Cyber Insurance & Security Glossary

A complete glossary of essential Cyber Security & Insurance terms.

AJAX progress indicator
Search: (clear)
  • Encapsulation Security Payload
    An Encapsulation Security Payload is an IPSec protocol that offers mixed security in the areas of authentication, confidentiality, and integrity for Ipv4 and ipv6 Network packets. Encapsulation Security Payload offers data integrity and protection services by encrypting data, anti-replay, and preserving it in its assigned IP.
  • Encipher
    To encipher is to convert plain text to cipher text via a cryptographic system
  • Encode
    To convert into a coded form.
  • Encryption
    A method where plaintext (or any other type of readable data) is converted into an encoded version which can only be decoded by another entity if they have the decryption key. Encryption is an excellent way to secure data that’s transmitted across networks.
  • Encryption Algorithm
    An encryption algorithm is a set of mathematically expressed rules for rendering data unintelligible by executing a series of conversions controlled by a key
  • Encryption Certificate
    An encryption certificate is a certificate containing a public key that is used to encrypt electronic messages, files, documents, or data transmissions, or to establish or exchange a session key for these same purposes
  • Encryption Key
    An Encryption Key is a code of variable value developed with the help of encryption algorithm to encrypt and decrypt information.
  • End Cryptographic unit
    An end cryptographic unit is a device that (1) performs cryptographic functions, (2) typically is part of a larger system for which the device provides security services, and (3) from the viewpoint of a supporting security infrastructure (e.g., a key management system), is the lowest level of identifiable component with which a management transaction can be conducted.
  • End-to-End Encryption
    End-to-end encryption describes communications encryption in which data is encrypted when passing through a network with the routing information still visible
  • Endorsement
    an amendment or rider to a policy adjusting the coverages and taking precedence over the general contract
  • Endpoint Security
    Endpoint security or Endpoint Protection is the process of securing the various endpoints on a network.
  • Enrollment
    The total number of plans, not the total number of covered lives, providing coverage to the enrollee and their dependents.
  • Enterprise
    An enterprise is an organization with a defined mission/goal and a defined boundary, using information systems to execute that mission, and with responsibility for managing its own risks and performance. An enterprise may consist of all or some of the following business aspects: acquisition, program management, financial management (e.g., budgets), human resources, security, and information systems, information and mission management.
  • Enterprise Architecture
    The enterprise architecture is the description of an enterprise’s entire set of information systems:  configuration, integration and how they interface. Enterprise architecture also describes how they are operated to support the enterprise mission, and how they contribute to the enterprise’s overall security posture.
  • Entrapment
    Entrapment is the deliberate planting of apparent flaws in an information system with the intent to detect attempted penetrations
  • Equity Indexed Annuity
    a fixed annuity that earns interest or provides benefits that are linked to an external reference or equity index, subject to a minimum guarantee.
  • Eradication
    Eradication is an important function of the incident management process that follows the containment of an incident. Upon identifying and controlling the incident in the containment stage, eradication helps identify and remove the root cause of the incident completely from the system and avoid any chances of recurrences of the incident.
  • Errors and Omissions Liability/ Professional Liability Other than Medical
    liability coverage of a professional or quasi professional insured to persons who have incurred bodily injury or property damage, or who have sustained any loss from omissions arising from the performance of services for others, errors in judgment, breaches of duty, or negligent or wrongful acts in business conduct.
  • Ethernet
    Ethernet is the most popular Local Area Network (LAN) technology that specifies cabling and signalling system for home networks or for organizations. Ethernet uses BUS topology to support data transfers and Carrier sense multiple access/ collision detection (CSMA/CD) system to process requests at the same time
  • Event
    An Event is an action or an occurrence that a program can detect. Examples of some events are clicking of a mouse button or pressing the key, etc.
  • Evidence
    Evidence is documents, records or any such objects or information that helps prove the facts in a case.
  • Excess and Umbrella Liability
    liability coverage of an insured above a specific amount set forth in a basic policy issued by the primary insurer; or a self insurer for losses over a stated amount; or an insured or self insurer for known or unknown gaps in basic coverages or self insured retentions
  • Excess of Reinsurance
    loss sharing mechanism where an insurer pays all claims up to a specified amount and a reinsurance company pays any claims in excess of stated amount.
  • Excess Workers’ Compensation
    either specific and/or aggregate excess workers' compensation insurance written above an attachment point or self-insured retention.
  • Exercise Key
    An exercise key is cryptographic key material used exclusively to safeguard communications transmitted over-the-air during military or organized civil training exercises
  • Expense Ratio
    percentage of premium income used to attain and service policies. Derived by subtracting related expenses from incurred losses and dividing by written premiums
  • Experience Rating
    rating system where each group is rated entirely on the basis of its own expected claims in the coming period, with retrospective adjustments for prior periods. This method is prohibited under the conditions for federal qualification.
  • Exploit
    An exploit is an attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders.
  • Exploit Code
    An exploit code is a program that allows attackers to automatically break into a system.
  • Exploitable Channel
    An exploitable channel is a channel that allows the violation of the security policy governing an information system and is usable or detectable by subjects external to the trusted computing base.
  • Exploitable Network
    An external network is a network not controlled by the organization.
  • Exposure
    risk of possible loss
  • External Security Testing
    External security testing is security testing conducted from outside the organization’s security perimeter.
  • Extra Expense Insurance
    a type of property insurance for extraordinary expenses related to business interruption such as a back-up generator in case of power failure.
  • Face Amount
    the value of a policy to be provided upon maturity date or death.
  • Facultative Reinsurance
    reinsurance for a specific policy for which terms can be negotiated by the original insurer and reinsurer
  • Failover
    A failover is a process of switching to a redundant system in the event of a system-wide failure.
  • Fail Safe
    A Fail Safe is the automatic protection of programs and/or processing systems when hardware or software failure is detected.
  • Fail Soft
    Fail soft is the elective termination of affected nonessential processing when hardware or software failure is determined to be imminent.
  • Fair Value
    the amount at which an asset (or liability) could be bought (or incurred) or sold (or settled) in a current transaction between willing parties, that is, other than in a forced or liquidation sale. Quoted market prices in active markets are the best evidence of fair value and shall be used as the basis for the measurement, if available. If a quoted market price is available, the fair value is the product of the number of trading units times market price.
  • Fake Antivirus Malware
    Fake antivirus malware reports non-existent threats in order to scare the user into installing malicious software and/or paying for unnecessary product registration and cleanup.
  • False Positive
    A false positive is an alert that incorrectly indicates that malicious activity is occurring.
  • Farm Owners Insurance
    farmowners insurance sold for personal, family or household purposes. This package policy is similar to a homeowners policy, in that it has been developed for farms and ranches and includes both property and liability coverage for personal and business losses. Coverage includes farm dwellings and their contents, barns, stables, other farm structures and farm inland marine, such as mobile equipment and livestock.
  • Federal Information System
    The Federal Information System is an information system used or operated by an executive agency, a contractor of an executive agency, or by another organization on behalf of an executive agency
  • Fees Payable
    fees incurred but not yet paid
  • Fidelity
    a bond or policy covering an employer's loss resulting from an employee's dishonest act (e.g., loss of cash, securities, valuables, etc.).
  • File Encryption
    File encryption is the process of encrypting individual files on a storage medium and permitting access to the encrypted data only after proper authentication is provided
  • File Name Anomaly
    File name anomaly is a mismatch between the internal file header and its external extension. A File name anomaly is also a file name inconsistent with the content of the file (e.g., renaming a graphics file with a non-graphical extension).
  • File Protection
    File protection is the aggregate of processes and procedures designed to inhibit unauthorized access, contamination, elimination, modification, or destruction of a file or any of its contents.
  • File Security
    File security is the method in which access to computer files is limited to authorized users only.