What is Business Impact Analysis? Business impact analysis (BIA) is a method to predict the consequences of disruptions to a business, its processes, and its systems, by collecting relevant data. This data can be used to develop strategies for the business to recover in the case of an emergency. The BIA framework is used to […]
Cipher Suites
What are Cipher Suites? Cipher suites are sets of instructions that enable secure network connections through Transport Layer Security (TLS), often still referred to as Secure Sockets Layer (SSL). These cipher suites provide a set of algorithms and protocols that are required to secure communications between clients and servers. To initiate an HTTPS connection, the […]
What are Cybersecurity Metrics and KPIs? Cybersecurity metrics and Key Performance Indicators (KPIs) are crucial indicators that help security teams analyze how their security controls function over time. Cybersecurity KPIs and cybersecurity metrics are terms often used interchangeably, but there is a slight difference between their meanings- while cybersecurity metrics are quantifiable measurements pertaining to […]
What is Pretty Good Privacy Encryption? Pretty Good Privacy (PGP) is a security program used to decrypt and encrypt email and authenticate email messages through digital signatures and file encryption. PGP was one of the first public-key cryptography software applications that was publicly available, for free. Originally, it was used to enable individual users to […]
What is Platform Security Architecture? Platform Security Architecture (PSA) is a security certification scheme for Internet of Things (IoT) hardware, software, and devices. It was created by Arm Holdings, Brightsight, CAICT, Prove & Run, Riscure, TrustCB, and UL as part of a global partnership. Arm Holdings first brought forward the PSA specifications in 2017 to […]
What is Resource Pooling in Cloud Computing? Resource pooling in a private cloud enables the hypervisor (the software that creates and runs virtual machines) to reassign tenants (the customers who pay for cloud computing services from a cloud provider) to different locations in the cloud to optimize resource usage. In a typical private cloud, the […]
Root Cause Analysis
What is Root Cause Analysis? The National Institute of Standards and Technology (NIST) defines root cause analysis as, “A principle-based, systems approach for the identification of underlying causes associated with a particular set of risks.”1 In practice, root cause analysis (RCA) can be understood as a method of problem-solving that is used to investigate known […]
Types of Internet Proxies
What are Internet Proxy Types? Proxy servers receive requests intended for other servers and then act to fulfill, forward, redirect, or reject the requests. Exactly which service is carried out for a particular request is based on a number of factors which include: the proxy server’s capabilities, what is requested, information contained in the request, […]
Whitelisting
What is Whitelisting? Whitelisting is a cybersecurity strategy that approves lists of email addresses, IP addresses, applications, and/or domain names, while denying all others, by default. With whitelisting, a user can only take actions on their computer that an administrator has explicitly allowed in advance, because they have deemed those actions to be safe and […]
Wi-Fi Protected Access
What is Wi-Fi Protected Access? Wi-Fi Protected Access (WPA) is a security standard for computing devices with wireless internet connections. The Institute of Electrical and Electronics Engineers (IEEE) published standards for creating a network in which machines can connect wirelessly in 1997. WPA was developed by the Wi-Fi Alliance to provide better data encryption and […]