Word of the Day: infosec

Word of the Day Daily updates on the latest technology terms |May 16, 2017

infosec Infosec (information security) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Infosec responsibilities include establishing a set of business processes that will protect information assets regardless of how the information is formatted or whether it is in transit, is being processed or is at rest in storage. Many large enterprises employ a dedicated security team to implement and maintain the organization's infosec program. Typically, the team is led by a chief information security officer (CISO), who is the person responsible for ensuring that all departments within the organization work together to protect IT assets, including data. The CISO may also be responsible for updating or replacing legacy systems and software programs that pose security risks.   Frameworks for infosec management are built around the core objectives of the CIA triad: maintaining the confidentiality, integrity and availability of IT systems and business data. These objectives ensure that sensitive information is only disclosed to authorized parties (confidentiality), prevent unauthorized modification of data (integrity) and guarantee the data can be accessed by authorized parties when requested (availability).   Popular frameworks and standards for infosec management include: ISO 27000 series - a risk-based framework for managing cybersecurity.   HIPAA Security Rule - national standards for securing patient data in the United States.   Payment Card Industry Data Security Standard - national standards for protecting credit card data in the United States.   NIST Federal Information Security Act - a framework for protecting government information, operations and assets in the United States against natural or man-made threats. Quote of the Day "[Trump's executive order] is not a plan to fix the federal government's cybersecurity challenges. Instead, it's a directive to each agency to implement the NIST framework to assess the agency's cyber risks and create plans to mitigate them." - Leo Taddeo   Trending Terms risk management information assets confidentiality, integrity and availability defense in depth ISO 27001 Federal Information Security Information Act   Learning Center Trump cyber executive order focuses on cyber-risk management The directive forces agency and department heads to demonstrate the degree to which they have strategically viewed cybersecurity risk. Six keys to creating strong data-security measures The need for effective data-security measures is more critical than ever before. Here's why, as well as six information-protection best practices. Tabletop cybersecurity exercises essential to infosec training As companies stare down seemingly endless sources of data threats, tabletop cybersecurity exercises are a great way to kick start infosec training efforts. How infosec professionals can improve their careers through writing Infosec professionals should look to raise their profiles and reputations. Expert Joshua Wright explains how infosec careers can benefit from writing. Mobile endpoint security: What enterprise infosec pros must know now Achieving mobile endpoint security can be tough. This essential guide walks security pros through its many aspects. Writing for Business The security of clients' personal information is of _______ importance. a. upmost b. utmost Answer       Stay In Touch For feedback about any of our definitions or to suggest a new definition, please contact me at: mrouse@techtarget.com   Visit the Word of the Day Archives and catch up on what you've missed!   FOLLOW US About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2016 TechTarget. All rights reserved.