Third-party risk management (TPRM) is the process of analyzing and minimizing risks associated with outsourcing to third-party vendors or service providers. This is commonly known as third-party risk or vendor risk and can include financial, environmental, reputational, and security risks due to a vendor's access to intellectual property, sensitive data, personally identifiable information (PII), and protected health information (PHI).

An insider threat is a threat to an organization that comes from negligent or malicious insiders, such as employees, former employees, contractors, third-party vendors, or business partners, who have inside information about cybersecurity practices, sensitive data, and computer systems.

You're probably familiar with the defense-in-depth or castle and moat approach to cybersecurity. It remains a common model that organizations use to think through their information security. However, as organizations have matured they have sought out new models to enable them to better understand how cyber attackers operate and how best to defend against them.

The Server Message Block Protocol (SMB Protocol) is a client-server communication protocol used for sharing access to files, printers, serial ports, and data on a network. It can also carry transaction protocols for authenticated inter-process communication. In short, the SMB protocol is a way for computers to talk to each other. SMB works through a client-server approach, where a client makes specific requests and the server responds accordingly. This is known as a response-request protocol.

Data is rapidly becoming one of the most valuable assets in the modern world. The digital giants that monopolize data are arguably the most powerful companies in the world, prompting ongoing conversations about anti-trust legislation and digital privacy. Despite the overwhelming value controlled by these entities, as we'll see, even companies such as Facebook are vulnerable to the byproduct of the rapid move to digitization – the data breach epidemic.

The main difference between a security information and event management (SIEM) solution and an intrusion detection system (IDS) is that SIEM tools allow users to take preventive actions against cyberattacks while IDS only detects and reports events. Security information and event management (SIEM) is an approach to cybersecurity combining: Note: the acronym SIEM is pronounced "sim" with a silent e.

A brute force attack is a popular cracking method that involves guessing usernames and passwords to gain unauthorized access to a system or sensitive data. While a relatively simple, brute force methods continue to have a high success rate and account for over 80% of attacks on web applications.

The main difference between intrusion detection systems (IDS) and intrusion prevention systems (IPS) is that IDS are monitoring systems and IPS are control systems. IDS won't alter network traffic while IPS prevents packets from delivering based on the contents of the packet, similar to how a firewall prevents traffic by IP address.

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) was signed into law as part of the American Recovery and Reinvestment Act (ARRA) in 2009. The HITECH Act encourages the meaningful use of electronic health records (EHRs) by healthcare providers and their business associates.

Vulnerability assessment is the process of identifying, classifying, and prioritizing security vulnerabilities in IT infrastructure. A comprehensive vulnerability assessment evaluates whether an IT system is exposed to known vulnerabilities, assigns severity levels to identified vulnerabilities, and recommends remediation or mitigation steps where required.