Cyber Insurance & Security Glossary

A Symmetric key is a cryptographic key that is used in a symmetric cryptographic algorithm.

A SYN flood is a type of denial-of-service attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic.

Synchronization is the signal made up of a distinctive pattern of bits that network hardware looks for to signal that start of a frame. Synchronization refers to one of two distinct but related concepts: synchronization of processes, and synchronization of data.

A Syslog is a widely used standard for message logging facility in Unix systems. It permits separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them.

A system-specific policy is a policy written for a specific system or device and may change with changes in the system or device, its functionality, or its vulnerabilities.

Tamper is defined as deliberately trying to change or alter a system’s logic, data, or control information to cause the system to perform unauthorized functions or services

Transmission control protocol (TCP) is a network communication protocol designed to send data packets over the Internet.

TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. The combination of parameters may be used to infer the remote machine’s operating system (OS), or incorporated into a device fingerprint

A TCP Full Open Scan checks each and every port after performing a full three-way handshake on each port to determine if it was open.

A TCP Half Open Scan determines if a port is open by performing the first half of a three-way handshake. It is also referred as the SYN scanning. In SYN scanning, the hostile client or attacker attempts to set up a TCP/IP connection with a server at every possible port. This is done by sending a SYN (synchronization) packet, as if to initiate a three-way handshake, to every port on the server

TCP/IP stands for Transmission Control Protocol/Internet Protocol. It is a basic communication language or protocol of the Internet and can be used as a communications protocol in a private network as well (either an intranet or an extranet).

A TCP Wrapper is a software package that is used to restrict access to certain network services based on the source of the connection. In other words, it is a host-based networking ACL system, used to filter network access to Internet Protocol servers on (Unix-like) operating systems such as GNU/Linux or BSD.

A TCPDump is a freeware protocol analyzer for Unix systems that can monitor network traffic on a wire. It allows the user to display TCP/IP and other packets being transmitted or received over a network. Tcpdump works on most Unix-like operating systems: Linux, Solaris, BSD, OS X, HP-UX, Android and AIX among others. It was originally written in 1987 by Van Jacobson, Craig Leres and Steven McCanne who were working in the Lawrence Berkeley Laboratory Network Research Group

Telnet is a TCP-based, application-layer, Internet Standard protocol and an essential TCP/IP protocol for accessing remote computers. Through Telnet, an administrator or another user can access someone else’s computer remotely

A person(s) who occupies land or property rented from a landlord.

Period of time for which policy is in effect.

Life insurance payable only if death of insured occurs within a specified time, such as 5 or 10 years, or before a specified age.

Person other than the insured or insurer who has incurred losses or is entitled to receive payment due to acts or omissions of the insured.

A threat, in the context of cybersecurity, refers to anything that has the potential to cause harm to a computer system.

An individual, group, organization, or government that conducts or has the intent to conduct malicious activities.

Is a practice of determining the credibility and seriousness of a potential threat, as well as the probability that the threat will become a reality.

A Threat Model is a process that is used to optimize network security by identifying the key objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system or network

A Threat Vector is a methodology that a threat uses to get to the target.

Time to Live (TTL) or the hop limit is a mechanism that limits the lifespan of data in a computer or network. TTL is generally implemented as a counter or time stamp attached to or embedded in the data. TTL value in an IP data packet tells a network router whether or not the packet has been in the network too long and should be discarded

A Tiny Fragment attack is IP fragmentation that is the process of breaking up a single Internet Protocol (IP) datagram into multiple packets of smaller size. Every network link has a characteristic size of messages that may be transmitted, called the maximum transmission unit (MTU). If the data packet size is made small enough to force some of a TCP packet’s TCP header fields into the second data fragment, filter rules that specify patterns for those fields will not match. If the filtering implementation does not enforce a minimum fragment size, a disallowed packet might be passed because it didn’t hit a match in the filter. STD 5, RFC 791 states that, “Every Internet module must be able to forward a datagram of 68 octets without further fragmentation.” This is because an Internet header may be up to 60 octets, and the minimum fragment is 8 octets. IP fragmentation exploits (attacks) use the fragmentation protocol within IP as an attack vector.

Coverage that guarantees the validity of a title to real and personal property. Buyers of real and personal property and mortgage lenders rely upon the coverage to protect them against losses from undiscovered defects in existence when the policy is issued.

Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and the users on the Internet. When a server and client communicate, TLS ensures that no third party may overhear or tamper with any message. TLS is the successor to the Secure Sockets Layer (SSL).

Token-based Access Control is an authentication method that offers additional security. Using this method, each user has a smart card or token that either displays a constantly changing password, passkey, or buttons that calculate a new password based on a challenge phrase. Without this card or token, it is impossible to authenticate yourself to the system. This two-factor authentication provides additional security by requiring an attacker to both guess the user’s password and steal the smart card or token that is used to access the system.

A Token-based device or a security token is known by several names such as, hardware token, authentication token, USB token, cryptographic token, software token, virtual token, or key fob. A security token may be a physical device that an authorized user is given to access a system or network. Security tokens are used to prove one’s identity electronically and is used in addition to or in place of a password to prove that the customer is who they claim to be. The token acts like an electronic key to access something

A token ring network is a local area network in which all computers are connected in a ring or star topology and a binary digit or token-passing scheme is used in order to prevent the collision of data between two computers that want to send messages at the same time. It uses a special three-byte frame called a “token” that travels around a logical “ring” of workstations or servers.

Topology is the geometric arrangement of a computer system. Common topologies include a bus, star, and ring. Two networks have the same topology if the connection configuration is the same, although the networks may differ in physical interconnections, distances between nodes, transmission rates, and/or signal types.

Total money owed or expected to be owed by the insurance company.

Premiums, revenue, investment income, and income from other sources.

Traceroute is a tool the maps the route a packet takes from the local machine to a remote destination. The history of the route is recorded as the round-trip times of the packets received from each successive host (remote node) in the route (path). The sum of the mean times in each hop indicates the total time spent to establish the connection

Transmission control protocol (TCP) is a network communication protocol designed to send data packets over the Internet.

Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and the users on the Internet. When a server and client communicate, TLS ensures that no third party may overhear or tamper with any message. TLS is the successor to the Secure Sockets Layer (SSL).

Covers financial loss due to trip cancellation/interruption; lost or damaged baggage; trip or baggage delays; missed connections and/or changes in itinerary; and casualty losses due to rental vehicle damage.

A reinsurance agreement between the ceding company and reinsurer.

Triple DES (3DES) is the common name for the Triple Data Encryption Algorithm (TDEA or Triple DEA) symmetric-key block cipher, which applies the Data Encryption Standard (DES) cipher algorithm three times to each data block. It transforms each 64-bit plaintext block by applying the DES three successive times, using either two or three different keys, for an effective key length of 112 or 168 bits.

Triple wrapped describes any data that has been signed with a digital signature, encrypted, and then signed again is called triple-wrapped

Trojan is a type of malware that is often disguised as legitimate software.

Trojans are malicious programs that pretend to be legitimate software, but actually carry out hidden, harmful functions

Trunking is a method for a system to provide network access to many clients by sharing a set of lines or frequencies instead of providing them individually. This is analogous to the structure of a tree with one trunk and many branches

Trust determines which permissions and what actions other systems or users can perform on remote machines.

A Trusted Certificate is any digital certificate that a certificate user accepts as being valid without testing the certificate to validate it as the final certificate on a certification path; especially a certificate that is used as a trust anchor certificate.

Trusted ports are ports below number 1024 usually allowed to be opened by the root user.

A Tunnel is a communication channel that is created in a computer network by encapsulating a communication protocol’s data packets in a second protocol that normally would be carried above, or at the same layer as, the first one. Most often, a tunnel is a logical point-to-point link created by encapsulating the layer 2 protocol in a transport protocol (such as TCP), in a network or inter-network layer protocol (such as IP), or in another link layer protocol. Tunneling can move data between computers that use a protocol not supported by the network connecting them.

A UDP Scan performs scans to determine which UDP ports are open or vulnerable. UDP is a connectionless protocol so there is no equivalent to a TCP SYN packet. However, if a UDP packet is sent to a port that is not open, the system will respond with an ICMP port unreachable message.

Loss adjustment expenses that cannot be specifically tied to a claim.

Loss adjustment expenses that cannot be specifically tied to a claim.

Reinsurance placed with a company not authorized in the reporting company's state of domicile.

The asset(s), liability(ies) or other interest(s) underlying a derivative instrument, including, but not limited to, any one or more securities, currencies, rates indices, commodities, derivative instruments, or other financial market instruments.

Person who identifies, examines and classifies the degree of risk represented by a proposed insured in order to determine whether or not coverage should be provided and, if so, at what rate.