{tableName=glossary, name=Cybersecurity Credentials, description=
Cybersecurity credentials are a set of qualifications and certifications that a person or organization holds to demonstrate their knowledge and proficiency in the field of cybersecurity. These credentials may include certifications from industry-recognized organizations such as the International Information Systems Security Certification Consortium (ISC2), the Computing Technology Industry Association (CompTIA), the Certified Information Systems Security Professional (CISSP), and the Information Systems Audit and Control Association (ISACA). Cybersecurity credentials also may include certifications from universities and other educational institutions, as well as certifications from government agencies like the National Security Agency (NSA). Cybersecurity credentials are important for both individuals and organizations, as they demonstrate the expertise and knowledge of the holder in the field of cybersecurity and provide assurance that the holder is up-to-date on the latest security practices and technologies., topic=null, hs_path=cybersecurity-credentials}--
{tableName=glossary, name=Cloud Infrastructure, description=
Cloud Infrastructure is a type of computing infrastructure that provides shared computer processing resources and data to computers and other devices on demand over the internet. It is typically composed of a combination of hardware and software components, such as servers, storage, networks, and applications. Cloud Infrastructure allows users to access their data and applications from any device, anywhere in the world, with minimal setup and maintenance. It is designed to be highly scalable and cost-effective, allowing businesses to quickly and easily expand their computing resources as needed. Cloud Infrastructure also provides enhanced security, reliability, and performance, making it a popular choice for businesses of all sizes., topic=null, hs_path=cloud-infrastructure}--
{tableName=glossary, name=Ciphertext, description=
Ciphertext is the scrambled form of plaintext, or readable text, after it has been encrypted using a cipher, or an algorithm for encryption and decryption. It is the output of an encryption algorithm and is typically a string of seemingly random characters. Ciphertext is not readable or understandable until it has been decrypted, or converted back into its original plaintext form. Ciphertext is usually transmitted over a secure channel, such as the internet, to ensure that the data remains confidential and secure., topic=null, hs_path=ciphertext}--
{tableName=glossary, name=Incident Management Framework, description=
Incident Management Framework is a set of processes, procedures, and systems that organizations use to manage and respond to incidents. It is an organized approach to addressing and resolving incidents quickly and efficiently. The framework typically includes the following components: incident identification, incident classification, incident response, incident resolution, and incident reporting. The goal of an incident management framework is to ensure that incidents are handled in a timely, consistent, and effective manner. It also helps to ensure that the organization is prepared to handle any potential incidents that may arise. This framework can help organizations to reduce the amount of time and resources required to respond to incidents, as well as to improve the organization's overall security posture., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1683947994134, path='cybersecurity-risk-management', name='
Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value=
This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}'}], hs_path=incident-management-framework}--
{tableName=glossary, name=ISO/IEC 27002:2022, description=
ISO/IEC 27002:2022 is an international standard for information security management systems (ISMS) developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It provides best practice recommendations for organizations on how to manage their information security in order to protect their information assets. The standard provides a comprehensive set of control objectives and controls to help organizations protect their information assets, including those related to information security management, risk assessment and management, asset management, access control, cryptography, physical and environmental security, operations security, communications security, system acquisition, development, and maintenance, and supplier relationships. The standard also provides guidance on the implementation of an ISMS, including the roles and responsibilities of personnel, the selection and implementation of security controls, and the monitoring and review of the ISMS., topic=null, hs_path=iso-iec-270022022}--
{tableName=glossary, name=ISO/IEC 27001 Penetration Testing, description=
ISO/IEC 27001 Penetration Testing is a type of security testing that is used to evaluate the security of an organization’s information systems and networks. It is designed to identify, analyze, and report on any vulnerabilities that may exist in an organization’s security infrastructure. The goal of penetration testing is to find, exploit, and help correct any weaknesses in the system before they can be exploited by malicious actors. During a penetration test, an ethical hacker attempts to gain access to an organization’s systems and networks, either by exploiting known vulnerabilities or by using social engineering tactics. The tester then documents and reports on the findings, including any potential risks and recommended countermeasures. The results of the penetration test are then used to develop a comprehensive security plan that can help protect the organization’s systems and data., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name='
ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=
This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.
Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.
This guide is an essential resource for anyone looking to understand and implement ISO 27001.
}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-penetration-testing}--
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75