The more intangible costs of a breach include the loss of business from increased customer turnover - called customer churn - and decreases in customer trust.
_ can be defined as the degree of protection against criminal activity, danger, damage, and/or loss.
security
_ refers to all of the processes and policies designed to protect an organization's information and information systems (IS) from unauthorized access, use, disclosure, disruption, modification, or destruction.
Information Security
A _ to an information resource is any danger to which a system may be exposed.
threat
The _ of an information resource is the harm, loss, or damage that can result if a threat compromises that resource.
Exposure
An information resource's _ is the possibility that the system will be harmed by a threat.
Vulnerability
These are the five key factors that are contributing to the increasing vulnerability of organizational information resources, making it much more difficult to secure them:
Decreasing skills necessary to be a computer hacker;
International organized crime taking over cybercrime; and
Lack of management support
A/an _ is any network within your organization.
Trusted Network
A/an _ is any network external to your organization.
Untrusted Network
The reason is that the internet contains information and computer programs called _ that users with few skills can download and use to attack any information system connected to the internet.
scripts
_ refers to illegal activities conducted over computer networks, particularly the internet.
cybercrime
_ are acts performed without malicious intent that nevertheless represent a serious threat to information security.
Unintentional Threats
_ is an attack in which the perpetrator uses social skills to trick or manipulate legitimate employees into providing confidential company information such as passwords.
socialengineering
_ is a technique designed to allow the perpetrator to enter restricted areas that are controlled with locks or card entry. The perpetrator follows closely behind a legitimate employee and, when the employee gains entry, the attacker asks him or her to "hold the door".
tailgating
_ occurs when a perpetrator watches an employee's computer screen over the employee's shoulder. This technique is particularly successful in public areas such as in airports and on commuter trains and airplanes
shoulder surfing
_ occurs when an unauthorized individual attempts to gain illegal access to organizational information.
espionage or trespass
_ occurs when an attacker either threatens to steal or actually steals, information from a company. The perpetrator demands payment for not stealing the information, for returning stolen information, or for agreeing not to disclose the information.
informationextortion
_ are deliberate acts that involve defacing an organization's Web site, potentially damaging the organization's image and causing it customers to lose faith.
Sabotage and Vandalism
One form of theft, known as ), involves rummaging through commercial or residential trash to find discarded information.
dumpster diving
_ is the deliberate assumption of another person's identity, usually to gain access to his or her financial information or to frame him or her for a crime.
identitytheft
_ is the property created by individuals or corporations that is protected under trade secret, patent, and copyright laws.
intellectual property
A _ is an intellectual work, such as a business plan, that is a company secret and is not based on public information.
trade secret
A _ is an official document that grants the holder exclusive rights on an invention or a process for a specified period of time.
patent
_ is a statutory grant that provides the creators or owners of intellectual property with ownership of the property, also for a designated period.
copyright
segment of computer code that performs malicious actions by attaching to another computer program
virus
segment of computer code that performs malicious actions and will replicate, or spread, by itself (without requiring another computer)
worm
_ use deception to acquire sensitive personal information by masquerading as official-looking e-mails or instant messages.
phishing attack
In _, attack the perpetrators find out as much information about an individual as possible to improve their changes that phishing techniques will obtain sensitive, personal information.
spear phishing
An attacker sends so many information requests to a target computer system that the target cannot handle them successfully and typically crashes (ceases to function).
denial-of-service attack
An attacker first takes over many computers, typically by using malicious software, These computers are called zombies or bots. The attacker uses these bots - which for a botnet - to deliver a coordinated stream of information requests to a target computer, causing it to crash.
distributed denial-of-service attack
software programs that hide in other computer programs and reveal their designed behavior only when they are activated.
trojan horse
typically a password, known only to the attacker, that allows him or her to access a computer system at will, without having to go through any security procedures (also called a trap door)
back door
a segment of computer code that is embedded within an organization's existing computer programs and is designed to activate and perform a destructive action at a certain time or date.
logic bomb
_ is a clandestine software that is installed on your computer through duplicitous methods.
alien software
a software that causes pop-up advertisements to appear on your screen
adware
_ is a software that collects personal information about users without their consent
spyware
_, also known as keyloggers, record both your individual keystrokes and your internet web browsing history.
keystrokeloggers
_ is pestware that uses your computer as a launch pad for spammers.
spamware
_ is an unsolicited e-mail, usually advertising for products and services.
spam
_ are small amounts of information that Web sites store on your computer, temporarily or more or less permanently.