Cyber Insurance & Security Glossary

The Internet Control Message Protocol (ICMP) is one of the key Internet protocols and is used by network devices such as routers to generate error messages to the source IP address when network problems prevent delivery of IP packets. Any IP network device has the capability to send, receive or process ICMP messages. This protocol is also used to relay query messages and is assigned protocol number 1.

Industrial Control System (IDC) is a collective term used to describe different types of control systems and associated instrumentation, which includes the devices, systems, networks, and controls used to operate and/or automate industrial processes.

The Internet Engineering Task Force (IETF) is a large open international community of network designers, operators, vendors, and researchers who are concerned with the evolution of the Internet architecture and its smooth operations. This body defines the standard Internet operating protocols such as TCP/IP. The IETF is supervised by the Internet Society Internet Architecture Board (IAB). The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols.

The Internet Message Access Protocol (IMAP) is a standard Internet protocol that is used by e-mail clients to retrieve e-mail messages from a mail server over TCP/IP. IMAP is defined by RFC 3501. An IMAP server typically listens on port number 143. IMAP over SSL (IMAPS) is assigned the port number 993.

sustained losses, paid or not, during a specified time period. Incurred losses are typically found by combining losses paid during the period plus unpaid losses sustained during the time period minus outstanding losses at the beginning of the period incurred in the previous period.

a general legal principle related to insurance that holds that the individual recovering under an insurance policy should be restored to the approximate financial position he or she was in prior to the loss. Legal principle limiting compensation for damages be equivalent to the losses incurred.

freelance contractor paid a fee for adjusting losses on behalf of companies.

a representative of multiple insurance companies who sells and services policies for records which they own and operate under the American Agency System.

an individual who is not employed for a company but instead works for themselves providing goods or services to clients for a fee.

an interest bearing fixed annuity tied to an equity index, such as the Dow Jones Industrial Average or S & P 500.

an annuity contract that provides an accumulation based on both (1) funds that accumulate based on a guaranteed crediting interest rates or additional interest rate applied to designated considerations, and (2) funds where the accumulation vary in accordance with the rate of return of the underlying investment portfolio selected by the policyholder. The contract provides for the initiation of payments at some designated future date.

an annuity contract that provides an accumulation based on both (1) funds that accumulate based on a guaranteed crediting interest rates or additional interest rate applied to designated considerations, and (2) funds where the accumulation vary in accordance with the rate of return of the underlying investment portfolio selected by the policyholder. The contract provides for the initiation of payments at some interval that may vary, however the annuity payouts must begin within 13 months.

makes monthly loan/credit transaction payments to the creditor upon the disablement of an insured debtor.

contracts sold in connection with loan/credit transactions or other credit transactions, which do not exceed a stated duration and/or amount and provide insurance protection against death.

health insurance where the policy is issued to an individual covering the individual and/or their dependents in the individual market. This includes conversions from group policies.

Industrial Control System (IDC) is a collective term used to describe different types of control systems and associated instrumentation, which includes the devices, systems, networks, and controls used to operate and/or automate industrial processes.

Industrial life insurance, also called "debit" insurance, is insurance under which premiums are paid monthly or more often, the face amount of the policy does not exceed a stated amount, and the words "industrial policy" are printed in prominent type on the face of the policy.

Inetd stands for Internet Service Daemon and is a super-server daemon on many Unix systems to manage several Internet services. This reduces the load of the system. This means that the network services such as telnet, File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP) can be activated on demand rather running continuously

An inference attack is a data mining technique used to illegally access information about a subject or database by analyzing data. This is an example of breached information security. Such an attack occurs when a user is able to deduce key or critical information of a database from trivial information without directly accessing it.

Information Warfare (IW) is primarily a United States Military concept that involves the use and management of information and communication technology in pursuit of a competitive advantage over an opponent. This concept may employ a combination of tactical information, assurance(s) that the information is valid, spreading of propaganda or disinformation to demoralise or manipulate the enemy and the public, undermining the quality of opposing force information and denial of information-collection opportunities to opposing forces.

Ingress filtering is used to ensure that all incoming packets (of data) are from the networks from which they claim to originate. Network ingress filtering is a commonly used packet filtering technique by many Internet service providers to prevent any source address deceiving. This helps in combating several net abuse or crimes by making Internet traffic traceable to its source.

Input Validations Attacks are when an attacker purposefully sends strange inputs to confuse a web application. Input validation routines serve as the first line of defense for such attacks. Examples of input validation attacks include buffer overflow, directory traversal, cross-site scripting and SQL injection

An insider threat is a malicious threat to an organization that comes from people within the organization.

A right or relationship in regard to the subject matter of the insured contract such that the insured can suffer a financial loss from damage, loss or destruction to it. (Bickelhaupt and Magee )

an economic device transferring risk from an individual to a company and reducing the uncertainty of risk via pooling

consists of two or more affiliated persons, one or more of which is an insurer.

a baseline solvency screening system for the National Association of Insurance Commissioners (NAIC) and state insurance regulators established in the mid-1970s.

Amount of insurance purchased vs. the actual replacement cost of the insured property expressed as a ratio.

party(ies) covered by an insurance policy

an insurer or reinsurer authorized to write property and/or casualty insurance under the laws of any state.

Integrity of a system or network is the assurance that information can only be accessed or modified by those who are authorized. Several measures are taken to ensure integrity. These include controlling the physical environment of networked terminals and servers, restricting access to data, and maintaining rigorous authentication practices. Data integrity can be threatened by environmental hazards, such as heat, dust, and electrical surges

Integrity Star Property means a user cannot access or read data of a lower integrity level than their own

a person, corporation or other business entity (not licensed as a medical provider) that arranges, by contracts with physicians and other licensed medical providers, to deliver health services for a health insurer and its enrollees via a separate contract between the intermediary and the insurer.

includes all business transacted outside the U.S. and its territories and possessions where the appropriate line of business is not determinable.

The Internet is the worldwide network of interconnected computers that use the Internet protocol suite (or TCP/IP) to link billions of devices across globally. It carries an extensive range of information resources and services, such as the inter-linked hypertext documents and applications of the World Wide Web (WWW), electronic mail, telephony, and peer-to-peer networks for file sharing

The Internet Control Message Protocol (ICMP) is one of the key Internet protocols and is used by network devices such as routers to generate error messages to the source IP address when network problems prevent delivery of IP packets. Any IP network device has the capability to send, receive or process ICMP messages. This protocol is also used to relay query messages and is assigned protocol number 1.

The Internet Engineering Task Force (IETF) is a large open international community of network designers, operators, vendors, and researchers who are concerned with the evolution of the Internet architecture and its smooth operations. This body defines the standard Internet operating protocols such as TCP/IP. The IETF is supervised by the Internet Society Internet Architecture Board (IAB). The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols.

Coverage for cyber commerce including copyright infringement, libel, and violation of privacy

The Internet Message Access Protocol (IMAP) is a standard Internet protocol that is used by e-mail clients to retrieve e-mail messages from a mail server over TCP/IP. IMAP is defined by RFC 3501. An IMAP server typically listens on port number 143. IMAP over SSL (IMAPS) is assigned the port number 993.

Internet of Things (IoT) is essentially everyday objects in your business or house that are connected to the Internet.

The Internet Protocol (IP) is a communication protocol that is used for relaying datagrams across network boundaries. It has routing function which enables inter-networking, and essentially establishes the Internet.

An Internet Standard (STD) is a normative specification (that is approved by the IESG and published as an RFC) of a technology or methodology applicable to the Internet. Internet Standards are created and published by the Internet Engineering Task Force (IETF). An Internet Standard is characterised by technical reliability and usefulness. The IETF also defines a proposed standard as a less mature but stable and well-reviewed specification

Worms are a form of malware that replicates across the Internet or local networks.

An Interrupt is a signal sent to the processor by hardware or software indicating an event that needs immediate attention.

An intranet is a private network accessible only to an organization's staff.

Unauthorized act of bypassing the security mechanisms of a network or information system.

Intrusion Detection is a security management system for computers and networks. An ID system gathers and analyses information a computer or a network to identify possible security breaches which include both intrusions and misuse. This system uses vulnerability assessment which is a technology developed to assess the security of a computer system or network.

Intrusion Prevention System (IPS) is a network security system designed to prevent malicious activity.

The obligation has been determined to be in one of the top four generic lettered rating classifications by a securities rating agency acceptable to the commissioner, that the obligation has been identified in writing by such a rating agency to be of investment grade quality, or, if the obligation has not been submitted to any such rating agency, that the obligation has been determined to be investment grade (Class 1 and Class 2) by the Securities Valuation Office of the National Association of Insurance Commissioners.

investment income earned as of the reporting date but not legally due to be paid to the reporting entity until subsequent to the reporting date.

investment income earned and legally due to be paid to the reporting entity as of the reporting date

shall be recorded as earned and shall include investment income collected during the period, the change in investment income due and accrued, the change in unearned investment income plus any amortization (e.g., discounts or premiums on bonds, origination fees on mortgage loans, etc.)

Internet of Things (IoT) is essentially everyday objects in your business or house that are connected to the Internet.

The Internet Protocol (IP) is a communication protocol that is used for relaying datagrams across network boundaries. It has routing function which enables inter-networking, and essentially establishes the Internet.

An Internet Protocol address (IP address) is a logical numeric address that is assigned to a device that is part of a TCP/IP-based network.

An Internet Protocol address (IP address) is a logical numeric address that is assigned to a device that is part of a TCP/IP-based network.

Intrusion Prevention System (IPS) is a network security system designed to prevent malicious activity.

Internet Protocol Security (IPSec) is a framework of open standards for ensuring private, secure communications over Internet Protocol (IP) networks, through the use of cryptographic security services.