HOME
*



picture info

CIA Triad
Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorized/inappropriate access to data, or the unlawful use, disclosure, disruption, deletion, corruption, modification, inspection, recording, or devaluation of information. It also involves actions intended to reduce the adverse impacts of such incidents. Protected information may take any form, e.g. electronic or physical, tangible (e.g. paperwork) or intangible (e.g. knowledge). Information security's primary focus is the balanced protection of the confidentiality, integrity, and availability of data (also known as the CIA triad) while maintaining a focus on efficient policy implementation, all without hampering organization productivity. This is largely achieved through a structured risk management process that involves: * identifying inform ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  




Information
Information is an abstract concept that refers to that which has the power to inform. At the most fundamental level information pertains to the interpretation of that which may be sensed. Any natural process that is not completely random, and any observable pattern in any medium can be said to convey some amount of information. Whereas digital signals and other data use discrete signs to convey information, other phenomena and artifacts such as analog signals, poems, pictures, music or other sounds, and currents convey information in a more continuous form. Information is not knowledge itself, but the meaning that may be derived from a representation through interpretation. Information is often processed iteratively: Data available at one step are processed into information to be interpreted and processed at the next step. For example, in written text each symbol or letter conveys information relevant to the word it is part of, each word conveys information rele ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Antivirus Software
Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. However, with the proliferation of other malware, antivirus software started to protect from other computer threats. In particular, modern antivirus software can protect users from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious LSPs, dialers, fraud tools, adware, and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity (privacy), online banking attacks, social engineering techniques, advanced persistent threat (APT), and botnet DDoS attacks. History 1949–1980 period (pre-antivirus days) Although the roots of the computer ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Infrastructure
Infrastructure is the set of facilities and systems that serve a country, city, or other area, and encompasses the services and facilities necessary for its economy, households and firms to function. Infrastructure is composed of public and private physical structures such as roads, railways, bridges, tunnels, water supply, sewerage, sewers, electrical grids, and telecommunications (including Internet access, Internet connectivity and Broadband, broadband access). In general, infrastructure has been defined as "the physical components of interrelated systems providing Commodity, commodities and services essential to enable, sustain, or enhance societal quality of life, living conditions" and maintain the surrounding environment. Especially in light of the massive societal transformations needed to Climate change mitigation, mitigate and Climate change adaptation, adapt to climate change, contemporary infrastructure conversations frequently focus on sustainable development and gre ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Technology
Technology is the application of knowledge to reach practical goals in a specifiable and reproducible way. The word ''technology'' may also mean the product of such an endeavor. The use of technology is widely prevalent in medicine, science, industry, communication, transportation, and daily life. Technologies include physical objects like utensils or machines and intangible tools such as software. Many technological advancements have led to societal changes. The earliest known technology is the stone tool, used in the prehistoric era, followed by fire use, which contributed to the growth of the human brain and the development of language in the Ice Age. The invention of the wheel in the Bronze Age enabled wider travel and the creation of more complex machines. Recent technological developments, including the printing press, the telephone, and the Internet have lowered communication barriers and ushered in the knowledge economy. While technology contributes to econom ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Central Processing Unit
A central processing unit (CPU), also called a central processor, main processor or just processor, is the electronic circuitry that executes instructions comprising a computer program. The CPU performs basic arithmetic, logic, controlling, and input/output (I/O) operations specified by the instructions in the program. This contrasts with external components such as main memory and I/O circuitry, and specialized processors such as graphics processing units (GPUs). The form, design, and implementation of CPUs have changed over time, but their fundamental operation remains almost unchanged. Principal components of a CPU include the arithmetic–logic unit (ALU) that performs arithmetic and logic operations, processor registers that supply operands to the ALU and store the results of ALU operations, and a control unit that orchestrates the fetching (from memory), decoding and execution (of instructions) by directing the coordinated operations of the ALU, registers and other co ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Computer
A computer is a machine that can be programmed to Execution (computing), carry out sequences of arithmetic or logical operations (computation) automatically. Modern digital electronic computers can perform generic sets of operations known as Computer program, programs. These programs enable computers to perform a wide range of tasks. A computer system is a nominally complete computer that includes the Computer hardware, hardware, operating system (main software), and peripheral equipment needed and used for full operation. This term may also refer to a group of computers that are linked and function together, such as a computer network or computer cluster. A broad range of Programmable logic controller, industrial and Consumer electronics, consumer products use computers as control systems. Simple special-purpose devices like microwave ovens and remote controls are included, as are factory devices like industrial robots and computer-aided design, as well as general-purpose devi ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


ISACA
ISACA is an international professional association focused on IT (information technology) governance. On its IRS filings, it is known as the Information Systems Audit and Control Association, although ISACA now goes by its acronym only.
ISACA currently offers 8 certification program as well as other micro-certificates.


History

ISACA originated in United States in 1967, when a group of individuals working on auditing controls in computer systems started to become increasingly critical of the operations of their organizations. They identified a need for a centralized source of information and guidance in the field. In 1969, Stuart Tyrnauer, an employee of the (later)
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Committee On National Security Systems
The Committee on National Security Systems (CNSS) is a United States intergovernmental organization that sets policy for the security of the US security systems. Charter, mission, and leadership The National Security Telecommunications and Information Systems Security Committee (NSTISSC) was established under National Security Directive 42, "National Policy for the Security of National Security Telecommunications and Information Systems", dated 5 July 1990. On October 16, 2001, President George W. Bush signed Executive Order 13231, the Critical Infrastructure Protection in the Information Age, re-designating the National Security Telecommunications and Information Systems Security Committee (NSTISSC) as the Committee on National Security Systems. The CNSS holds discussions of policy issues, sets national policy, directions, operational procedures, and guidance for the information systems operated by the U.S. Government, its contractors or agents that either contain classified inf ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  




Continual Improvement Process
A continual improvement process, also often called a continuous improvement process (abbreviated as CIP or CI), is an ongoing effort to improve products, services, or processes. These efforts can seek "incremental" improvement over time or "breakthrough" improvement all at once. Delivery (customer valued) processes are constantly evaluated and improved in the light of their efficiency, effectiveness and flexibility. Some see CIPs as a meta-process for most management systems (such as business process management, quality management, project management, and program management). W. Edwards Deming, a pioneer of the field, saw it as part of the 'system' whereby feedback from the process and customer were evaluated against organisational goals. The fact that it can be called a management process does not mean that it needs to be executed by 'management'; but rather merely that it makes decisions about the implementation of the delivery process and the design of the delivery process itsel ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Standardization
Standardization or standardisation is the process of implementing and developing technical standards based on the consensus of different parties that include firms, users, interest groups, standards organizations and governments. Standardization can help maximize compatibility, interoperability, safety, repeatability, or quality. It can also facilitate a normalization of formerly custom processes. In social sciences, including economics, the idea of ''standardization'' is close to the solution for a coordination problem, a situation in which all parties can realize mutual gains, but only by making mutually consistent decisions. History Early examples Standard weights and measures were developed by the Indus Valley civilization.Iwata, Shigeo (2008), "Weights and Measures in the Indus Valley", ''Encyclopaedia of the History of Science, Technology, and Medicine in Non-Western Cultures (2nd edition)'' edited by Helaine Selin, pp. 2254–2255, Springer, . The centralized we ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Security Awareness
Security awareness is the knowledge and attitude members of an organization possess regarding the protection of the physical, and especially informational, assets of that organization. Many organizations require formal security awareness training for all workers when they join the organization and periodically thereafter, usually annually. Coverage Topics covered in security awareness training include: *The nature of sensitive material and physical assets they may come in contact with, such as trade secrets, privacy concerns and government classified information *Employee and contractor responsibilities in handling sensitive information, including review of employee nondisclosure agreements *Requirements for proper handling of sensitive material in physical form, including marking, transmission, storage and destruction *Proper methods for protecting sensitive information on computer systems, including password policy and use of two-factor authentication *Other computer security ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]