Cyber Insurance & Security Glossary

A security perimeter is a physical or logical boundary that is defined for a system, domain, or enclave, within which a specified security policy or security architecture is applied.

A security plan is a formal document that provides an overview of the security requirements for an information system or an information security program and describes the security controls in place or planned for meeting those requirements

Is a document that contains a rule or set of rules and procedures for all users accessing and using an organization's IT assets and resources.

The security status of an enterprise’s networks, information, and systems based on IA resources (e.g., people, hardware, software, policies) and capabilities in place to manage the defense of the enterprise and to react as the situation changes.

A security management plan is a formal document that provides an overview of the security requirements for an organization-wide information security program and describes the program management security controls and common security controls in place or planned for meeting those requirements

A security range is the highest and lowest security levels that are permitted in or on an information system, system component, subsystem, or network

A security relevant change is any change to a system’s configuration, environment, information content, functionality, or users which has the potential to change the risk imposed upon its continued operations.

A security relevant event is an occurrence (e.g., an auditable event or flag) considered to have potential security implications to the system or its environment that may require further action (noting, investigating, or reacting).

Security relevant information is any information within the information system that can potentially impact the operation of security functions in a manner that could result in failure to enforce the system security policy or maintain isolation of code and data

Security requirements are requirements levied on an information system that are derived from applicable laws, Executive Orders, directives, policies, standards, instructions, regulations, or procedures, or organizational mission/business case needs to ensure the confidentiality, integrity, and availability of the information being processed, stored, or transmitted.

Security requirements baseline is the description of the minimum requirements necessary for an information system to maintain an acceptable level of risk.

A Security Requirements Traceability Matrix (SRTM) is a Matrix that captures all security requirements linked to potential risks and addresses all applicable C&A requirements.  It is, therefore, a correlation statement of a system’s security features and compliance methods for each security requirement.

Security safeguards are protective measures and controls prescribed to meet the security requirements specified for an information system.  Safeguards may include security features, management constraints, personnel security, and security of physical structures, areas, and devices

A security service is a capability that supports one, or many, of the security goals.  Examples of security services are key management, access control, and authentication. A capability that supports one, or more, of the security requirements (Confidentiality, Integrity, Availability).  Examples of security services are key management, access control, and authentication.

Security specification is the detailed description of the safeguards required to protect an information system

Security strength is a measure of the computational complexity associated with recovering certain secret and/or security-critical information concerning a given cryptographic algorithm from known data (e.g. plaintext/ciphertext pairs for a given encryption algorithm).  It is also a number associated with the amount of work (that is, the number of operations) that is required to break a cryptographic algorithm or system.  Sometimes referred to as a security level.

A security tag is an information unit containing a representation of certain security related information (e.g., a restrictive attribute bit map).

A security target is a Common Criteria specification that represents a set of security requirements to be used as the basis of an evaluation of an identified Target of Evaluation (TOE).

Security Testing is the process to determine that an information system protects data and maintains functionality as intended.

A seed key is an initial key used to start an updating or key generation process

A Segment is another name for TCP packets. Dividing an Ethernet into multiple segments is one of the most common ways of increasing available bandwidth on the LAN.

Sensitive information is data that must be protected from unauthorised access to safeguard the privacy or security of an individual, organisation, or nation. Information sensitivity is the control of access to information or knowledge that might result in loss of an advantage or level of security, if disclosed to others.

Segregated funds held and invested independently of other assets by an insurer for the purpose of a group retirement fund.

Separation of duties (SoD) is also known as “Segregation of duties”. It is based on the principle of splitting privileges among multiple individuals or systems

A server is a computer entity or a machine that waits for requests from other machines or software (clients) and responds to them. The purpose of a server is to share data or hardware and software resources among clients.

A session is a virtual connection between two hosts by which network traffic is passed. It is a way to store information (in variables) to be used across multiple pages.

Session hijacking is also known as cookie hijacking. It is an exploitation of a valid computer session, sometimes also called a session key, to gain unauthorised access to sensitive information or services in a computer system or network.

A session key is a key that is temporary or is used for a relatively short period of time. It is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers. These keys are sometimes called symmetric keys, because the same key is used for both encryption and decryption.

Secure Hash Algorithm 1 (SHA-1) is a cryptographic hash function designed by the United States National Security Agency and is a U.S. Federal Information Processing Standard published by the United States NIST.

Shadow Password Files are system files where encryption user password are stored so that they aren’t available to people who try to break into the system.

A share is any resource that has been made public on a system or network, such as a directory (file share) or printer (printer share).

Shell is a user interface for access to an operating system's services.

Signals Analysis is a process of gaining indirect knowledge of communicated data by monitoring and analyzing a signal that is emitted by a system and that contains the data, but is not intended to communicate the data

A signature is like a fingerprint or a pattern that can be used to detect and identify malware.

In Simple Integrity Property, a user cannot write data to a higher integrity level than their own.

Simple Network Management Protocol (SNMP) is an Internet-standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks and more. SNMP is widely used in network management systems to monitor network-attached devices for conditions that warrant administrative attention.

In Simple Security Property, a user cannot read data of a higher classification than their own

The jurisdiction in which the contract is issued or delivered as stated in the contract.

A smart card is an electronic badge that includes a magnetic strip or chip that can record and replay a set key. The card connects to a reader with direct physical contact or with a remote contactless radio frequency interface

A Smurf Attack is a distributed denial-of-service attack in which large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim’s spoofed source IP are broadcast to a computer network using an IP broadcast address. Most devices on a network respond to this by sending a reply to the source IP address. This can slow down the victim’s computer to the point where it becomes impossible to work on.

A sniffer is a tool that monitors network traffic that is received in a network interface.

Sniffing is also known as passive wiretapping. Packet sniffing allows individuals to capture data as it is transmitted over a network. Packet sniffer programs are used by network professionals to diagnose network issues and by malicious users to capture unencrypted data like passwords and usernames in network traffic. Once this information is captured, the user can then gain access to the system or network.

Simple Network Management Protocol (SNMP) is an Internet-standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks and more. SNMP is widely used in network management systems to monitor network-attached devices for conditions that warrant administrative attention.

A method of manipulating people via phone, email, or in-person to gain confidential information or unauthorized access.

Social networking websites allow you to communicate and share information. But they can also be used to spread malware and to steal personal information.

A socket is an end point for communication between two systems. The socket tells a host’s IP stack where to plug in a data stream so that it connects to the right application.

A Socket Pair is a way to uniquely specify a connection, i.e., source IP address, source port, destination IP address, destination port.

Socket Secure (SOCKS) is an Internet protocol that routes network or data packets between a client and server through a proxy server. SOCKS ensure proper authentication of users and allows authorised users only to access a server. SOCKS uses sockets to represent and keep track of individual connections. The client side of SOCKS is built into certain Web browsers and the server side can be added to a proxy server.

A buyer's market characterized by abundant supply of insurance driving premiums down.

Software is any computer instructions, data, or programs that can be stored electronically and executed by computer hardware. While running any software, associated data that is stored in the hardware may be dynamically written or modified.

A source port is a port that a host uses to connect to a server. It is usually a number greater than or equal to 1024. It is randomly generated and is different each time a connection is established

A Security Requirements Traceability Matrix (SRTM) is a Matrix that captures all security requirements linked to potential risks and addresses all applicable C&A requirements.  It is, therefore, a correlation statement of a system’s security features and compliance methods for each security requirement.