- Chief Information Security Officer (CISO) The senior executive responsible for overseeing an organization's information security strategy, policies, and operations. They work closely with the CIO and other senior executives to develop and implement security solutions that protect the organization's sensitive data and assets.
- Chief Security Officer (CSO) The senior executive responsible for overseeing an organization's overall security strategy, policies, and operations. They work closely with the CEO and other senior executives to develop and implement solutions that protect the organization's physical, cyber, and human assets.
- Chief Technology Officer (CTO) The senior executive responsible for overseeing an organization's technology strategy, policies, and operations. They work closely with the CEO and other senior executives to develop and implement technology solutions that align with the organization's business goals and objectives.
- Chosen-ciphertext attack In a chosen-ciphertext attack, the attacker has access to a ciphertext (encrypted message) and is able to manipulate it in some way to try and derive the plaintext (original message). For example, the attacker may try to modify the ciphertext and see how the resulting decryption changes in order to learn more about the encryption algorithm and key being used.
- Chosen-plaintext attack In a chosen-plaintext attack, the attacker has access to a plaintext (original message) and is able to encrypt it using the same algorithm and key that the target uses. By comparing the resulting ciphertext to the ciphertext of other known messages, the attacker may be able to determine the encryption algorithm and key being used.
- CIA Triad A widely-used information security model that represents the three fundamental principles of security - Confidentiality, Integrity, and Availability. Confidentiality is about protecting information from being accessed by unauthorized parties, integrity ensures that the information is accurate and hasn't been improperly modified, and availability ensures that the information is accessible to authorized users when needed. The triad serves as a simple framework for keeping an organization's sensitive data secure.
- CI/CD Environments CI/CD stands for Continuous Integration and Continuous Delivery/Deployment. Continuous Integration involves integrating changes from different contributors into a central repository frequently, which encourages catching integration bugs early. Continuous Delivery/Deployment involves automating the release process to get validated changes deployed to production quickly and sustainably. From a security perspective, CI/CD environments should be set up to include automated security checks and tests at various stages, such as static code analysis for potential vulnerabilities and dynamic testing in staging environments, to ensure that security is a part of the process from start to finish.
- Cipher An algorithm used for performing encryption or decryption—a series of well-defined steps that can be followed to transform an input (plaintext) into an output (ciphertext) or vice versa. Ciphers are fundamental to modern cryptography and operate based on a piece of auxiliary information known as a key. The key determines the particular transformation of plaintext into ciphertext, or vice versa, during encryption and decryption.
- Cipher Block Chaining (CBC) ModeA mode of operation for block ciphers where each block of plaintext is XORed with the previous ciphertext block before being encrypted. This method ensures that identical plaintext blocks will encrypt to different ciphertext blocks, enhancing security. It uses an initialization vector (IV) for the first block to ensure randomness.
- Cipher Feedback (CFB) ModeA mode of operation for block cipher systems that effectively converts a block cipher into a self-synchronizing stream cipher. In CFB mode, the previous ciphertext block is encrypted, and the output is XORed with the current plaintext block to get the current ciphertext block. As with CBC mode, the chaining mechanism causes the output to be highly sensitive to changes in the input, increasing security by masking patterns in the plaintext.
Share our FREE glossary with your friends and study buddies.
Disclaimer: The glossary is for informational purposes only, we are not liable for any errors or omissions, if you find errors please contact us.