Risks introduced through vulnerabilities in the information and communications technology supply chain, from hardware manufacturers to software vendors. Supply chain attacks compromise trusted products before deployment, affecting multiple organizations simultaneously.

Systems and processes that control user identities, authentication methods, and authorization levels across an organization's IT resources. IAM ensures only verified users access appropriate systems while maintaining audit trails.

The oversight of digital identities and their associated permissions within an IT environment. Identity management authenticates users, assigns access rights, and revokes privileges when roles change or employment ends.

An event that violates or threatens to violate security policies, potentially compromising information confidentiality, integrity, or availability. Incidents range from malware infections to unauthorized access attempts requiring formal response procedures.

The coordinated activities for detecting, analyzing, containing, and recovering from security incidents. Effective incident management minimizes damage, reduces recovery time, and documents lessons learned for improving future responses.

The process of restoring normal operations and repairing systems following a security incident. Recovery includes removing attacker access, rebuilding compromised systems, validating data integrity, and implementing controls to prevent recurrence.

Immediate actions taken to detect, analyze, contain, and remediate security incidents. IR teams investigate alerts, isolate affected systems, collect forensic evidence, and coordinate communications during active incidents.

Documented procedures defining roles, communication channels, and actions required during security incidents. IR plans establish decision-making authority, escalation paths, and recovery priorities before incidents occur.

Observable evidence suggesting a security incident may have occurred or is in progress. Indicators include unusual network traffic patterns, unexpected system behavior, or alerts from security tools.

Specialized computing systems controlling manufacturing processes, critical infrastructure, and physical operations. ICS security requires protecting operational technology from cyber threats while maintaining safety and production requirements.

The hardware, software, networks, and services used to process, transmit, receive, and store data. ICT encompasses everything from endpoints and servers to telecommunications infrastructure and cloud platforms.

The practice of protecting information and systems by ensuring availability, integrity, authentication, confidentiality, and non-repudiation. Information assurance combines technical controls, policies, and risk management to maintain trusted operations.

Formal rules and procedures governing how an organization protects, manages, and distributes information assets. Security policies establish acceptable use standards, access controls, and consequences for violations.

The exchange of threat intelligence, incident data, and security best practices between organizations or agencies. Information sharing improves collective defense by alerting others to emerging threats and attack techniques.

The capability to maintain essential operations under attack or adverse conditions and recover quickly afterward. Resilient systems continue functioning in degraded modes while restoring full capabilities.

The systems, infrastructure, and processes used to create, store, process, and transmit digital data. IT encompasses computers, networks, software, and support services enabling business operations.

Cloud computing model where providers rent virtualized computing resources including servers, storage, and networking on demand. IaaS eliminates physical infrastructure management while requiring customers to secure operating systems and applications.

Managing IT infrastructure through machine-readable configuration files rather than manual processes. IaC enables version control, automated deployments, and consistent environments across development, testing, and production.

Security risks posed by employees, contractors, or partners with authorized access who intentionally or accidentally compromise systems or data. Insider threats bypass perimeter defenses and require behavioral monitoring to detect.

Enterprise-wide approach coordinating risk assessment, analysis, and mitigation strategies across departments and systems. Integrated risk management provides unified visibility into threats, enabling informed resource allocation and prioritized responses.

Assurance that data and systems remain unaltered except through authorized actions. Integrity controls detect tampering, corruption, or unauthorized modifications, maintaining trust in information accuracy.

The ability of different systems, applications, or components to exchange and use information effectively. Interoperability enables integrated security tools to share threat data and coordinate automated responses.

Unauthorized access to networks or systems that bypasses security controls. Intrusions may result from exploited vulnerabilities, stolen credentials, or social engineering, requiring incident response procedures.

The monitoring and analysis of network traffic and system activity to identify security breaches or policy violations. Detection systems alert security teams to suspicious patterns requiring investigation.

Software or hardware that monitors networks and systems for malicious activity, generating alerts when suspicious behavior matches known attack signatures or anomaly patterns. IDS provides visibility but requires human analysis.

An active security control that detects and automatically blocks malicious traffic or activity in real-time. IPS extends IDS capabilities by taking defensive actions without human intervention.

International standard defining requirements for establishing, implementing, and maintaining information security management systems. ISO 27001 certification demonstrates an organization's commitment to systematic security controls and continuous improvement.

The complete technology landscape including hardware, software, networks, cloud services, and endpoints used to support business operations. Understanding your IT environment is fundamental to identifying security gaps.

The foundational technology components supporting IT services, including servers, storage, networks, and data centers. Infrastructure security protects the underlying platforms that applications and services depend on.

A framework of best practices for IT service management aligning technology services with business needs. ITIL processes include incident management, change control, and service desk operations.

The activities organizations perform to design, deliver, manage, and improve IT services. ITSM frameworks standardize incident handling, service requests, problem resolution, and change management.