Information security (infosec) is the practice of protecting information by mitigating information risks. It typically involves preventing or reducing the probability of unauthorized access, use, disclosure, disruption, deletion, corruption, modification, inspection, recording, or devaluation of information. Infosec aims to ensure the confidentiality, integrity, and availability of information.
Confidentiality refers to ensuring that information is only accessible to those authorized to access it. Integrity means that information is accurate and has not been altered by unauthorized means. Availability ensures that information is accessible when needed by authorized users.
Infosec involves implementing various measures, such as access controls, encryption, authentication, and security policies, to protect information from threats such as cyber attacks, data breaches, and other forms of unauthorized access or disclosure. It is a critical aspect of cybersecurity and is essential for maintaining trust in digital systems and services.
What is InfoSec ?
Information security, often referred to as infosec, is a critical practice in today’s digital age. It involves protecting information from various risks to ensure its confidentiality, integrity, and availability. This protection is vital as information can exist in various forms, including electronic or physical, and can be tangible (such as paperwork) or intangible (like knowledge).
- Confidentiality: Ensuring that information is only accessible to those who are authorized to view it.
- Integrity: Guaranteeing that information is accurate, complete, and has not been altered in an unauthorized manner.
- Availability: Ensuring that information is accessible and usable when needed by authorized users.
Those above key factors help to define further, down the line, information security measurements, tooling, systems and procudures that will help business owner or relevant stack holders like security architect, security manager other cyber security roles to make sure our organization is safe and protected as best as possible.
Info Sec Abbreviation
It’s esasy to counter abbreviation in the information security world, otherwise some meanings and description of those meanings may take a long time to explain or write, In our information site about information security you’ll find those abbreviation all other the place. This is why I made this list to ease your reading experience:
| Abbreviation | Meaning | About |
|---|---|---|
| GDPR | General Data Protection Regulation | A regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas. |
| CCPA | California Consumer Privacy Act | A state statute intended to enhance privacy rights and consumer protection for residents of California, United States. |
| SCA | Supply Chain Attack | SCA is a process in which a security vulnerability introduced into a system within one weak link of an entire supply chain. |
| CDR | Cloud Detection and Response | CDR refers to a set of cybersecurity practices and tools designed to detect and respond to security threats within cloud environments (noticeable companies: Gem Security) |
| CWPP | Cloud Workload Protection Platform | CWPPs are security tools or platforms designed to protect cloud-based workloads, such as virtual machines, containers, and serverless applications, from cyber threats. |
| RBAC | Role Base Access Control | a security posture that helps organization to manage risk and control of access to assets within organization like data. |
| HIPAA | Health Insurance Portability and Accountability Act | The way healthcare providers, insurance companies, and their business associates handle patient information |
| TOTP | Time-Based One-Time Password | Time-Based One-Time Password, is a method used in two-factor authentication (2FA) to generate a temporary and dynamic password. |
| GLBA | Gramm-Leach-Bliley | U.S. law enacted to ensure the protection and confidentiality of consumers’ non-public personal information held by financial institutions. |
| Duo Mobile | Duo Mobile | A mobile application providing two-factor authentication (2FA) to enhance security. |
| CPRA | California Privacy Rights Act | An extension of CCPA, aimed at further strengthening consumer privacy rights in California, including provisions related to sensitive personal information and data retention. |
| COPPA | Children’s Online Privacy Protection | U.S. law that imposes certain requirements on operators of websites or online services that collect personal information from children under the age of 13. |
| Data Fabric | Data Fabric | Data fabric is an architecture that facilitates the end-to-end integration of various data pipelines and cloud environments through the use of intelligent and automated systems. Ability to observe and manage different source of data in a single dashboard to get high observability of companies database assets. (noticeable companies: avalor.io) |
| CASB | Cloud Access Security Broker | It is a security software tool or service that sits between cloud service users and cloud applications to monitor all activity and enforce security policies. |
| ASM | Attack Surface Management | Cybersecurity approach that focuses on identifying and managing the various points where an organization’s digital assets are exposed to potential threats. |
| LGPD | Lei Geral de Proteção de Dados (Brazilian General Data Protection Law) | A law that governs the use of personal data in Brazil and aims to protect the privacy and fundamental freedoms of individuals. |
| PECR | Privacy and Electronic Communications Regulations | A set of regulations in the UK that govern the use of electronic communications, including marketing emails, cookies, and electronic direct marketing. |
| AAP | Accredited ACH Professional | A designation awarded by NACHA to individuals who are experts in the field of ACH payments and electronic transactions. |
| FCRA | Fair Credit Reporting | Federal law in the United States that regulates the collection, dissemination, and use of consumer credit information. |
| PIPEDA | Personal Information Protection and Electronic Documents Act | A Canadian law that governs the collection, use, and disclosure of personal information in the private sector. |
| VCDPA | Virginia Consumer Data Protection Act | A state privacy law in Virginia, United States, aimed at protecting the privacy of Virginia residents and regulating the use of personal data by businesses. |
| ICO | Information Commissioner’s Office | A UK regulatory body responsible for upholding information rights in the public interest, promoting openness by public bodies, and data privacy for individuals. |
| GPDP | General Personal Data Protection Law (China) | A comprehensive law in China that regulates the processing of personal data and promotes the protection of individuals’ privacy rights. |
| DSGVO | Datenschutz-Grundverordnung (General Data Protection Regulation – German) | The German translation of GDPR, which is the European Union’s data privacy and security law. |
| BfDl | Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (Federal Commissioner for Data Protection and Freedom of Information) | An independent federal authority in Germany responsible for overseeing data protection and freedom of information laws. |
| CNIL | Commission Nationale de l’Informatique et des Libertés (National Commission for Information Technology and Civil Liberties) | An independent French administrative regulatory body whose mission is to ensure that data privacy law is applied to the collection, storage, and use of personal data. |
| AEPD | Agencia Española de Protección de Datos (Spanish Data Protection Agency) | The Spanish supervisory authority responsible for ensuring compliance with data protection regulations and protecting the rights and freedoms of individuals regarding the processing of their personal data. |
| Data Spill | Data Spill | A data spill, often referred to as a data breach, is an incident where confidential information is exposed, transmitted, accessed, or visually disclosed in an unauthorized or unintentional manner |
| CCNP | Cisco Certified Network Professional | Cisco Certified Network Professional (CCNP) is a beacon of proficiency in the vast sea of networking. Beyond the foundational networking knowledge embodied by its precursor, CCNA, the CCNP certification encapsulates a deeper and more nuanced understanding of security, IT and cyber. |
| PDPB | Personal Data Protection Bill (India) | A bill that aims to provide for the protection of personal data of individuals and establishes a Data Protection Authority for the regulation and protection of personal data in India. |
| DIA | Data Integrity Assurance | Data Integrity Assurance as the name suggest revolve around the idea that data needs to be valid, real, authentic, reliable, true and anything around doing and achieving those as goals. |
| DPA | Data Protection Authority | A regulatory body or agency responsible for overseeing data protection laws and regulations within a specific jurisdiction. |
| PDPA | Personal Data Protection Act (Singapore) | A Singaporean law that governs the collection, use, and disclosure of personal data by organizations in Singapore. |
| TTDSG | Telecommunications-Telemedia Data Protection Act (Germany) | A German law that regulates data protection for telecommunication and telemedia services, including internet service providers and telecommunications companies. |
| POPIA | Protection of Personal Information Act (South Africa) | A South African law that regulates the processing of personal information and aims to protect individuals’ privacy rights. |
| IR Incident commander | IR Incident Commander | The primary responsibility of an IR Incident Commander is to lead security and relevant stack holders within the company. |
| AP | Access Point | In the context of networking, an access point is a device that allows wireless devices to connect to a wired network using Wi-Fi or other wireless protocols. |
| VPN | Virtual Private Network | VPN provides secure, encrypted connections over public networks |
| PII | Personally Identifiable Information | PII, the lifeblood of many organizational processes, is concurrently a tempting treasure trove for malicious actors seeking to exploit these sensitive details for illicit gains. |
| MGT512 | Security Leadership Essentials for Managers | MGT512 is a course offered by the SANS Institute, aimed at managers and leaders in information security. It focuses on developing leadership and management skills specific to cybersecurity. |
| GIAC | Global Information Assurance Certification | GIAC is a prestigious certification body known for its specialized and technical certifications in the field of information security |
| SIEM | Security Information and Event Management | SIEM collects and analyzes security event data |
| SOC | Security Operations Center | SOC is a centralized unit for monitoring and responding to security incidents |
| DDoS | Distributed Denial of Service | DDoS attacks overwhelm a target with a flood of traffic |
| WAF | Web Application Firewall | WAF protects web applications from common security threats |
| SSO | Single Sign-On | SSO allows users to authenticate once for multiple applications |
| IDP | Identity (Service) Provider | IDP is a service that authenticated users for companies. it’s external security “expert” that verify the identity of the customer at our organization. |
| CSRF | Cross-Site Request Forgery | CSRF is an attack that tricks a user into executing unwanted actions |
| PKI | Public Key Infrastructure | PKI manages digital certificates and public-private key pairs |
| SOCaaS | Security Operations Center as a Service | SOCaaS provides outsourced security monitoring and management |
| DLP | Data Loss Prevention | DLP helps prevent unauthorized access, use, or transmission of data |
| EDR | Endpoint Detection and Response | EDR tools monitor and respond to suspicious activity on endpoints |
| UTM | Unified Threat Management | UTM combines multiple security functions into a single solution |
| BYOD | Bring Your Own Device | BYOD policies allow employees to use personal devices for work |
| DRM | Digital Rights Management | DRM controls access to digital content and protects intellectual property |
| RASP | Runtime Application Self-Protection | RASP embeds security controls into applications to protect against attacks |
| DNSSEC | Domain Name System Security Extensions | DNSSEC adds cryptographic security to the Domain Name System (DNS) |
| PKI | Public Key Infrastructure | PKI manages digital certificates and keys to secure communication over a network |
| NIST | National Institute of Standards and Technology | NIST provides cybersecurity frameworks and guidelines for organizations |
| ISO | International Organization for Standardization | ISO develops standards for various industries, including information security |
| COBIT | Control Objectives for Information and Related Technologies | COBIT is a framework for governance and management of enterprise IT |
| OWASP | Open Web Application Security Project | OWASP provides resources and best practices to improve web application security |
| STIG | Security Technical Implementation Guide | STIG provides guidance for securing computer systems and software |
| IDS | Intrusion Detection System | IDS monitors network or system activities for malicious activities or policy violations |
| MFA | Multi-Factor Authentication | MFA adds an extra layer of security by requiring multiple forms of verification |
| CSP | Cloud Security Provider | CSP offers security services and solutions for cloud computing environments |
| ACL | Access Control List | ACL specifies which users or systems are granted access to resources |
| RNG | Random Number Generator | RNG generates unpredictable numbers for cryptographic purposes |
| API | Application Programming Interface | API allows different software applications to communicate and interact |
| SSL/TLS | Secure Sockets Layer/Transport Layer Security | SSL/TLS encrypts data transmitted between a client and a server |
| UEBA | User and Entity Behavior Analytics | UEBA analyzes patterns of user behavior to detect abnormal activities |
| IPS | Intrusion Prevention System | IPS identifies and blocks potential threats before they reach a network |
| EPP | Endpoint Protection Platform | EPP protects endpoint devices from cybersecurity threats |
| XSS | Cross-Site Scripting | XSS is a type of security vulnerability found in web applications |
| RDP | Remote Desktop Protocol | RDP allows users to remotely access and control a computer over a network |
| SAML | Security Assertion Markup Language | SAML is an XML-based framework for exchanging authentication and authorization data |
| oAuth | Open Authorization | oAuth is an open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords. |
Common InfoSec Questions
What are the 5 components of information security strategic plan?
Governance, Risk management, Compliance, Security architecture, Incident response.
What are the 7 security domains of information security?
Access control, Telecommunications and network security, Information security governance and risk management, Software development security, Cryptography, Security architecture and design, Operations security.
What are the 8 components of information security?
Risk management, Security policy, Access control, Physical security, Compliance, Disaster recovery, Network security, Application security.
What are top 5 key elements of an information security?
Risk management: identifying, assessing, and mitigating risks to information security. Access control: restricting access to information to authorized individuals. Security awareness: educating users about security best practices. Incident response: responding to security incidents to minimize damage. Business continuity: ensuring that essential functions continue during and after a disaster or security breach.
What are the five 5 basic principles of cyber security?
Least privilege: granting users the minimum access necessary to perform their tasks. Defense in depth: implementing multiple layers of security to protect against various threats. Fail-safe defaults: configuring systems to be secure by default. Separation of duties: dividing responsibilities among multiple individuals to prevent misuse. Awareness: educating users about potential threats and best practices.
What are the 3 principles of information security?
Least privilege: granting users the minimum access necessary to perform their tasks. Separation of duties: dividing responsibilities among multiple individuals to prevent misuse. Defense in depth: implementing multiple layers of security to protect against various threats.
What are the 3 key concepts of information security?
Confidentiality: ensuring that data is only accessible to authorized individuals. – Integrity: maintaining the accuracy and consistency of data. – Availability: ensuring that data and services are accessible when needed.
What is an example of information security?
Encrypting sensitive data before transmitting it over the internet.
What are the 4 types of information security?
Network security, Application security, Endpoint security, Data security.
How to start with information security in my organization?
Start by reading online resoucres, subscribing to mailing listing, advising with professional expert, assigning employees with security tasks, bring awareness with presentation, talks and guidelines, be transparent about security issues and goals.
First step of infosec in my organization?
The best it active approach, promote employees to catch issues, bugs, upgrades and introduce security procedure within the organization.
What the best single act of security I can achieve TODAY?
A simple hackhaton within the organization to encourage employees to find bugs/issues in the company and solve or offer solutions. That the most basic, simple, getting things done today effort you can achieve today.
Information Security Threats
There are common security threats facing for any organization, sometime they are very similar and sometime very different from one another. Looking throughout those common security threats can help preforming risk assessment within your organization – so let’s take a look at those risks.
| Common Information Security Threats | Description |
|---|---|
| Malware | Malware is malicious software designed to infiltrate, damage, or disrupt computer systems. It includes viruses, worms, Trojans, ransomware, and spyware, and can steal sensitive information, cause system downtime, or provide unauthorized access to attackers. |
| Phishing | Phishing is a social engineering attack where attackers deceive users into revealing sensitive information or executing malicious actions. This is typically done through fraudulent emails or messages that impersonate legitimate entities. |
| Advanced Persistent Threats (APTs) | APTs are sophisticated, long-term cyberattacks, often state-sponsored, that target specific organizations or governments to steal sensitive information or cause disruption. |
| Zero-day Exploits | Zero-day exploits are attacks that exploit previously unknown vulnerabilities in software or hardware, giving developers no time to create patches or fixes. |
| Insider Threats | Insider threats involve employees, contractors, or partners with legitimate access to an organization’s systems and data who misuse their privileges, either intentionally or unintentionally, to cause harm or compromise security. |
| Password Attacks | Password attacks involve attempts to gain unauthorized access by cracking user passwords through methods such as brute force, dictionary attacks, or keylogging. |
| Man-in-the-Middle (MitM) Attacks | MitM attacks involve attackers intercepting communication between two parties, eavesdropping on, manipulating, or injecting malicious data into the conversation without the parties’ knowledge. |
| Distributed Denial of Service (DDoS) | DDoS attacks are coordinated attacks on a target system or network by overwhelming it with a flood of traffic, rendering it inaccessible to legitimate users. |
| Physical Attacks | Physical attacks involve unauthorized access, theft, or damage to physical assets, such as computer systems, servers, or storage devices, which can lead to data loss or disruption of operations. |
| Natural Disasters | Natural disasters, such as floods, earthquakes, or fires, can cause physical damage to infrastructure, leading to data loss or system downtime. |
Above list is not limited to your organization, and each organization might have a complete different risks that needs to be asses. It’s important to advice by professional and experts with years of experience to receive the best treatment of what risks your organization may hold.