Risk Glossary

CASB

A cloud access security broker (CASB) is a security policy enforcement point that is deployed either on-premises or in the cloud. Learn more →

Cloud Security

Cloud security is a type of cybersecurity that covers all aspects of securing a cloud environment against both external and insider cybersecurity threats. Cloud security protects cloud computing systems, including cloud data, applications, and infrastructure. Learn more →

Data Breach

Data breaches are the leakage of an organization's sensitive information, including customer personally identifiable information (PII), intellectual property, and other sensitive data. Learn more →

Data Exfiltration

Effective data exfiltration prevention requires an understanding of the reasons why someone with access to sensitive data is attempting to take it from the company. Learn more →

Data Loss Prevention

Data loss prevention is vital to an organization because the theft or misuse of corporate data can harm the organization in a variety of different ways. Learn more →

Data Security

Data security is the practice of protecting this data from unauthorized access and compromise. Organizations can use a variety of different tools and techniques to meet their data security needs. Learn more →

Endpoint Security

Remote work impacts endpoint security because remote workers' computers are now outside the perimeter that organizations' perimeter-focused security solutions are designed to protect. Learn more →

Incident Response

Incident response is the process of investigating and remediating a security incident. It should be based on a structured strategy that ensures that security incidents are managed correctly, consistently, and quickly. Learn more →

Insider Risk

Insider Risk occurs when any data exposure (regardless of perceived data value or user intent) jeopardizes the well-being of an organization and its employees, customers or partners. Learn more →

Insider Threat

Most organizations focus on potential cyber threats originating from outside of their networks. However, this isn’t the only potential source of risk to a company.  Learn more →

Insider Threat Program

An effective insider threat program balances the risks of insider threats with the needs of the company and its employees. Learn more →

Intellectual Property Protection

Insider threats can have a number of different objectives and motivations. Learn the six most common types of insider threats. Learn more →

Risk Management Framework

Insider threats can have a number of different objectives and motivations. Learn the six most common types of insider threats. Learn more →

SIEM

By combining the functions of SIM and SEM, SIEM becomes a single solution for collecting and analyzing log and event data to identify trends, anomalies, vulnerabilities, and security incidents. It can also support security personnel in responding to these incidents. Learn more →

Types of Insider Threat

Insider threats can have a number of different objectives and motivations. Learn the six most common types of insider threats. Learn more →

Zero Trust

Under a zero trust model, access to resources is granted on a case-by-case basis based on access control rules and policies. This provides an organization with greater internal visibility and more granular control over its security. Learn more →