Centraleyes’s Glossary
A-Z guide to commonly used cybersecurity terms and phrases
Â
- Yair Solow Featured on Bugy's Founder Interviews
- Centraleyes Chosen as Global Top 5 Startups of the Year - Interview
- Centraleyes on Cyber Ghost: Interview with Yair Solow
- Spotlight Q&A with Centraleyes at Safety Detectives
- Centraleyes Expands Automated Risk Register To Cover All Enterprise Risk
- New Centraleyes 4th Generation Release Officially Goes Live
- Yair Solow Featured on VPN Mentor
- Yair Solow on CNN
- CyGov Signs a Strategic Agreement with R3 (Spanish)
- Centraleyes Welcomes Co-Founder of Optiv, Dan Burns, to Its Board of Directors
- Centraleyes Continues to Expand Its Global Network of Strategic Partners with UK-based ITC Secure
- Centraleyes Introduces First Automated Risk Register
- Yair Solow Featured on Website Planet
- Trevor Failor named head of sales at CyGov
- CyGov is rebranding its platform as Centraleyes
- Cybersecurity Company Cygov Partners With Risk Management Company Foresight
- CyGov agrees strategic partnership with top 200 MSSP Cybriant
- Cyber Resilience Resource for Businesses Re-Deploying Remotely
- The Four New Pillars of Corporate Protection Yair Solow on InfoSecurity Magazine
- CyGov selected by SixThirty as Top Cyber Security Startup
- Europe's Top Cyber Security Startups
- CyGov Interviewed by MediaSet
- Eli Ben Meir's article in Security Intelligence
- Yair Solow on i24 News
- CyGov Selected by WorldBank
- Eli Ben Meir OpEd in the Houston Chronicle
- Yair Solow and Eli Ben Meir Present at the SparkLabs Demoday 8
- Enhance Your Cyber Maturity With ITSM Integration and Automated Remediation
- Ensure Your Ongoing Compliance With Automatic Framework Reassessment Tasks
- Stay in the Know With a Full Activity Log of Your Assessment Collection
- Add a New Entity to Perform Your Assessment in 10 Seconds
- Quantify Financial Risk With Centraleyes Platform Primary Loss Calculator
- Cover Your Entire Environment With Centraleyes's Risk Application Assessments
- Communicate Cyber Risk With Your Executives in an Intuitive, Beautifully Visualized Board Reporting
- Stay on Top of Your Vendors' Cyber History With In-Depth External Scans
- Automate the Creation and Maintenance of a Risk Register, Saving Hours on Manual Work
- Add a New Framework and Distribute Assessments in Your Organization
- View Your Organization's Risk Scoring Through the NIST Tiering Lens
- Most Intuitive Way for Compliance With the Framework Navigation Tool
- Always Prepared for the Next Task With Automated Remediation
- Effective Team Work With Drag-and-Drop Control Assignment
- Get Real-Time Critical Alerts That are Specifically Relevant to You
- MSSPs Can Manage Multiple Clients Under One Platform
- Onboard a New Vendor in Just 30 Seconds
- Turn Hours of Work Into Seconds with Centraleyes Vendor Risk Profile
- Always Informed with Centraleyes Domain Benchmarking
- Is Temu the Next TikTok? House Republicans Sound the Alarm on Data SecurityÂ
- Hackers Target Cybersecurity Job Seekers
- UK Data Centres Crowned Critical National Infrastructure
- White House and CISA Double Down on Securing Open Source Software: A New Era of Vigilance
- Massive Data Breach Exposes Personal Information of Billions
- Whistle While You Work
- Delta’s Mirror Moment: A Play of Third-Party Reflection
- The Great Cyber Debate: Regulation vs. Innovation
- CrowdStrike Outage
- How is "Materiality" Defined According to the SEC Disclosure Rules?
- Balancing Act: Streamlining Federal Cybersecurity RegulationsÂ
- Auto Sales Hit a Cyber SpeedbumpÂ
- Explainer: The CDK Global Ransomware Attack
- ​​Micro-Managed: AMD Investigates IntelBroker HackÂ
- Microsoft Puts Recall on Hold
- Snowflake Breach Snowballs
- Game Over? Law Enforcement Plays Hardball in Operation Endgame
- Cybersecurity in Sports: A New Arena for Risk Management
- Boeing's Sky-High Ransomware Refusal
- What was Behind the Change Healthcare Breach that Shook the Healthcare Industry?
- Cisco Raises Concerns Over Surge in Brute-Force Attacks Targeting VPN and Web Services
- Bipartisan Proposal Sparks Hope for American Privacy Rights Act
- Microsoft Responsible for Made-in-China Hack that Targeted US Officials
- AI Gets an Endorsement from Coalition
- NIST NVD "Under Construction"
- TutaCrypt to Thwart 'Harvest Now, Decrypt Later' Attacks
- 9.8/10 Severity Flaw in Team City- Patch Now!
- Blackcat Claims Responsibility for the UnitedHealth Change Breach
- US Gov's Cyber Survival Guide for Water Utilities
- Safeguarding Elections Amidst the Deepfake Deluge
- Faking the Figures (and the Faces): Deepfake Financial Frauds
- Trello Got a Scrape
- Advisory Issued for Androxgh0st Malware
- X Marks the Spot: Mandiant and SEC's Security Sway on Twitter
- Quantum Quandary: Navigating the Path to Unbreakable Encryption
- Chameleon Android Banking Trojan Morphs with Advanced Tactics, Expands Targets
- Ubiquiti Resolves User Access Bug
- The U.S. Needs a Better AI Plan
- Navigating the Cyber Currents: Ensuring a Watertight Critical Infrastructure
- Dollar Tree Breach: Supplier Roots Sprout Risks
- How to Build a Successful GRC Program to Help Reduce Your Risk Posture
- How to Stay Secure and Compliant in a World of Regulatory turmoil
- Don’t Keep Your Head in the Clouds – How to Protect Yourself from Virtual Risk
- Flash Webinar: How to Know When it's Time to Build a Risk Management Program
- Enhancing Cyber Risk Management Through the Power of Automation - Boutique Webinar
- Flash Webinar: From Technical to Business Risk - How to Communicate With Your Board
- Flash Webinar: What You Can Learn From the SolarWinds Attack to Lower Your Chances of Being Breached
- Flash Webinar: Supply Chain, 3rd-Party Vendors and the Silent Assassin Among Them
- Flash Webinar: Cyber Risk Management - it Doesn't Have to Be So Painful
- 2024's Best Open Source Cybersecurity Tools
- Understanding Corporate Compliance Programs and Their Importance for Every Organization
- Importance of AI Governance Standards for GRC
- Comparing Compliance Management Software: Key Features and How They Stack Up
- An Introduction to the Hawaii Consumer Privacy Protection Act
- FAIR Model Risk Management - Pros and Cons
- Mastering the Art of GRC Reporting: Essential Tips fo Engaging the Board
- Best 10 Regulatory Change Management Software of 2024
- Harnessing the Power of GRC Software for Enhanced Business Resilience and Compliance
- FFIEC Will Sunset the Cybersecurity Assessment Tool: Everything You Need to be Prepared
- FIPPA: Understanding Canada's Information and Protection Privacy Law
- Understanding British Columbia's Personal Information Protection Act (PIPA)
- 10 Best ERM Software in 2024: The Complete Guide
- New Jersey Privacy Act 2024: What to Expect
- Risk Register Templates: Enhancing Your Risk Management Strategy
- Colorado New AI Act: Everything you Need to Know
- Updating Security Metrics For NIST CSF 2.0: A Guide To Transitioning From 1.0 To 2.0
- When Compliance Fails: Eye-Opening Incidents in GRC You Need to Know
- CJIS Compliance Checklist: Are You Meeting All the Requirements?
- Substantive Testing vs. Control Testing: Unveiling the Difference
- DORA's Third-Party Risk Standards in 2024: A Comprehensive Guide
- The Key Components of HRIPA Compliance
- 7 Methods for Calculating Cybersecurity Risk Scores: A Guide to Risk Analysis
- 7 Best Cyber Risk Management Platforms of 2024
- The Top 7 AI Compliance Tools of 2024
- Best 5 SOC 2 Compliance Software in 2024
- ISO/IEC 42001: What You Need to Know
- 10 Best Integrated Risk Management Solutions
- Best 8 Vulnerability Management Tools for 2024
- How to Select a Qualified SOC 2 Auditor
- Maximizing Cloud Data Security: Importance, Challenges and Best Practices
- Best Strategies to Reduce Generative AI Risk
- The Best 10 Vendor Risk Management Tools
- Comprehensive Guide to AI Risk Assessment and Regulatory Compliance
- The American Privacy Rights Act: What You Need to Know
- Top Cybersecurity Websites and Blogs for Compliance in 2024
- What is the Massachusetts Data Privacy Law (MIPSA)?
- AI Auditing: Ensuring Ethical and Efficient AI Systems
- Best Practices in Audit Management Process
- Best 11 Third-party Risk Management Software in 2024
- Cyber Leaders of the World: Chris Lockery, CISO at Help at Home
- Cyber Leaders of the World: Michael Anderson, CISO at the Dallas Independent School District
- Cyber Leaders of the World: Timothy Spear, Co-Founder and CTO of Whonome
- Cyber Leaders of the World: Marc Johnson, CISO at Impact Advisors
- Cyber Leaders of the World: Craig Williams, CISO at Secure Data Technologies
- Cyber Leaders of the World: Bill Genovese, CIO Advisory Partner at Kyndryl
- Cyber Leaders of the World: Dr. Brian Callahan, Graduate Program Director & Lecturer at ITWS@RPI, and CISO at PECE
- Cyber Leaders of the World: Chris Grundemann, Research Category Lead for Security and Risk at GigaOm
- Cyber Leaders of the World: Barak Blima, CISO at CHEQ
- Cyber Leaders of the World: Tony Velleca, CEO at CyberProof and CISO at UST
- Cyber Leaders of the World: Rob Black, CEO and Founder of Fractional CISO
- Cyber Leaders of the World: Zachary Lewis, CISO at the University of Health Sciences and Pharmacy in St. Louis
- Cyber Leaders of the World: Dan Wilkins, CISO at the State of Arizona
- Cyber Leaders of the World: Sagar Narasimha, CISO at Amagi
- Cyber Leaders of the World: Seema Sharma, Global Head of Information Security & Data Privacy at Servify
- Cyber Leaders of the World: Shay Siksik, VP of Customer Experience at XM Cyber
- Cyber Leaders of the World: Raz Karmi, CISO at SimilarWeb
- Discretionary Access Control (DAC)
- Covered Defense Information (CDI)
- AI Secure Development
- Approved Scanning Vendor (ASV)
- Law Enforcement Sensitive (LES)
- Content Delivery & Security Association
- Report on Compliance (ROC)
- OT Cyber Risk Framework
- Unified Privacy Framework
- Â Data Subprocessor
- Threat-Based Risk Assessment
- Semi-Quantitative Risk Assessment
- Vulnerability-Based Risk Assessment
- Risk Management Strategy
- Authorization to Operate (ATO)
- StateRAMP
- Segregation of Duties
- PCI Penetration Testing
- Due Diligence Questionnaire
- Key Risk Indicator
- AI Policy
- TISAX
- COPPA
- AI Risk Management
- AI Auditing
- Data Exfiltration
- Data Sovereignty
- Control Objectives for Information and Related Technologies (COBIT)
- Audit Management Software
- Vendor Framework
- AI Governance
- AI Transparency
- Internal Penetration Testing
- Cybersecurity Automation
- GDPR Compliance Risk Assessment
- Audit Fatigue
- Compliance Operations
- Risk Management Automation
- Corporate Sustainability Reporting Directive
- Man-in-the-Middle Attack
- What are the different types of compliance management tools?
- How long does SOC 2 compliance take?
- What are the Differences Between Internal and External Penetration Testing?
- What is the difference between proactive and reactive risk management?
- Why is a data retention policy important?
- What is the operational risk management process?
- How to implement the COSO framework?
- How do you perform a cyber security risk assessment?
- How to develop an enterprise risk management framework?
- How do you respond to a security questionnaire?
- What are the main steps in the threat modeling process?
- What exactly is considered PHI according to HIPAA?
- What does the PCI Compliance Auditor Look At?
- How to Detect and Prevent Data Leakage?
- What are the Challenges Associated with Cloud Security Management?
- How Many Techniques Are There in MITRE Att&ck?
- What Are the Benefits of Conducting a Risk Assessment?
- What are the categories of controls in ISO 27001?
- How Does ABAC Differ From Other Access Control Models?
- What Does a Compliance Management System Look Like?
- What Are the NIST CSF Implementation Tiers?
- What is the Purpose of Compliance Attestation?
- How do I become NIST 800-171 compliant?
- Why are the three rules of HIPAA necessary?
- What are the seven categories of risk?
- What are the Six Types of Vulnerability Scanning?
- Which are the most important compliance frameworks?
- How do you implement GRC automation?
- How Can I Measure the ROI of Implementing a Compliance Solution?
- How do you determine whether HIPAA violations need to be reported?
- What are the three major threats to cybersecurity today?
- How Do You Manage Compliance Risk?
- How Does a GRC platform handle data privacy and security?
- How Often Should Supplier Risk Assessments Be Conducted?
- How is a SOC 2 Report Structured?
- What Are the Major Risk Factors in Cyber Security?
- How Do You Read a Risk Matrix Table?
- What is the Risk Rating Matrix Used For?
- What are the Benefits of Risk Assessment Software?
- How does the CMMC differ from NIST?
- Last Resources
Resources | Glossary
What is Discretionary Access Control (DAC)? Discretionary Access Control (DAC) is one of the simplest and most flexible access control
What is CDI (Covered Defense Information)? Covered Defense Information (CDI) refers to unclassified information that requires protection due to its
What is AI Secure Development? AI secure development means ensuring security is part of the AI development process from the
What is an Approved Scanning Vendor? An Approved Scanning Vendor (ASV) is a company or organization that has been certified
Not all sensitive information is classified at the highest levels in the law enforcement sector. Some of it falls into
The Content Delivery & Security Association (CDSA) has long been a cornerstone in the media and entertainment industries. It ensures
A Report on Compliance (ROC) is a detailed document that outlines an organization’s adherence to the Payment Card Industry Data
What is an OT Cyber Risk Framework? An OT Cyber Risk Framework is a structured approach designed to identify, assess,
Navigating today’s U.S. privacy regulations is like trying to solve a Rubik’s Cube without a handbook. Except instead of matching
What is a Data Subprocessor? A Data Subprocessor is a third party engaged by a Data Processor to assist with
What is a Threat-Based Risk Assessment? Threat-Based Risk Assessment is an approach that incorporates real-time threat intelligence into the risk
Various methodologies are employed to identify, evaluate, and mitigate risks. Among these methodologies, semi-quantitative risk assessment combines elements of both
What is Vulnerability-Based Risk Assessment? A vulnerability-based risk assessment is a structured process designed to identify, evaluate, and address vulnerabilities
What is a Risk Management Strategy? A risk management strategy is a structured approach to identifying, assessing, and mitigating risks
What is an ATO? An ATO is a hallmark of approval that endorses an information system for use within a
What is StateRAMP? In 2011, the Federal Risk and Authorization Management Program (FedRAMP) laid the groundwork for a standardized assessment
What is the Segregation of Duties? Segregation of duties (SoD) is like a game of checks and balances in the
The March 31, 2024, deadline for PCI 4.0 has already passed, and organizations must be updated with the new regulation.
What is a Due Diligence Questionnaire (DDQ)? When companies evaluate a potential vendor or M&A transaction, they’ll use due diligence
What is a Key Risk Indicator? According to Cobit 5, KRIs are metrics that provide insight into an enterprise’s level
What are AI Policies? AI policies serve as a guiding framework for organizations, delineating the principles, guidelines, and procedures governing
What is TISAX? TISAX is a standard evaluation and exchange process for the automotive industry. It uses the ISA security
The Children’s Online Privacy Protection Act (COPPA) is a federal law in the United States that safeguards children’s online privacy.
Advancements in generative AI technologies, such as GPT-3 and DALL·E, have accelerated global AI adoption. While businesses implement AI to
What is an AI Audit? AI audits determine whether an AI system and its supporting algorithms follow secure, legal, and
What Is Data Exfiltration? Data exfiltration is the unauthorized removal or moving of data from or within digital devices. Data
What is Data Sovereignty? Data sovereignty asserts that digital data is subject to the laws of the country in which
What is Control Objectives for Information and Related Technologies (COBIT)? COBIT 5, developed by the Information Systems Audit and Control
What is Audit Management Software? Audit management software is the cornerstone of organizations’ efficient audit oversight, governance, and procedural management.
What is a Vendor Framework? In today’s turbo-charged business world, we’re all about connections, which means relying on third-party vendors