Data AnonymizationRemoving personal information from data so that it can’t be traced to a person.
Backup & RestoreBuilding resilient backups of data with the ability to restore it to operational use.
Data ControlInternal controls that implement data management and governance.
Data MaskingDigitally redacting sensitive data.
Data PurgingPermanently deleting data such that it can’t be restored.
Data RoomThe secure place where data physically resides.
Data WipeSecurely erasing data to prevent future access.
Identity and Access ManagementManaging user identities and permissions.
EncryptionCryptographically securing data from unauthorized use.
Data PrivacyProtecting the rights of individuals regarding personally identifiable data.
Data ConfidentialityIdentifying and enforcing a set of rules for who has permission to access data that is private or secret.
Security TestingVulnerability scanning, penetration testing and other security tests.
Threat IntelligenceMonitoring and analyzing the current threat environment.
Vulnerability ManagementMonitoring and analyzing current vulnerabilities.
Patch ManagementKeep systems and infrastructure up-to-date to fix vulnerabilities.
Incident ResponseResolving security incidents.
Data Risk ManagementIdentifying and treating data risks.
Security ArchitectureThe structural design of systems and data repositories for security.
Business ContinuityPlanning to secure and access data in the event of a major disruption.
Data Loss PreventionDetecting and preventing potential data breaches and violations of data security policy.
Data GovernanceOversight of data management and compliance across an organization.
Security by DesignSecurity built into the architecture and design of systems, processes and applications.
Defense in DepthMany layers of security that assume nothing about the other layers.
Security OperationsThe day-to-day process of monitoring and managing security.
Security AuditsFormal, systematic and in-depth reviews of security.
Security Awareness TrainingCreating a culture of awareness around security issues and threats.
Security PostureA broad and general term for a firm’s overall security strength and readiness.
Security Configuration ManagementManaging the configuration of technologies for security.
Zero TrustAlways using authentication and authorization without assumptions.
Principle of Least PrivilegeGranting users the permissions and access that they need and nothing more.
Data IntegrityVersion control, data validation and other processes that ensure data is accurate.
Data AvailabilityData security fails if it doesn’t make data available where it adds business value.
Audit TrailCapturing information that allows data access to be reconstructed in future.
Security ForensicsReconstructing what happened after a security incident.