Exact data match (EDM) is an advanced data loss prevention (DLP) technique that finds specific data values that are important to the organization and need to be protected rather than finding general data patterns or formats only. For example, an organization can detect the exact match of a customer credit card number, rather than detecting only the pattern, to enhance detection accuracy and reduce false positives.
Cloud data loss prevention (DLP) is a category of data security technologies and processes that monitor and inspect data on a corporate network to prevent data exfiltration stemming from cyberattacks such as phishing, ransomware, and malicious insider threats. Deployed from the cloud, cloud DLP can protect sensitive data such as personally identifiable information (PII), credit card numbers, intellectual property, and more, wherever it lives or flows.
Cloud data protection is a set of data storage and security measures designed to protect data residing in, and moving in and out of, a cloud environment. Stored data is known as “data at rest,” and moving data as “data in motion.” Data protection refers to data being copied, rather than straightforwardly “secured”—it’s meant to ensure sensitive data is still intact after a loss or corruption event, whereas data security keeps it safe from unauthorized access or distribution in the first place.
Smishing is a type of social engineering attack carried out through fraudulent text messages. Like other types of phishing attacks, smishing scams prey on human trust or fear to create a sense of urgency, aiming to deceive victims into divulging sensitive information (e.g., login credentials, credit card numbers). Smishing is a common tactic used in identity theft.
Threat hunting is a proactive approach to finding potential threats and cybersecurity vulnerabilities in an organization's network and systems, combining human security analysts, threat intelligence, and advanced technologies that analyze behavior, spot anomalies, and identify indicators of compromise (IOCs) to detect what traditional security tools may miss. Threat hunters strive to detect and neutralize threats early to minimize their potential impact.
The SEC’s new rules for cybersecurity disclosures are reporting requirements that apply to public companies. Announced on July 26, 2023, these final rules mandate the transparent and timely disclosure of material cybersecurity incidents and information related to cybersecurity risk management, strategy, and governance.
Data security posture management (DSPM) is a category of solutions designed to help protect an organization’s data—both local and in the cloud—against unauthorized access, misuse, or theft by continuously monitoring, updating, and refining security measures. DSPM solutions use intelligent automation to identify potential vulnerabilities, enact safeguards, and perform regular system tests and audits.
Data security is a term for all the security solutions that help organizations protect their sensitive data from security risks such as data breaches, phishing, ransomware attacks, and insider threats. Data security solutions also draw on compliance frameworks such as HIPAA and GDPR to support data privacy and simplify audits.
Workload protection is the aggregate of cloud security controls and protocols that secure workload communications between environments. Interrelated to cloud workload security, workload protection mitigates vulnerabilities caused by inherent security risks such as misconfigurations. It’s also a key element of cloud security posture management (CSPM).
Malware is malicious software designed to invade a computer system and take hostile action—such as stealing or encrypting sensitive information, taking over system functions, or spreading to other devices—most often for profit. There are many types of malware, including ransomware, spyware, adware, trojan horses, and more, helping make it one of the most common kinds of cyberattacks. Malware will often implant itself via an email attachment or as a fake advertisement on a web browser.
SSL decryption is the process of unscrambling encrypted traffic to check it for cyberthreats as part of a full SSL inspection procedure. It’s a vital network security capability for modern organizations since the overwhelming majority of web traffic is now encrypted, and some cybersecurity analysts estimate more than 90% of malware may now hide in encrypted channels.
A shared responsibility model is a cloud security and risk framework that delineates which cybersecurity processes and responsibilities lie with a cloud service provider (CSP) and which lie with the customer. With more IT architectures moving to the cloud, a shared responsibility model promotes tighter security and establishes accountability as it relates to the security of the cloud.