third Cyber Security Assessment Netherlands - NCSC
third Cyber Security Assessment Netherlands - NCSC
third Cyber Security Assessment Netherlands - NCSC
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Patch<br />
Phishing<br />
PKI<br />
Relevance<br />
Remote access<br />
Resilience<br />
Rootkit<br />
RFID<br />
SCADA<br />
Securing<br />
<strong>Security</strong> incident<br />
Sensitive information<br />
SSL certificate<br />
Skimming<br />
Social engineering<br />
SOHO<br />
Spear phishing<br />
A patch (literally a ‘plaster’) may comprise repair software or contain changes that are directly<br />
implemented in a program with the purpose of repairing or improving it.<br />
An umbrella term for digital activities with the object of tricking people into giving up their personal<br />
data. This personal data can be used for criminal activities such as credit card fraud and identity theft.<br />
Spear phishing is a variation that targets an individual or a limited group of individuals in an organisation,<br />
for example, who are selected specifically for their access rights so as to have the biggest possible effect<br />
without being noticed.<br />
A Public Key Infrastructure (PKI) is a collection of organisational and technical resources used to reliably<br />
process a number of operations, such as encrypting and signing information and establishing the identity<br />
of another party.<br />
Indicates the connection between the various threats, threat groups and targets. To determine various<br />
threat levels in CSAN analyses, ‘low’, ‘medium’ and ‘high’ criteria are applied to incidents and threats.<br />
Data processing remotely through a communication connection.<br />
The capacity of individuals, organisations or society to resist negative impacts on the availability and/or<br />
integrity or (information)systems and digital information.<br />
A piece of software that grants an attacker more rights on a computer system and hides its presence from<br />
the operating system.<br />
Radio frequency identification devices (RFID) are small chips that are able to remotely use radio wave<br />
identification to save and/or read out information. RFID tags may be placed on or in objects or living<br />
creatures (cat or dog chips).<br />
See ICS/SCADA.<br />
Protecting against violence, threats, danger or damage by putting measures in place.<br />
A security incident (or information security incident) is one or a series of unwanted or unexpected<br />
incidents that are significantly likely to cause a disaster, compromise business processes, and pose<br />
a threat to security.<br />
Information about critical (vital) infrastructure that could be used, if disclosed, to make plans and commit<br />
offences with the object of disrupting or destroying critical infrastructure systems.<br />
A Secure Socket Layer (SSL) certificate is a file that serves to digitally identify an individual or system.<br />
It also contains PKI keys to encrypt data during transport. A known application of SSL certificates are<br />
HTTPS-secured websites.<br />
The illegitimate copying of data from an electronic payment card such as a cashpoint card or a credit<br />
card. Skimming often involves the theft of pin codes with the final objective of making payments or to<br />
draw money from the victim’s account.<br />
An attack technique that exploits human characteristics such as curiosity, trust and greed with the<br />
objective of obtaining confidential information or to induce the victim to perform a particular action.<br />
Small Office/Home Office (SOHO) refers to use in home systems and small business offices.<br />
See phishing.<br />
109