Information Security Glossary - M - P

Glossary – M

Macro Virus – A program stored on a computer that can automate tasks and can be easily accessed by a hacker. 

Malware – Short for malicious software, is software used or created by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems. 

Mandatory Access Control – A type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target. 

Measure of Risk – The combination of the likelihood and impact of a threat exploiting a vulnerability. 

Glossary – N

National Institute of Standards & Technology (NIST) – Part of the US Department of Commerce NIST offers over 1,300 Standard Reference Materials (SRMs). 

Need To Know Principle – The need to know principle can be enforced with user access controls and authorisation procedures and its objective is to ensure that only authorised individuals gain access to information or systems necessary to undertake their duties. 

Network – A connected group of computers linked via the web. 

NIS Directive – Network Information Systems Directive is a regulation designed to improve cyber resilience. 

NIST – National Institute of Standards and Technology (US). 

Non-repudiation – The term used to prevent a person or persons fro denying that they accessed or altered data. 

Glossary – O

Outsider Threat – An individual or group that access or have the ability to access assets of an organisation. 

Outsourcing – Using the services of another organisation to complete tasks within your own. 

Glossary – P

Penetration Test – A method of evaluating the computer security of a computer system or network by simulating an attack from malicious outsiders and malicious insiders. 

Personal Data – Information that, on its own or together with other information to which the organisation is likely to have access, can uniquely identify a living individual. 

Phishing – The act of attempting to deceive an individual into revealing personal information that they wouldn’t ordinarily divulge. 

Policy – A mandatory set of statements relating to a specific subject. 

Procedure – A mandatory set of instructions to be followed. 

Glossary Index:

 A - C,    D - G,    H - L,    M - P,    Q - R,    S - Z.

ISMS.online is the fast and simple way to ISO 27001 certification

ISMS Online Rating: 5 out of 5
Share This