Cyber Insurance & Security Glossary
A complete glossary of essential Cyber Security & Insurance terms.
Search: (clear)
- DDoSDistributed Denial of Service (DDoS) is a type of denial of service (DOS) attack where multiple compromised systems, are used to attack a single system causing an outage.
- Device ControlDevice control helps you control the use of removable storage, optical media drives and wireless networking protocols
- Digital CertificateA Digital Certificate is an electronic "password" that allows a person, organization to exchange data securely over the Internet using the public key infrastructure (PKI).
- Digital EvidenceDigital evidence is electronic information stored or transferred in digital form.
- Digital ForensicsDigital Forensics is the process of procuring, analyzing, interpreting electronic data for the purpose of presenting it in as an acceptable evidence in a legal proceedings in a court of law.
- Direct Incurred Lossloss whereby the proximate cause is equivalent to the insured peril.
- Direct LossDamage to covered real or personal property caused by a covered peril.
- Direct Writeran insurance company that sells policies to the insured through salaried representatives or exclusive agents only; reinsurance companies that deal directly with ceding companies instead of using brokers
- Direct Written Premiumtotal premiums received by an insurance company without any adjustments for the ceding of any portion of these premiums to the Reinsurer.
- Directors and Officers Liabilityliability coverage protecting directors or officers of a corporation from liability arising out of the performance of their professional duties on behalf of the corporation.
- DisasterA sudden event, catastrophe caused by the forces of nature or by a human error that result in serious damages to the nature, society, human life, and property. Disaster in business or commercial sense disable an enterprise from delivering the essential tasks for a specified period; for organizations disasters may result in loss of resources, assets, including data
- Disaster Recovery PlanA Disaster Recovery Plan (DRP) or a Business Continuity Plan (BCP) prescribes steps required to carry on the business as usual in the event of a disaster. Disaster recovery plan aims to bring business activities back to normalcy in the shortest possible time; such efforts require an in
- Discretionary Access ControlDiscretionary Access Control is a security measure, by which the owner can restrict the access of the resources such as files, devices, directories to specific subjects or users or user groups based on their identity. It is the discretion of owner to grant permit or restrict users from accessing the resources completely or partially
- Disk ImagingDisk imaging is the process of generating a bit-for-bit copy of the original media, including free space and slack space.
- Disruption-A disruption is unplanned event that causes the general system or major application to be inoperable for an unacceptable length of time (e.g., minor or extended power outage, extended unavailable network, or equipment or facility damage or destruction).
- Dividenda refund of a portion of the premium paid by the insured from insurer surplus.
- DNSThe Domain Name System (DNS) is the phone book of the Internet. It allows computers to translate website names into IP address numbers so that they can communicate with each other.
- DNS ExfiltrationDomain Name System (DNS) Exfiltration is a difficult to detect lower level attack on DNS servers to gain unauthorized access. Such attach attacks lead to loss of data that range from simple to complex in nature and importance.
- DNS HijackingDNS hijacking is a type of malicious attack in which an individual redirect queries to a domain name server (DNS).
- Document MalwareDocument malware takes advantage of vulnerabilities in applications that let you read or edit documents.
- Domain Name ServiceThe Domain Name System (DNS) is the phone book of the Internet. It allows computers to translate website names into IP address numbers so that they can communicate with each other.
- Domain Name SystemA domain name system is a distributed system that internet servers follow to convert alphabetical domain names into numerical IP addresses. Internet servers follow a numerical IP addresses system, and to remember the numerical values of many domains is a difficult task, so domains use alphabetical address. Every time user types in an alphabetical domain name, the DNS helps internet by converting the alphabetical domain name into a numerical IP address.
- Domain Name System ExfiltrationDomain Name System (DNS) Exfiltration is a difficult to detect lower level attack on DNS servers to gain unauthorized access. Such attach attacks lead to loss of data that range from simple to complex in nature and importance.
- Domestic Insureran insurance company that is domiciled and licensed in the state in which it sells insurance.
- DRPA Disaster Recovery Plan (DRP) or a Business Continuity Plan (BCP) prescribes steps required to carry on the business as usual in the event of a disaster. Disaster recovery plan aims to bring business activities back to normalcy in the shortest possible time; such efforts require an in
- Dual InterestInsurance that protects the creditor's and the debtor's interest in the collateral securing the debtor's credit transaction. "Dual Interest" includes insurance commonly referred to as "Limited Dual Interest."
- Dual Use CertificateA dual-use certificate is a certificate that is intended for use with both digital signature and data encryption services
- Due CareDue Care is the degree of care a rational person would exercise in similar situations as the one at hand. Alternatively known as ordinary care or reasonable care is a test of a person’s preparedness to act, be responsible or neglectful of responsibility
- Due DiligenceDue Diligence is the process of conducting a thorough and detailed investigation, to verify the truthfulness of the information provided in the statements for analysis and review before committing to a transaction. It is a measure of prudence, a rational person would undertake before taking a final decision.
- Duplicate Digital EvidenceDuplicate digital evidence is a duplicate that is an accurate digital reproduction of all data objects contained on the original physical item and associated media.
- Dwelling Property/Personal Liabilitya special form of package policy composed of dwelling fire and/or allied lines, and personal liability insurance.
- Dynamic PortsDynamic Ports are otherwise known as private ports, these ports ranging from port number 49,152 to 65, 535 do not need any registration; these ports help any computer application communicate with any other application or program that uses transmission control protocol (TCP) or the User Datagram Protocol (UDP).
- E-CommerceThe process of conducting any kind of business transaction or a commercial transaction electronically with the help of internet is termed as E-commerce. Internet enables sellers to accept orders and payments online
- E-GovernmentE-Government is the U.S. government use of Web-based Internet applications and other information technology
- e-signatureAn electronic signature, or e-signature, refers to data in electronic form, which is logically associated with other data in electronic form and which is used by the signatory to sign.
- Early Warning Systema system designed by insurance industry regulators of identifying practices and risk-related trends that contribute to systemic risk by measuring insurer' financial stability
- Earned but Not Reported (EBNR)premium amount insurer reasonably expects to receive for which contracts are not yet final and exact amounts are not definite.
- Earned Premiumportion of insured's prepaid premium allocated to the insurance company's loss experience, expenses, and profit year- to -date
- Easter EggAn Easter Egg is the hidden functionality within an application program, which becomes activated when an undocumented set of commands and keystrokes are entered. Easter eggs are typically used to display the credits for the development team and are intended to be nonthreatening.
- EavesdroppingEavesdropping is the practice of listening, intercepting, or monitoring private communication between users or user groups without their knowledge or permission.
- EDP Policiescoverage to protect against losses arising out of damage to or destruction of electronic data processing equipment and its software
- Effective Datedate at which an insurance policy goes into force.
- EgressEgress in general means to go out; in information technology, it is defined as the network traffic moving out of the network to the final destination with the help of devices such as routers, etc.
- Egress FilteringEgress filtering is the filtering of outgoing network traffic.
- Electronic Key EntryElectronic Key Entry is the entry of cryptographic keys into a cryptographic module using electronic methods such as a smart card or a key-loading device.
- Electronic Key Management SystemAn electronic key management system is an Interoperable collection of systems being developed by services and agencies of the U.S. government to automate the planning, ordering, generating, distributing, storing, filling, using, and destroying of electronic key and management of other types of COMSEC material.
- Electronic SignatureAn electronic signature, or e-signature, refers to data in electronic form, which is logically associated with other data in electronic form and which is used by the signatory to sign.
- Electronically Generated KeyAn electronically generated key is a key generated in a COMSEC device by mechanically or electronically introducing a seed key into the device and then using the seed in conjunction with a software algorithm stored in the device to produce the desired key.
- Elliptical Curve CryptographyElliptical Curve Cryptography is a technique that uses elliptical curve equation to create cryptography keys; keys generated by this theory are much smaller, faster, and efficient, as well! This modern technique keeps the decryption key private, while the encryption key is public. Unlike traditional methods of generating cryptography keys such as RSA, elliptical curve technique uses discrete algorithms making it difficult to decipher the keys or challenge the keys.
- Email Malware DistributionEmail malware refers to malware that is distributed via email.
- Embedded CryptographyEmbedded cryptography is cryptography engineered into an equipment or system whose basic function is not cryptographic.
- Employee Benefit Liabilityliability protection for an employer for claims arising from provisions in an employee benefit insurance plan provided for the economic and social welfare of employees. Examples of items covered are pension plans, group life insurance, group health insurance, group disability income insurance, and accidental death and dismemberment
- Employers Liabilityemployers' liability coverage for the legal liability of employers arising out of injuries to employees. This code should be used when coverage is issued as an endorsement, or as part of a statutory workers' compensation policy.
- Employment Practices Liability Coverageliability insurance for employers providing coverage for wrongful termination, discrimination, or sexual harassment of the insured's current or former employees.