Security information and event management (SIEM) technology supports threat detection compliance and security incident management through the collection and analysis of both real-time and historical of security events, as well as a wide variety of other event and contextual data sources.
Cybersecurity risk management identifies, assesses, and mitigates risks to an enterprise's electronic information and systems, including implementing security controls to prevent cyber threats.
Risk can be divided into 2 parts which are inherent risk and residual risk.
Inherent risk is the risk you start with before you take any action to control it. If you take no controlling action and the risk is the inherent risk.
Phishing is a method of trying to gather personal information using deceptive e-mail and websites. The goal of phishing is to trick an email recipient into revealing sensitive information like passwords and payment information.
“Have you ever received a scam email?”
If yes, then understand that someone is trying to make you prey on pretext which is very common in social engineering nowadays.
Pharming is a technique where attackers try to redirect website traffic from a legitimate website to a fraudulent website with the purpose of spreading malware or stealing sensitive data from victims.
Common Vulnerabilities and Exposures (CVE) is a database of publicly disclosed information security issues and it includes a series of numbers called CVE numbers which uniquely identifies vulnerabilities from the list.
Patches are modifications to software code that often come from a security developer to fix security problems or technical issues. Most of the time, a security patch is released after victims are already trapped by hackers due to a vulnerability.