The FREE Cybersecurity Glossary by Thor Pedersen!

Enterprise Architecture (EA): A strategic planning framework that defines the structure and operation of an organization. It seeks to align an organization's structure with its objectives, facilitating systematic analyses, design, planning, and implementation of an organization's strategies. EA involves the detailed modeling of business processes, information flows, IT systems, and technological infrastructure. By providing a holistic view of an organization's assets, processes, and policies, EA supports informed decision-making, promotes efficiency, and guides the effective integration of IT with business goals.

Enterprise governance: A holistic and integrated approach to corporate governance, business management, and assurance. It ensures that an organization's strategies are set effectively, that they are implemented proficiently, and that risk is managed appropriately. This approach is designed to help an organization achieve its goals while maintaining a balance between risk and reward.

Enterprise Risk Management (ERM): A strategic business discipline that supports the achievement of an organization's objectives by addressing the full spectrum of its risks and managing the combined impact of those risks as an interrelated risk portfolio. It involves the methods and processes used by organizations to manage risks and seize opportunities related to the achievement of their objectives.

Enticement: In a security context, enticement involves the creation of an attractive scenario to lure attackers into engaging in illicit activity that is already part of their intent. Unlike entrapment, it does not induce someone to commit a crime they were not predisposed to commit. Instead, it provides an opportunity for the attacker to act on preexisting criminal intent, allowing law enforcement or security professionals to monitor and potentially apprehend the attacker.

Entrapment: In a security context, entrapment refers to the strategy of tempting an attacker to commit a crime in order to catch them in the act. Unlike enticement, which involves luring an already-intent attacker, entrapment can involve creating conditions that provoke an attack that might not otherwise have occurred. This strategy can be controversial and is carefully regulated in many jurisdictions to prevent abuse and maintain fairness.

Enumeration: A process used in the reconnaissance or pre-attack phase where a potential attacker interacts with a system to gather information that could be useful for exploiting it. This may involve determining a user's valid email address, network resources, shared directories, IP addresses in use, or even detailed user account information in certain circumstances.