Cyber Insurance & Security Glossary

IP Flood is a type of Denial of Service attack where the victim or system is flooded with information that uses up all the available bandwidth and preventing legitimate users from access. When IP Flood Detection is enabled, the router has the ability to block malicious devices that are attempting to flood devices.

IP forwarding is also known as Internet routing which is a process used to determine which path a packet or datagram will be sent.

IP Spoofing is also known as IP address forgery or a host file hijack. It is a hijacking technique where a hacker impersonates as a trusted host to conceal his identity, spoof a Web site, hijack browsers, or gain access to a network.

Intrusion prevention systems (IPS) monitor network and systems for malicious activity.

IPsec authenticates and encrypts each Internet Protocol (IP) packet of a communication session.

a life insurance policy beneficiary who has a vested interest in the policy proceeds even during the insured's lifetime because the policy owner has the right to change the beneficiary designation only after obtaining the beneficiary's consent.

The International Organization for Standardization (ISO) is an international standard-setting body that is composed of voluntary representatives from various national standards organizations.

An Issue-Specific Policy is intended to address specific needs within an organization, such as a password policy.

The ITU Telecommunication Standardization Sector (ITU-T) is one of the three sectors of the International Telecommunication Union (ITU). It coordinates standards for telecommunications. The International Telegraph and Telephone Consultative Committee (CCITT, from French: Comité Consultatif International Téléphonique et Télégraphique) was created in 1956, and was renamed ITU-T in 1993. ITU became a United Nations specialized agency in 1947.

Jitter is any deviation in, or displacement of, the signal pulses in a high-frequency digital signal. The aberration can be in amplitude, phase timing, or the width of the signal pulse. Jitter is sometimes referred to as “Packet Delay Variation,” or PDV. Controlling jitter is critical for a good online experience.

retirement plan that continues to payout so long as at least one, of two or more, annuitants is alive.

an annuity contract that ceases upon the death of the first of two or more annuitants.

a loss-sharing mechanism combining several insurance companies to provide extra capacity due to type or size of exposure.

A Jump Bag is a container that has all the items necessary to respond to an incident inside to help mitigate the effects of delayed reactions.

Kerberos is a computer network authentication protocol and is ticket-based allowing nodes to communicate over a non-secure. Massachusetts Institute of Technology (MIT) developed the Kerberos to protect network services provided by the Project Athena. This protocol is based on the earlier Needham–Schroeder symmetric key protocol. Kerberos protocol messages are protected against snooping and replay attacks

The kernel is an essential center of a computer operating system, the core that provides basic services for all other parts of the operating system. A synonym is nucleus. A kernel can be contrasted with a shell, the outermost part of an operating system that interacts with user commands. Kernel and Shell are terms used more frequently in Unix operating systems than in IBM mainframe or Microsoft Windows systems

Every digital certificate has a pair of associated cryptographic keys. This pair of keys consists of a private key and a public key.

a policy purchased by, for the benefit of, a business insuring the life or lives of personnel integral to the business operations

A process of secretly recording keystrokes by an authorized 3rd party.

Coverage for ransom or extortion costs and related expenses.

Layer 2 Forwarding Protocol (L2F) is an Internet protocol, originally developed by Cisco Corporation, that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.

An extension of the Point-to-Point Tunneling Protocol used by an Internet service provider to enable the operation of a virtual private network over the Internet.

termination of a policy due to failure to pay the required renewal premium.

Lattice Techniques use security designations to determine access to information.

Layer 2 Forwarding Protocol (L2F) is an Internet protocol, originally developed by Cisco Corporation, that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.

An extension of the Point-to-Point Tunneling Protocol used by an Internet service provider to enable the operation of a virtual private network over the Internet.

Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol used for accessing and maintaining distributed directory information services over an IP network

Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function.

A Legion is a software used to detect unprotected shares

life insurance policy for which the cost is equally distributed over the term of the premium period, remaining constant throughout.

a certain or probable future sacrifice of economic benefits arising from present obligations of a particular entity to transfer assets or to provide services to other entities in the future as a result of a past transactions(s) or event(s). three essential characteristics: a)    It embodies a present duty or responsibility to one or more other entities that entails settlement by probable future transfer or use of assets at a specified or determinable date, on occurrence of a specified event, or on demand; b)    The duty or responsibility obligates a particular entity, leaving it little or no discretion to avoid the future sacrifice; and c)    The transaction or other event obligating the entity has already happened.

Insurance that pays the same benefit amount should the insured die during the term of the contract, or if the insured survives to the end of the specified coverage term or age.

A group life insurance that provides a face amount that is adjustable to the certificate holder and allows the certificate holder to vary the modal premium that is paid or to skip a payment so long as the certificate value is sufficient to keep the certificate in force, and under which separately identified interest credits (other than in connection with dividend accumulation, premium deposit funds or other supplementary accounts) and mortality and expense charges are made to individual certificates while providing minimum guaranteed values.

A contract or agreement in which a policyholder agrees to sell or transfer ownership in all or part of a life insurance policy to a third party for compensation that is less than the expected death benefit of a policy.

a provision in some disability income policies to recoup lost wages for the term of disability or remainder of insured's life in case of permanent disability.

Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol used for accessing and maintaining distributed directory information services over an IP network

Maximum value to be derived from a policy.

Classification of business written by insurers.

Link-state routing protocols are one of the two main classes of routing protocols used in packet switching networks. The link-state protocol is performed by every switching node in the network. Every node creates a map of the connectivity to the network (in the form of a graph) displaying all the nodes that are connected to other nodes. Each node then calculates the next best logical path from it to every possible destination in the network. The collection of these best paths forms the node’s routing table

List Based Access Control associates a list of users and their privileges with each object, such as a file directory or individual file. Each object has a security attribute that identifies its access control list. The list has an entry for each system user with access privileges. This list is implemented differently by each operating system

Loadable Kernel Modules (LKM) is an object file that contains code to extend the running kernel or the base kernel of an operating system. LKMs are usually used to add support for new hardware and/or file systems, and even for adding system calls.

Loadable Kernel Modules (LKM) is an object file that contains code to extend the running kernel or the base kernel of an operating system. LKMs are usually used to add support for new hardware and/or file systems, and even for adding system calls.

Log clipping is the selective removal of log entries from a system log to hide a compromise.

A logic bomb is a piece of malicious code intentionally inserted into a software system that will run when specified conditions are met.

A logic bomb is a piece of code that is deliberately inserted into a system to trigger a malicious program. Viruses and worms often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fools’ Day. Trojans that activate on certain dates are often called Time Bombs

A logic gate is an elementary building block of a digital circuit. This device is used to implement a Boolean function. It performs a logical operation on one or more logical inputs, and produces a single logical output

A Loopback Address is an pseudo address that sends outgoing signals back to the same computer for testing. In a TCP/IP network, the loopback IP address is 127.0.0.1, and pinging this address always returns a reply unless the firewall prevents it.

Expected payments for costs to be incurred in connection with the adjustment and recording of losses. Can be classified into two broad categories: Defense and Cost Containment (DCC) and Adjusting and Other (AO). Can also be separated into (Allocated Loss Adjustment Expense) and (Unallocated Loss Adjustment Expense for ratemaking purposes.

Incidence of claims on a policy during a premium period.

Coverage for third party mortgagee in case of default on insured property, secured by a loan, that has been lost or damaged.

Policy providing protection against loss of use due to damage or destruction of property.

The percentage of incurred losses to earned premiums.

The amount that insurers set aside to cover claims incurred but not yet paid.

An estimate of liability or provision in an insurer's financial statement, indicating the amount the insurer expects to pay for losses incurred but not yet reported or reported claims that haven't been paid.