyware
  • application whitelisting
  • botnet
  • identity provider

  View All Definitions

• Self-sovereign identity: How will regulations affect it?

  Will laws like GDPR and PSD2 force enterprises to change their identity management strategies? Expert Bianca Lopes talks regulations, self-sovereign identity and blockchain.Continue Reading

• Cybersecurity defense in depth means more than ticking boxes

  F-Secure's Tom Van de Wiele explains the realities of cybersecurity defense in depth, and why companies need to have the right attitude to defend against cyberattacks.Continue Reading

• How to do risk management in cybersecurity using ERM

  Perfect security is impossible, but using risk management in cybersecurity using a range of strategies can significantly reduce your organization’s risk.Continue Reading

• Cyber-risk strategies and models for a post-perimeter age

  Cyber-risky business: The notion of the security perimeter has grown quaint. If a firewall is insufficient, where does IT turn to answers on how to protect assets?Continue Reading

• cyberextortion

  Cyberextortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack.Continue Reading

• National Security Agency (NSA)

  The National Security Agency is the official U.S. cryptologic organization of the United States Intelligence Community under the Department of Defense.Continue Reading

• unified threat management (UTM)

  A unified threat management (UTM) system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and ...Continue Reading

• Becoming a cybersecurity professional: What are the options?

  A cybersecurity professional has several options for their career path. Expert Ernie Hayden reviews the cybersecurity career track options and what skills are required for each one.Continue Reading

• How the Mirai botnet changed IoT security and DDoS defense

  It seemed that no IoT device was safe from the Mirai botnet when it took down major enterprises and internet infrastructure providers with massive DDoS attacks.Continue Reading

• Software security training: Perspectives on best practices

  Software development training with an emphasis on secure coding can improve enterprise security postures. Steve Lipner of SafeCode discusses different ways to get the job done.Continue Reading