Risk Glossary

CASB

A cloud access security broker (CASB) is a security policy enforcement point that is deployed either on-premises or in the cloud.

Cloud Security

Cloud security is a type of cybersecurity that covers all aspects of securing a cloud environment against both external and insider cybersecurity threats. Cloud security protects cloud computing systems, including cloud data, applications, and infrastructure.

Data Breach

Data breaches are the leakage of an organization's sensitive information, including customer personally identifiable information (PII), intellectual property, and other sensitive data.

Data Exfiltration

Effective data exfiltration prevention requires an understanding of the reasons why someone with access to sensitive data is attempting to take it from the company.

Data Loss Prevention

Data loss prevention is vital to an organization because the theft or misuse of corporate data can harm the organization in a variety of different ways.

Data Security

Data security is the practice of protecting this data from unauthorized access and compromise. Organizations can use a variety of different tools and techniques to meet their data security needs.

Endpoint Security

Remote work impacts endpoint security because remote workers' computers are now outside the perimeter that organizations' perimeter-focused security solutions are designed to protect.

Incident Response

Incident response is the process of investigating and remediating a security incident. It should be based on a structured strategy that ensures that security incidents are managed correctly, consistently, and quickly.

Insider Risk

Insider Risk occurs when any data exposure (regardless of perceived data value or user intent) jeopardizes the well-being of an organization and its employees, customers or partners.

Insider Threat

Most organizations focus on potential cyber threats originating from outside of their networks. However, this isn’t the only potential source of risk to a company.

Insider Threat Program

An effective insider threat program balances the risks of insider threats with the needs of the company and its employees.

Intellectual Property Protection

Insider threats can have a number of different objectives and motivations. Learn the six most common types of insider threats.

Risk Management Framework

Insider threats can have a number of different objectives and motivations. Learn the six most common types of insider threats.

Shadow IT

Shadow IT is one of the trickiest issues facing IT and security leaders around the world – and one of the hardest to quantify. Some of the most innovative organizations are focusing on bringing it out of the shadows to empower employees and enable the business.

SIEM

By combining the functions of SIM and SEM, SIEM becomes a single solution for collecting and analyzing log and event data to identify trends, anomalies, vulnerabilities, and security incidents. It can also support security personnel in responding to these incidents.

Types of Insider Threat

Insider threats can have a number of different objectives and motivations. Learn the six most common types of insider threats.

Unstructured Data

Unstructured data comprises 80-90% of all data in our world today — and its exponential rate of growth far outpaces that of structured data.

Zero Trust

Under a zero trust model, access to resources is granted on a case-by-case basis based on access control rules and policies. This provides an organization with greater internal visibility and more granular control over its security.