The FREE Cybersecurity Glossary by Thor Pedersen!

Business process owner: A person or group who is responsible for defining, implementing, and maintaining a business process. It is used to ensure that the process is aligned with the organization's goals and objectives and to identify and address any issues or gaps in the process. Examples include a department manager, a project team leader, or a process improvement specialist.

Business Process Reengineering (BPR): A management strategy that involves the fundamental rethinking and radical redesign of business processes to achieve significant improvements in critical areas such as cost, quality, service, and speed. BPR endeavors to break down and rebuild processes to make them more efficient and aligned with the overall goals of the organization.

Business risk: The potential for loss, damage, or destruction of an organization's value—be it in terms of physical or non-physical assets—caused by internal or external vulnerabilities that may prevent it from achieving its objectives. Such risks can arise from various factors, including financial uncertainty, strategic management decisions, legal liabilities, accidents, and natural disasters. Ensuring adequate security measures are in place to protect an organization's data and assets is a critical component of business risk management.

Business Service Provider (BSP): A company that offers organizations various business solutions and services, often through software as a service (SaaS) model. BSPs might specialize in delivering applications for enterprise resource planning, customer relationship management, or human resources management, among others. When engaging with BSPs, organizations must assess the providers' security measures to ensure the protection of sensitive business data.

Business sponsor: A high-ranking executive who is responsible for the successful delivery of a project within an organization. They ensure the project aligns with the organization's objectives, provide resources, and wield decision-making authority, especially in ensuring adherence to necessary security protocols during the project's design, implementation, and operation.

Business strategy: The plan of action implemented by a business to attain specific goals and objectives, such as increasing profits, expanding market share, or improving customer satisfaction. A comprehensive business strategy includes considerations around data security, safeguarding assets, and maintaining reputation, ensuring that the company's operations and growth are not undermined by security incidents or data breaches.