🔐 Cybersecurity Glossary

The documented chronological history of the handling and transfer of digital evidence.

Automated tools that continuously monitor cloud infrastructure for gaps in security policy enforcement.

A security solution focused on protecting workloads across cloud, on-premises, and hybrid environments.

A systematic examination of source code to find and fix mistakes overlooked in initial development.

The Saudi regulatory body overseeing the ICT sector including telecommunications security requirements.

An alternative security measure employed when the primary control cannot be implemented.

A freely given, specific, informed, and unambiguous indication of the data subject's agreement to the processing of their personal data.

The practice of securing containerized applications and their infrastructure from development through production.

The phase of incident response focused on limiting the scope and damage of a security incident.

A Zero Trust security mechanism that continuously validates user identity and device trustworthiness throughout a session, rather than only at initial login. It monitors behavioral patterns, device posture, location, and contextual factors in real-time to detect anomalies and dynamically adjust access privileges or terminate sessions when risk levels change.

An automated approach to maintaining compliance with regulations and standards through continuous monitoring and assessment.

A statement of the desired result or purpose to be achieved by implementing a security control.

An action taken to eliminate the cause of a detected nonconformity to prevent recurrence.

An automated attack that uses stolen username/password pairs from data breaches to attempt logins on other services.

The overall coordination of an organization's response to a crisis that threatens the organization or its stakeholders.

Systems and assets vital to Saudi Arabia's national security, economy, or public health that require enhanced cybersecurity protection.

The transfer of personal data from one country to another, subject to legal restrictions and adequacy requirements.

The regulatory requirements under PDPL for transferring personal data outside Saudi Arabia, requiring data controllers to ensure adequate protection levels in the receiving country, obtain necessary approvals, implement appropriate safeguards such as standard contractual clauses, and maintain accountability for data protection throughout the transfer process.

A web security vulnerability that allows attackers to inject client-side scripts into web pages viewed by other users.

The unauthorized use of someone else's computing resources to mine cryptocurrency.

The mandatory process of reporting cybersecurity incidents to relevant regulatory authorities, affected parties, and stakeholders within specified timeframes, including details about the nature, scope, and impact of the incident as required by applicable regulations.

The mandatory or voluntary process of notifying relevant authorities, stakeholders, and affected parties about cybersecurity incidents within specified timeframes. In Saudi Arabia, this includes reporting to NCA for critical infrastructure and SAMA for financial institutions.

Insurance products designed to help organizations mitigate financial losses from cybersecurity incidents and data breaches.

An organization's ability to continuously deliver intended outcomes despite adverse cyber events, as required by NCA.

A technology platform that aggregates, correlates, and analyzes threat data from multiple sources to provide actionable intelligence.

An NCA ECC control domain requiring organizations to maintain a comprehensive inventory of all information assets, including hardware, software, data, and network components, with proper classification, ownership assignment, and lifecycle management to ensure adequate protection measures.

The second domain of the NCA ECC framework that encompasses technical and operational controls for protecting information systems, networks, and data, including access control, network security, encryption, vulnerability management, and security monitoring capabilities.

The first domain of the NCA ECC framework that establishes requirements for organizational leadership, cybersecurity strategy, policies, risk management, and compliance programs to ensure effective oversight and accountability for cybersecurity across the organization.

The first domain of SAMA CSF that requires financial institutions to establish comprehensive cybersecurity governance structures, including board-level oversight, cybersecurity strategy, risk management frameworks, policies and procedures, and organizational roles and responsibilities for managing cybersecurity risks.

An NCA ECC control domain requiring organizations to establish formal capabilities for detecting, analyzing, containing, eradicating, and recovering from cybersecurity incidents, including mandatory reporting to NCA within specified timeframes for incidents affecting critical systems or sensitive data.

NCA's periodic assessment of government entities' cybersecurity maturity against ECC controls.

A classification system within the NCA ECC framework that categorizes organizations into different maturity levels (Basic, Intermediate, Advanced) based on their criticality and risk profile, determining the depth and rigor of cybersecurity controls they must implement.

The third domain of SAMA CSF requiring financial institutions to develop and maintain capabilities to withstand, respond to, and recover from cybersecurity incidents, including incident response plans, business continuity and disaster recovery programs, backup strategies, and regular testing exercises to ensure operational resilience.