To truly dominate in the IT security field, its vital to be able to 'talk the talk' - the rest can come later.
What follows is an insiders guide to help you apply the right terminology at the right time. Many people tie themselves up in knots with poor use of IT security terminology. Frankly, there's a lot of misunderstanding out there.
Cut through the fog with this helping list. Impress you peers!
24/7
The window of time in which systems are most vulnerable to attack.
BC/DR (Business Continuity/Disaster Recovery Planning)
An alternate spelling for "CISO".
Biometrics
Strong authentication mechanism that streamlines insider attacks.
Business case
A creative writing project, the quality of which is directly proportional to your security budget.
Confidentiality, integrity and availability
The three great myths of the Internet Age.
Cryptography
The science of applying a complex set of mathematical algorithms to sensitive data with the aim of making Bruce Schneier exceedingly rich.
Cybercrime
Crime.
Downtime
Refers to computer systems' natural state; the opposite of anticipated downtime.
E-Commerce
A historical fad (fashion) from the late '90s meant to generate hundreds of billions of dollars in new profits; the inciting factor that generated hundreds of billions of dollars being spent on security products.
Firewalls
Speed bumps.
Hackers
Self-righteous crackers.
Help desk
A place where rude people read instruction manuals to confused people over the phone, for a fee.
Identity theft
The transfer of your personally identifying information from corporations that want to exploit it to hackers who want to exploit it.
Intrusion Detection Systems (IDS)
Log file generators.
JOOTT ("jute")
Acronym for Just One Of Those Things; the primary explanation for most information security problems.
Laptop
A computer designed to allow employees to easily store vast amounts of customer data in the backseat of a taxicab.
Logging
The practice of filling shelves with printouts.
Logical security
A goal; also, an oxymoron (contradition).
Mission critical
Term used to help hackers identify their targets.
Non-repudiation
The opposite of repudiation; repudiation, only not.
O.S. hardening
An attempt to secure your operating system against the next hack by closing the hole used by the previous one
Passwords
Authentication tool that, when properly implemented, drives growth at the help desk
Patching
A mandatory fool's errand.
Pharming and phishing
Ways to obtain phood (i. e. food).
PKI (Public-Key Infrastructure)
A system designed to transfer all of the complexities of strong authentication onto end users.
Regression testing
The process by which you learn how the patches that fixed your system also broke your system.
Road warriors
Traveling employees responsible for delivering malicious code back to headquarters.
Scope creep
Stage three of the standard software development model.
Security administrator
Firefighter.
Security officer
Fall guy.
Total Cost of Ownership (TCO)
In security, an incalculable number always equal to or greater than the budget.
Upgrade
The process by which you introduce new vulnerabilities into software.
Virus
Sort of like a worm, but not exactly.
Worm
Similar to a virus, but different.
Zombie
See "Distributed Denial of Service".
From Comunidade ISMS PT
Posts
0 comments:
Post a Comment