Cyber Insurance & Security Glossary

A complete glossary of essential Cyber Security & Insurance terms.

AJAX progress indicator
Search: (clear)
  • BCP
    A Disaster Recovery Plan (DRP) or a Business Continuity Plan (BCP) prescribes steps required to carry on the business as usual in the event of a disaster. Disaster recovery plan aims to bring business activities back to normalcy in the shortest possible time; such efforts require an in
  • Book Value
    original cost, including capitalized acquisition costs and accumulated depreciation, unamortized premium and discount, deferred origination and commitment fees, direct write-downs, and increase/decrease by adjustment.
  • Boot Sector Malware
    Boot sector malware spreads by modifying the program that enables your computer to start up.
  • Bot
    A bot is a type of software or a script that performs automated tasks on the command.
  • Botnet
    A collection bots that are remotely controlled.
  • Boundary
    A boundary is a fence or an imaginary line, which indicates the limit of an organization, and its relationship with its neighbors
  • Bridge
    A bridge is an electronic device that connects two networks such as LAN that uses the same protocol such as Ethernet or Token Ring, and creates two distinct LAN’s or Wide Area Networks. Operating at the Data Link Layer of the Open System Interconnect model, bridges have the ability to filter the information and can pass such information to the right nodes, or decide not to pass any information. They also help in streamlining or reducing the volume of traffic on a LAN by dividing the data into two segments
  • Bring Your Own Device
    A policy where employees are allowed to connect their own devices to corporate applications and networks.
  • Broadcast
    A Broadcast is a process of transmitting the same message to multiple users simultaneously.
  • Broker
    an individual who receives commissions from the sale and service of insurance policies. These individuals work on behalf of the customer and are not restricted to selling policies for a specific company but commissions are paid by the company with which the sale was made
  • Browser Hijacker
    Browser hijackers change the default homepage and search engine in your Internet browser without your permission
  • Brute Force
    Brute Force is a computing method that relies on strong algorithms and computing techniques to find the ultimate solution to a given issue.
  • Brute Force Attack
    A Brute Force Attack is the process of finding the solution by constantly trying many probable variants of information such as passwords, deciphered keys, etc., in a random fashion.
  • Buffer Overflow
    A buffer overflow occurs when a program or process attempts to write more data to a fixed length block of memory.
  • Burglary and Theft
    coverage for property taken or destroyed by breaking and entering the insured's premises, burglary or theft, forgery or counterfeiting, fraud, kidnap and ransom, and off-premises exposure.
  • Business Continuity Plan
    A Disaster Recovery Plan (DRP) or a Business Continuity Plan (BCP) prescribes steps required to carry on the business as usual in the event of a disaster. Disaster recovery plan aims to bring business activities back to normalcy in the shortest possible time; such efforts require an in
  • Business Impact Analysis/Assessment
    A Business Impact Analysis/Assessment is the process of evaluating and identifying risks and threats that a business might face in the event of an accident, disaster, or an emergency. It evaluates the possible risk to tangible and intangible assets such as personal, infrastructure, data and goodwill. In addition, it offers steps needed to recover from any such disasters.
  • Business Interruption
    loss of income as a result of property damage to a business facility.
  • Business Owners Policy
    business insurance typically for property, liability and business interruption coverage.
  • BYOD
    A policy where employees are allowed to connect their own devices to corporate applications and networks.
  • Cache
    A place to temporarily store something in a computing environment. Active data is often cached to shorten data access times, reduce latency, and improve input/output (improve application performance).
  • Calendar Year Deductible
    in health insurance, the amount that must be paid by the insured during a calendar year before the insurer becomes responsible for further loss costs.
  • Capital and Surplus
    a company's assets minus its liabilities.
  • Capital and Surplus Retirement
    statutory requirement ordering companies to maintain their capital and surplus at an amount equal to or in excess of a specified amount to help assure the solvency of the company by providing a financial cushion against expected loss or misjudgments and generally measured as a company's admitted assets minus its liabilities, determined on a statutory accounting basis.
  • Capital Gains(Loss)
    excess (deficiency) of the sales price of an asset over its book value. Calculated on the basis of original cost adjusted, as appropriate, for accrual of discount or amortization of premium and for depreciation.
  • Capitation Arrangement
    a compensation plan used in connection with some managed care contracts where a physician or other medical provider is paid a flat amount, usually on a monthly basis, for each subscriber who has elected to use that physician or medical provider. Capitated payments are sometimes expressed in terms of a "per member/per month" payment. The capitated provider is generally responsible, under the conditions of the contract, for delivering or arranging for the delivery of all contracted health services required by the covered person.
  • Captive Agent
    an individual who sells or services insurance contracts for a specific insurer or fleet of insurers
  • Captive Insurer
    an insurance company established by a parent firm for the purpose of insuring the parent's exposures
  • Carrying Value(Amount)
    the SAP book value plus accrued interest and reduced by any valuation allowance and any non-admitted adjustment applied to the individual investment.
  • Cash
    a medium of exchange
  • Cash Equivalent
    short-term, highly liquid investments that are both (a) readily convertible to known amounts of cash, and (b) so near their maturity that they present insignificant risk of changes in value because of changes in interest rates. Investments with original maturities of three months or less qualify under this definition.
  • Casualty Insurance
    a form of liability insurance providing coverage for negligent acts and omissions such as workers compensation, errors and omissions, fidelity, crime, glass, boiler, and various malpractice coverages
  • Catastrophe Bonds
    Bonds issued by an insurance company with funding tied to the company's losses from disasters, or acts of God. A loss exceeding a certain size triggers a reduction in the bond value or a change in the bond structure as loss payments are paid out of bond funds.
  • Catastrophe Loss
    a large magnitude loss with little ability to forecast.
  • Category
    A category is restrictive label applied to classified or unclassified information to limit access.
  • Ceded Premium
    amount of premium (fees) used to purchase reinsurance
  • Ceding Company
    an insurance company that transfers risk by purchasing reinsurance.
  • Central Service Node
    A Central Services Node is the Key Management Infrastructure core node that provides central security management and data management services
  • Certificate Authority
    A Certificate Authority (CA) is an independent third party that verifies the online identity of an entity. They issue digital certificates that contains information about the owner of the certificate and details of the certificates, thus verifying the identity of the owner.
  • Certificate Management
    Certificate Management is the process in which certificates are generated, used, transmitted, loaded and destroyed
  • Certification Revocation List
    A Certificate Revocation List is an independent third party that verifies the online identity of an entity. They issue digital certificates that contains information about the owner of the certificate and details of the certificates, thus verifying the identity of the owner.
  • Chain of Custody
    A Chain of Custody is a process that defines rules for evidence to be legally accepted. A neutral third party, who has no interest in the case, collects the evidence after properly identifying it; and that the evidence is accountable until it is presented in the court of law. The collector makes the evidence tamper-proof and seals it tightly. It contains the complete information of the evidence as to how had collected it, and who had access to it.
  • Chain of Evidence
    The chain of evidence shows who obtained the evidence, where the evidence came from, also who secured, had control and possession of the evidence. The chain of evidence goes in the following order: collection and identification; analysis; storage; preservation; presentation in court; return to owner
  • Challenge Response Protocol
    A Numerical value that helps to check if the data transmitted is the same as the data stored and that the recipient has error free data. It is often the sum of the numerical values of bits of digital data stored, this value should match with the value at the recipients end, and a mismatch in the value indicates an error
  • Change in Valuation Basis
    a change in the interest rate, mortality assumption or reserving method or other factors affecting the reserve computation of policies in force.
  • Chartered Life Underwriter (CLU)
    a professional designation awarded by the American College to persons in the life insurance field who pass a series of exams in insurance, investment, taxation, employee benefit plans, estate planning, accounting, management, and economics.
  • Checksum
    A checksum is a simple type of redundancy check that is used to detect errors in data.
  • Chief Information Security Officer
    A Chief Information Security Officer is a senior level executive of an organization entrusted with the responsibilities of protecting the information assets of the businesses and making sure that the information policies of the organization align with the objectives of the organization.
  • Chief Security Officer
    Chief Security Officer is an executive of the company with assigned responsibility to protect assets such as the infrastructure, personnel, including information in digital and physical form.
  • Cipher
    A Cipher is a process to convert data into code, or encrypt, with the help of algorithm; to decipher the code a key is required.
  • Cipher Text
    Cipher Text is data converted from plain text into code using algorithm, making it unreadable without the key
  • Ciphony
    Ciphony is the process of enciphering audio information with the result of encrypted speech.