I
Inadvertent Disclosure
Accidental spillage of information to unauthorized persons. This could be classified information, sensitive data, company or trade secrets, research, or correspondence between individuals.
Incremental Backups
this type of backup only captures the files that have been altered since the last full backup. A full backup captures the entire system structure. An incremental backup is useful if an organization needs to save time and storage space, but also needs to keep their backups up to date. With this type of backup there is a slower recovery rate and a risk of data loss.
Information Assurance (IA)
a term first used by the government to describe the practice of enforcing technical and managerial measures to ensure the confidentiality, integrity, and availability of data. With the switch to the Risk Management Framework in the government sector, the term IA has given way to the term cybersecurity.
Information Flow Control
mechanisms put in place to ensure policies related to how data is shared and transferred are adhered to. The point of information flow control is to ensure data transfers are safe and secure and avoid the potential threat of data spillage or exfiltration.
Information Security
processes and policies used to prevent unauthorized disclosure or destruction of information.
Information Security Policy
the directives, policies, procedures, and practices put in place by an organization to protect their information from unauthorized disclosure.
Information System Resilience
the ability of a system to continue functioning even after or during a cyber attack. It also measures the ability of a system to bounce back to its original state of functioning after being degraded or weakened from an attack. Systems that not only implement good cyber hygiene practices, enforce stringent network security but also perform consistent backups, will be able to regain full operational functionality and recover faster from an attack.
Information Systems Security (INFOSEC)
the processes and methodologies used in protecting data, and data systems from unauthorized access or attempts. INFOSEC is used to ensure the confidentiality, integrity and availability of an information system.
Inside Threat
the potential threat associated with the employees, former employees or vendors of an organization who have access to the company’s sensitive data. If their loyalties shifted or they become disgruntled, they have bypassed all of the external controls to protect data from unauthorized disclosure, meaning they have the potential to cause more damage due to them knowing the organization’s security practices.
Integrity
the security principle or technique that ensures data has not been changed or altered in anyway whether intentional or unintentional.
Intellectual Property (IP)
Proprietary, intangible assets, normally considered sensitive. Also, the useful artistic, technical or industrial information, concepts, ideas or knowledge that clearly show that they’re owned by someone who has control over them, either in physical form or in representation.
Internal Security Testing
a type of testing is conducted from inside an organization, to examine the resilience and strength of a company’s security perimeter and defenses.
Internet Worm
Created by researchers in the 1980s to find a reliable way of growing the Internet through self-replicating programs that can distribute themselves automatically through the network. An Internet worm distributes itself across the web by using the computers’ Internet connection to reproduce.
Intrusion Detection Systems (IDS)
A security management system set up to actively protect computer and networks. It works by analyzing information from various areas of a computer/network o spot potential security breaches. These breaches can be either caused by intrusions (external attacks) and misuse (insider attacks).