🔐 Cybersecurity Glossary
Over 265 professional cybersecurity terms in English & Arabic — your comprehensive reference for the cybersecurity world
265 terms
16 categories
47 frameworks
All
🏛 Governance & Strategy 35
⚖ Risk Management 17
🔑 Identity & Access 14
🌐 Network Security 16
🔒 Data Protection 11
⚡ Threat & Attack 22
🚨 Incident Response 13
☑ Compliance & Audit 12
🔐 Cryptography 11
☁ Cloud Security 9
💻 Application Security 11
§ Privacy & Data Law 12
🛡 Security Operations 17
♻ Business Continuity 9
🇸🇦 Saudi Regulations 14
🛡️ Platform Tools 1
NCA_ECC (122)
SAMA_CSF (76)
PCI_DSS (47)
ISO_27001 (39)
PDPL (34)
NIST_CSF (29)
Array (25)
NCA ECC (20)
SAMA CSF (20)
NCA_CSCC (14)
✕ Clear
14 terms
🛡️ ARIA
ARIA
آريا
AI Regulatory Intelligence Advisor — CISO Consulting's enterprise Virtual CISO (vCISO) module. ARIA provides AI-powered cybersecurity advisory services including policy generation, risk assessment, compliance gap analysis, board reports, and document generation in Word, Excel, PowerPoint, and PDF formats. Specialized in Saudi regulatory frameworks: SAMA CSF, NCA ECC, PDPL, and international standards including ISO 27001, NIST CSF, and PCI DSS.
🏛 Business Email Compromise Prevention
BEC Prevention
منع اختراق البريد الإلكتروني للأعمال
A strategic security approach combining technical controls, user awareness training, and governance policies to prevent sophisticated email fraud attacks targeting organizations. This includes implementing verification procedures for financial transactions, executive impersonation detection, and incident response protocols.
🏛 Domain-based Message Authentication
DMARC
مصادقة الرسائل المستندة إلى النطاق
An email authentication protocol that builds on SPF and DKIM to provide domain owners with protection against unauthorized use of their domain in email attacks. DMARC enables senders to specify how receiving mail servers should handle messages that fail authentication checks and provides reporting mechanisms for monitoring.
🏛 Email Data Loss Prevention
Email DLP
منع فقدان البيانات عبر البريد الإلكتروني
A security strategy and technology that monitors, detects, and blocks sensitive information from being transmitted via email in violation of organizational policies or regulatory requirements. Email DLP helps prevent accidental or intentional data breaches by enforcing content inspection and policy-based controls.
🏛 Email Encryption Policy
سياسة تشفير البريد الإلكتروني
A governance framework that defines requirements and procedures for encrypting email communications to protect sensitive information in transit and at rest. This policy establishes standards for encryption methods, key management, and compliance with data protection regulations such as PDPL.
🏛 Email Gateway Security
EGS
أمن بوابة البريد الإلكتروني
A security solution that filters and monitors incoming and outgoing email traffic to detect and block malicious content, spam, and phishing attempts. It acts as a protective barrier between an organization's email infrastructure and external threats, enforcing security policies and compliance requirements.
🏛 Email Retention Policy
سياسة الاحتفاظ بالبريد الإلكتروني
A governance document that defines how long email messages must be retained, archived, and eventually deleted based on regulatory requirements, legal obligations, and business needs. This policy ensures compliance with data protection laws while managing storage resources effectively.
🏛 Email Security Awareness Training
التدريب على التوعية بأمن البريد الإلكتروني
A structured program designed to educate employees about email-based threats such as phishing, malware, and social engineering attacks. This training is a critical component of security governance, helping organizations build a human firewall and reduce the risk of successful email attacks.
Mean Time to Detect (MTTD)
MTTD
متوسط الوقت للكشف
A key performance indicator that measures the average time it takes for a SOC team to discover a security incident or breach from the moment it occurs. MTTD is critical for assessing the effectiveness of security monitoring capabilities and detection controls, with lower values indicating more mature security operations.
Micro-Segmentation
MS
التجزئة الدقيقة
A Zero Trust security technique that divides networks into small, isolated segments to contain breaches and limit lateral movement. Each segment has its own access controls and security policies, allowing organizations to define granular security perimeters around critical assets and enforce strict traffic inspection between segments.
Privileged Access Management (PAM)
PAM
إدارة الوصول المميز
A subset of IAM that focuses on managing and monitoring accounts with elevated privileges, such as system administrators and database administrators. PAM solutions control, monitor, and secure privileged credentials to prevent unauthorized access to critical systems and sensitive data.
🏛 Security Governance Framework
SGF
إطار حوكمة الأمن السيبراني
A comprehensive structure of policies, procedures, and controls that establishes accountability and oversight for cybersecurity activities across an organization. It defines roles, responsibilities, and decision-making processes to ensure security objectives align with business goals and regulatory requirements.
Security Incident and Event Management (SIEM)
SIEM
إدارة الحوادث والأحداث الأمنية
A comprehensive security solution that provides real-time analysis of security alerts and events generated by network hardware and applications. It collects, aggregates, correlates, and analyzes log data to detect threats, support compliance reporting, and enable rapid incident response.
🏛 Sender Policy Framework
SPF
إطار سياسة المرسل
An email authentication protocol that allows domain owners to specify which mail servers are authorized to send emails on behalf of their domain. SPF helps prevent email spoofing by enabling receiving servers to verify that incoming mail from a domain comes from an authorized IP address.