Cyber Insurance & Security Glossary

Anti-spyware is a type of software that is designed to detect and remove unwanted spyware programs.

Antivirus is software that is designed to prevent, search for, detect, and remove software viruses, and other malicious software like worms, trojans, adware, and more.

An app attack occurs when a user unknowingly installs a harmful app on their tablet or smartphone and the app in turn steals their personal data.

Appliances are a combination of hardware and software security elements in one solution. This lets you plug appliances in rather than installing the software separately

Application control allows you to control the use of applications that may be inappropriate for use on business computers or networks

An Application Layer is one of the seven layers in the Open-System Interconnection (OSI) Model of the TCP/IP protocol Suite. Application Layer defines the way process-to-process communication happens in a network; it only offers a strong communication interface and end user services.

an estimate of value

a binding dispute resolution tactic whereby a conciliator with no interest in the outcome intercedes.

Architecture is a structure that defines or describes the very fundamentals of a system or an organization, its components, the relationship between each of these components, their relationship to the overall system, and finally, their effectiveness in guiding the system towards its goals.

estimated value for real or personal property established by a taxing entity

probable future economic benefits obtained or controlled by a particular entity as a result of past transactions or events. An asset has three essential characteristics: It embodies a probable future benefit that involves a capacity, singly or in combination with other assets, to contribute directly or indirectly to future net cash inflows; A particular entity can obtain the benefit and control others' access to it; and The transaction or other event-giving rise to the entity's right to or control of the benefit has already occurred.

in the risk-based capital formula, risk assigned to the company's assets.

A governmental pool established to write business declined by carriers in the standard insurance market.

a policy or rider that provides coverage only while a policyholder is confined to an assisted living facility and meets the policy requirements for coverage.

the assumption of risk from another insurance entity within a reinsurance agreement or treaty.

An Asymmetric Key (public key) is a security measure that uses two keys to ensure the confidentiality of a message. One key encrypts the message, while the other key decrypts it.

An attack is an action with malicious intention to interrupt the operations of a network or steal the data, etc

An Attack Mechanism is a system or strategy by which a target is hit; the attacker may use different attack mechanisms such as a container or payload to hit the intended target.

An Attack Vector is a means and ways by which attacker gains entry into the target system. Attackers mainly use the human element or the weak links to gain such access.

Attenuation is the weakening of signal strength, analog or digital, especially when transmitted over long distances.

An audit trail is a detailed history of transactions to help you trace a piece of information back to its origin. In the field of computers, Audit trail or paper log, helps maintain security, recover any lost data

Authentication is the process of identifying a piece of information, the veracity of information provided. In computers, it is the process of identifying a person or system with the username; password, etc. Authentication helps individuals; systems gain authorization based on their identity.

Authenticity is the proof or validity that a claimed identity (whether human or a resource) is real and legitimate.

an insurer licensed or admitted to do business in a particular state.

theoretical amount of capital plus surplus an insurance company should maintain.

reinsurance placed with a reinsurer who is licensed or otherwise allowed to conduct reinsurance within a state.

Autorun worms are malicious programs that take advantage of the Windows AutoRun feature. They execute automatically when the device on which they are stored is plugged into a computer.

Availability is the time duration a system or resource is ready for use.

A backdoor is a method, often secret, of bypassing normal authentication or encryption in a computer system.

A backdoor Trojan allows someone to take control of a user’s computer without their permission.

A backup refers to the archiving data so it may be used to restore the original after a data loss event.

accounting statement showing the financial condition of a company at a particular date.

Bandwidth is the capacity of a communication channel to pass data through in a given amount of time.

A banner is a display on an information system that sets the parameters for system or data use.

Banner grabbing is the process of grabbing banner information such as the application type and version. This information is then transmitted by a remote port when a connection is initiated.

A security baseline defines a set of basic security objectives which must be met by any given service or system.

Baseline security is the minimum set of security controls required for safeguarding an IT system. Baseline security is based upon a system’s identified needs for confidentiality, integrity and availability protection

A Bastion is a system of high level of security protection; such a system offers very strong protection against attacks.

A bastion host is a special services computer on a network that is designed to withstand attacks.

A Behavioral outcome is what an individual who has completed a specific training module is expected to accomplish on regular IT security job performance.

an individual who may become eligible to receive payment due to will, life insurance policy, retirement plan, annuity, trust, or other contract.

Biometrics are a security system, which takes into account the unique physiological characteristics of a person such as fingerprints, DNA, hair, etc., for identification purposes.

A bit error rate is the ratio between the number of bits incorrectly received and the total number of bits transmitted in a telecommunications system

A black core is a communication network architecture in which user data traversing a global internet protocol (IP) is end-to-end encrypted at the IP layer.

A blacklist is a basic access control mechanism that allows through all elements except those explicitly mentioned.

coverage for property and liability that extends to more than one location, class of property or employee.

A blended attack is a hostile action with the intent of spreading malicious code.

A Block Cipher is a method used to cipher text, information by encrypting data in blocks, strings, or group at a time rather encrypting individual bits.

A Block cipher algorithm is a family of functions and their inverses parameterized by a cryptographic key in which the function map bit strings of a fixed length to bit strings of the same length.

a form of debt security whereby the debt holder has a creditor stake in the company. Obligations issued by business units, governmental units and certain nonprofit units having a fixed schedule for one or more future payments of money; includes commercial paper, negotiable certificates of deposit, repurchase agreements and equipment trust certificates