- Mandatory Reporting A requirement, often established by law, regulation, or industry guidelines, which obligates individuals or organizations to report certain types of incidents or data breaches to relevant authorities within a specified timeframe. In cybersecurity, mandatory reporting typically involves notifying government bodies, regulatory agencies, affected individuals, or other stakeholders about security incidents that could potentially lead to the exposure of sensitive, confidential, or personally identifiable information. The goal of mandatory reporting is to ensure timely and transparent communication about breaches, enabling prompt response and mitigation efforts to protect affected parties and prevent future occurrences.
- Mandatory vacations Mandatory vacations are a security and administrative control requiring employees to take uninterrupted time away from their specific job responsibilities. This policy is designed to help detect any fraudulent activities or inconsistencies in their absence, which might be concealed by their continuous presence. It's often used in conjunction with job rotation and cross-training to strengthen internal controls and reduce the risk of fraud or error within an organization.
- Man-in-the-Middle (MitM) Attack A form of eavesdropping where communication between two users is monitored and modified by an unauthorized party. Typically, the attacker will intercept the traffic between the two targets, making them believe they are talking directly to each other over a private connection when, in fact, the entire conversation is being controlled by the attacker.
- Manipulative Communications The deceptive methods used to trick individuals into revealing sensitive information or to influence their actions, often for malicious purposes. Techniques could include phishing, spear-phishing, or social engineering tactics, which are designed to exploit human vulnerabilities and bypass conventional security measures.
- Mantrap A physical security access control system comprising a small space having two sets of interlocking doors such that the first set of doors must close before the second set opens. Mantraps ensure that only one person can pass through at a time, and they provide an effective mechanism for controlling and monitoring access to secure environments.
- Masking A process used to protect sensitive data by replacing it with random characters or other dummy information. It enables users to carry out operations without exposing the actual data, thus preserving confidentiality. It's a technique often used in environments where data needs to be used for testing or analysis but where the original data contains sensitive details.
- Masqueraders Individuals who pretend to be another user or entity to gain unauthorized access to systems or data. They might employ a range of techniques, from simple password guessing to sophisticated social engineering, in order to mislead systems or people into granting them access. Masquerading is a significant threat to both the integrity and confidentiality of data.
- Master Boot Record (MBR) The first sector of a hard drive that contains the bootloader program and the partition table. It is used to boot the operating system on a computer. Examples -A computer's BIOS uses the MBR to boot the operating system, a bootable USB drive contains an MBR, and a disk repair utility can fix a corrupted MBR.
- Materiality A concept used in risk assessment and audit planning to define the significance of a risk or a discrepancy. If the effect of a risk or discrepancy is large enough to impact decisions made based on the outcome, it is considered material. This principle guides the identification of relevant issues and ensures that time and resources are allocated to manage the most impactful risks.
- Mathematical Attack A method used to decipher encrypted data by exploiting weaknesses in the mathematical algorithms used in the encryption process. This method relies on computational techniques and mathematical theories, such as factoring large numbers or calculating discrete logarithms, to reverse-engineer or break the encryption algorithm and gain access to the encrypted data.
Share our FREE glossary with your friends and study buddies.
Disclaimer: The glossary is for informational purposes only, we are not liable for any errors or omissions, if you find errors please contact us.