R

Ransomware

Malware that encrypts victim files and demands payment for decryption keys. Ransomware attacks disrupt operations, threaten data loss, and increasingly include data theft with extortion threats to publish stolen information publicly.

Recovery

Activities restoring essential services after incidents, progressing from immediate operational restoration to full capability recovery. Recovery includes data restoration, system rebuilding, and implementing controls to prevent recurrence of similar incidents.

Red team

Security professionals authorized to simulate adversary tactics against an organization's defenses. Red teams test detection capabilities, response procedures, and security controls by conducting realistic attacks under controlled conditions.

Red team exercise

Simulated attacks replicating real-world conditions to test an organization's security posture. Red team exercises identify gaps in detection, response capabilities, and defensive controls through adversarial emulation.

Redundancy

Duplicate systems, processes, or components maintaining functionality when primary resources fail. Redundancy prevents single points of failure, ensuring business continuity during hardware failures, cyber attacks, or natural disasters.

Resilience

The capability to withstand disruptions, adapt to changing conditions, and rapidly recover operations after incidents. Resilient organizations maintain essential functions during attacks while implementing improvements to strengthen future defenses.

Response

Immediate actions addressing security incidents, including containment, investigation, and short-term recovery activities. Response encompasses automated system reactions and manual analyst interventions to minimize damage and restore normal operations.

Risk

The potential for adverse outcomes when threats exploit vulnerabilities, measured by likelihood and impact. Risk assessment guides security investment decisions by quantifying potential losses and prioritizing mitigation efforts.

Risk analysis

Systematic examination of threat scenarios, vulnerabilities, and potential consequences to understand security exposure. Risk analysis evaluates how policy changes, configuration modifications, or new technologies affect overall security posture.

Risk assessment

The process of identifying, evaluating, and prioritizing risks to inform security decisions and resource allocation. Assessment determines vulnerability severity, exploitation likelihood, and potential business impact to guide mitigation strategies.

Risk-based data management

Structured approach applying security controls proportional to data sensitivity and value. Risk-based management balances protection costs against potential losses, ensuring critical information receives appropriate safeguards while avoiding unnecessary restrictions.

Risk management

The continuous process of identifying, analyzing, mitigating, and monitoring risks throughout their lifecycle. Risk management includes conducting assessments, implementing controls, tracking effectiveness, and documenting decisions for compliance and accountability.

Rootkit

Malicious software with system-level privileges designed to hide its presence and maintain persistent access. Rootkits conceal malware, intercept system calls, and subvert security tools, requiring specialized detection methods to identify.

Rule

A defined policy statement specifying allowed or prohibited actions, communications, or system states. Rules automate security policy enforcement through firewall configurations, access controls, and application behavior restrictions.

Top

Cybersecurity Terms & Definitions

R

Cybersecurity
Terms & Definitions