Digital supply chain management
Managing the flow of goods and services through digital technologies
Id management
the process of managing and controlling the digital identities of individuals or entities accessing information systems, applications, or other resources
Authentication
the process of verifying the identity of a user or process
Authorization
what assets you are approved to access
Identity and Access management (IAM)
a specialty discipline within cybersecurity designed to ensure only the right people can access the appropriate data and resources
Access management
the practices and tools that monitor and manage network access
Identity governance
the act of using IT software and systems to manage user access and compliance
Identity provisioning
manages user accounts and ensures users have access to the right resources and are using them appropriately
Deprovisioning
the act of removing user access to applications, systems, and data within a network
Authorization management
the process of controlling access to assets / resources
MFA
Multi-Factor Authentication
Single Sign on
is an authentication method that enables users to authenticate with multiple applications and websites by using 1 set of credentials
Single Log off
the process of ending all sessions that SSO authenticated
Incident
an event that negatively affects IT systems and impacts on the business
Event
Any observable occurrence in the IT infrastructure
Disaster
a catastrophic event that will have great negative effect on IT systems and impact on the business
IRP preparation
This phase will be the workhorse of your incident response planning, and in the end, the most crucial phase to protect your business.
IRP identification
This is the process where you determine whether you’ve been breached. A breach, or incident, could originate from many different areas
IRP containment
Contain the breach so it doesn’t spread and cause further damage to your business
IRP eradication
Fixing the problem
IRP recovery
the process of restoring and returning affected systems and devices back into your business environment
IRP Lessons learned
A post-incident meeting with all stakeholders where you discuss everything that happened
Computer security incident response team
s a group of IT professionals that provides an organization with
services and support surrounding the assessment, management
and
prevention of cybersecurity-related emergencies, as well as
coordination of incident response efforts
Incident response plan
The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of malicious cyber attacks against an organization's information systems
Disaster recovery plan
a formal document created by an organization that contains detailed instructions on how to respond to unplanned incidents & business disruptions to ensure critical IT support systems are resumed quickly with minimal loss of data
RTO
recovery time objective
RPO
recovery point objective
MTBF
Mean time between failure
MTTR
mean time to repair
Auditing
verification activity of a process or system to ensure compliance to requirements
Data auditing
the assessment of data for quality throughout its lifecycle to ensure its accuracy and efficacy for specific usage
System auditing
the process in which an organization’s information systems and processes are tested to validate effectiveness, efficiency, and security
Access Auditing
discussing who has access to data
paper test
Team reads through the DRP and discusses validity
walkthrough
Group walks through a simulation DRP to identify any issues or needed modifications
simulation
Run a simulation disaster
parallel test
Recovery systems are tested while primary systems continue to run full workload
cutover
Primary systems are cut over to recovery systems
Centralized
an internal body that handles incident response for the entire organization
distributed
multiple incident response teams, with each one responsible for a physical location (e.g. branch office)
coordinated
a central incident response team that works together with distributed incident response teams
external audits
Audits you hire an auditing business to do an audit for you.
Internal audits
Audits that are done by employees for that business
SANS
1) preparation
2) identification
3) containment
4) eradication
5) recovery
6) Lessons learned
NIST
1) preparation
2) identification
3) containment, eradication, recovery
4) Lessons learned