Glossary: C -TEISS® : Cracking Cyber Security

Glossary / Glossary: C

Glossary: C

1-10 a b c d e f g h i j k l m n o p q r s t u v w x y z

Cache Part of a computer’s memory that stores data about previous activity such as the text and images in a web page that was visited earlier; designed to speed up loading speed
Cache cramming Deliberately uploading malicious software to a computer’s cache where it will be able to run with fewer checks (and so will be hard­er to detect and prevent) than would happen were the malicious code located externally
Cache poisoning See DNS Cache poisoning
Chief Information Officer (CIO) The person responsible for digital technology within an organisa­tion; generally responsible for IT security unless a separate CISO (qv) is employed
CIA In cyber security: Confidentiality, Integrity, Access - the three main requirements underpinning secure information
CIO See Chief Information Officer
CIRC Computer Incident Response Centre or Computer Incident Response Capability. See CSIRT
CIRT See Computer Incident Response Team
CISO Chief Information Security Officer, responsible for maintaining the confidentiality of, integrity of, and access to an organisation’s information
Clear desk policy A policy that directs all personnel to clear their desks at the end of each working day, and file everything appropriately. The policy is often intended to ensure that sensitive papers and documents are not exposed to unauthorized persons (such as cleaners and secu­rity guards) outside working hours
Clear screen policy A policy that directs employees who are computer users to ensure that the contents of the screen are protected from prying eyes. Typically, a screen saver that is shown after specified short period of time is used. See also Shoulder Surfing.
Cloud computing The use of a network of remote computers hosted on the internet (as opposed to computers located in an organization’s offices) to store and process data; the remote computers may be owned by the organisation but are typically owned by a third party and shared with other cloud users
Code injection The technique of adding malicious code to websites or computer programmes to alter the way they work. See SQL injection
Command and control centre A computer that is used to control a network of zombie computers or bots (qv) in order to launch attacks such as DDoS (qv) attacks
Computer forensics See Forensics
Computer Incident Response Team (CIRT) The team tasked with investigating cyber security incidents, analyzing them, communicating with stakeholders, and repairing any damage
Computer security incident See Incident
Confidentiality The restriction of access to information; an essential part of cyber security. See CIA
Consequential risk A risk that is the consequence of another risk; thus there may be a consequential risk to reputation as a result of a direct risk to information security
Cookie A small file that is downloaded by some websites to store information on your browser e.g. to remember your preferences or even your login details. While convenient, cookies also present potential security issues
Cracker An individual who tries to gain unauthorised access to an information system
Cross site scripting See XSS
Cryptanalysis Techniques designed to circumvent information encryption, used when the identity of the key employed in the encryption is not known
Cryptography The process of protecting information by turning it into a code or cipher
Cryptolocker A common type of ransom-ware
CSIRT Computer Security Incident Response Team. A multi-skilled team set up for the purpose of assisting in responding to computer security-related incidents; the team is likely to include an incident response leader, a communications leader, a digital forensics (qv) leader, and a damage containment lead
CSO Chief Security Officer, sometimes a title equivalent to CISO (qv) but often a title given to the person responsible for physical security in an organisation
Cyber Relating to, or characteristic of, the culture of computers and digital technology
Cyber attack See Attack
Cyber bullying Sending or posting cruel or threatening or images using the Internet or digital communication devices
Cyber incident See Incident
Cyber resilience An organisation’s ability to recover from any damage caused by cyber security incidents (qv); with cyber security in practice impossible to guarantee cyber resilience is an extremely important concept
Cyber risk The possibility of an event originating from cyberspace (qv) that may have a negative impact on an organisation; also the possibility of any event that may have a damaging impact on an organisation’s computers, networks and digitised information and data
Cyber security A general term referring to the overall security in terms of confi­dentiality, access, integrity, reputation and value, of digital infor­mation, systems and other assets; related to but not the same as Information security (qv)
Cyber weapon Malicious software designed to be used for military or intelligence gathering purposes against a national target
Cyberspace The always-on, technologically interconnected world consisting of people, organisations, information, software and machines, sometimes called the Internet

Most Popular