The FREE Cybersecurity Glossary by Thor Pedersen!

Data Controller: An individual, organization, or entity that determines the purposes and means of processing personal data. In the context of privacy laws, such as the GDPR, data controllers have specific legal obligations regarding the handling of data, including ensuring its protection and privacy, responding to data subject's rights requests, and reporting data breaches. They are differentiated from data processors, who process personal data on behalf of a data controller.

Data Custodian: An individual or organization responsible for the maintenance and care of data or data sources. Their duties typically involve implementing technical controls, procedures, and systems that ensure the safety and quality of the data, such as performing regular backups, enforcing access controls, and ensuring data integrity.

Data Destruction: The process of eliminating or erasing data from a storage medium, making it completely unreadable and non-recoverable. Methods include physical destruction, degaussing, and software-based overwriting or encryption, all aimed at preventing unauthorized individuals from retrieving and exploiting sensitive information.

Data Dictionary: A centralized repository of information about data, such as its meaning, relationships to other data, origin, usage, and format. It serves as a guide for understanding the structure, content, and context of data sources, thereby helping ensure consistency across different parts of an organization and facilitating effective data management.

Data Diddling: A fraudulent act involving the deliberate alteration of data before or during its entry into a computer system, typically for purposes like financial gain or malicious intent. This manipulation can cause incorrect results or outputs, making it a form of cybercrime. Organizations must implement security controls and auditing measures to protect against such threats.

Data Discovery Methods: Data Discovery Methods refer to a range of processes and tools used to identify, classify, and analyze an organization's data assets. They are crucial for data governance, risk management, and compliance, ensuring that sensitive data is properly handled and protected. Techniques include automated discovery using software to scan storage systems and databases, as well as manual reviews and audits.