H - K

Hacker

Someone with some computer skills who uses them to break into computers, systems and networks.

Someone with some computer skills who uses them to break into computers, systems and networks.

Honeypot and Honeynet

Decoy systems or networks set up to attract potential cyber attackers.  They help by limiting malicious access to actual systems…

Decoy systems or networks set up to attract potential cyber attackers.  They help by limiting malicious access to actual systems by detecting and deflecting attempts and learning from attacks. Multiple honeypots form a honeynet.

ICO

See Information Commissioner's Office.

See Information Commissioner's Office.

IG Statement of Compliance - IGSoC

In the UK, an agreement between the NHS and approved organisations that sets out the Information Governance policy and terms…

In the UK, an agreement between the NHS and approved organisations that sets out the Information Governance policy and terms and conditions for the use of various NHS IT services.

Incident

A breach of the security rules for a system or service, such as: attempts to gain unauthorised access to a…

A breach of the security rules for a system or service, such as:

  • attempts to gain unauthorised access to a system
  • unauthorised use of systems for the processing or storing of attachments,
  • changes to a systems firmware, software or hardware without the system owner's consent,
  • malicious disruption and/or denial of service

Incident management

A process followed in the event of a cyber or data security incident that aims to reduce or eliminate adverse…

A process followed in the event of a cyber or data security incident that aims to reduce or eliminate adverse effects and return services to a normal operational condition. Incident management processes can stand alone, but would normally also be included in disaster recovery and business continuity planning.

Information asset

Information or data; the systems and locations in which they are stored and the means by which they are accessed.

Information or data; the systems and locations in which they are stored and the means by which they are accessed.

Information Asset Owner - IAO

The person responsible for a particular asset or set of information assets.

The person responsible for a particular asset or set of information assets.

Information Asset Register

A list of the assets a organisation uses to carry out its business. See also information asset. Assets usually have…

A list of the assets a organisation uses to carry out its business. See also information asset. Assets usually have asset owners, responsible for their maintenance, who assist the Senior Information Risk Owner (SIRO) in asessing risks and reducing them where possible.

Information Governance (IG)

The set of multi-disciplinary structures, policies, procedures, processes and controls required to manage information in support of an organisation's regulatory,…

The set of multi-disciplinary structures, policies, procedures, processes and controls required to manage information in support of an organisation's regulatory, legal, risk, environmental and operational requirements. It allows organisations and individuals to ensure information is processed legally, securely,efficiently and effectively.

Information Governance Policy

A document that details the standards, guidance and codes of practice which an organisation must compy with.

A document that details the standards, guidance and codes of practice which an organisation must compy with.

Information life cycle

Activities involved in managing information throughout its life e.g. when information is obtained, created, retained, stored, retrieved, communicated, used and…

Activities involved in managing information throughout its life e.g. when information is obtained, created, retained, stored, retrieved, communicated, used and destroyed. See also Records management.

Information management

The collection and management of information from one or more sources, its processing and distribution to one or more audiences.

The collection and management of information from one or more sources, its processing and distribution to one or more audiences.

Information processing

Holding, obtaining, recording, using and sharing of information. The acronym HORUS (the ancient Egyption sky god) is sometimes used in…

Holding, obtaining, recording, using and sharing of information. The acronym HORUS (the ancient Egyption sky god) is sometimes used in this connection.

Information security

Measures put in place to prevent inappropriate access, modification, manipulation or destruction of information.

Measures put in place to prevent inappropriate access, modification, manipulation or destruction of information.

Insider risks

The potential for damage to be done maliciously or inadvertently by a legitimate user with privilleged access to systems, networks…

The potential for damage to be done maliciously or inadvertently by a legitimate user with privilleged access to systems, networks or data.

Internet of things

Refers to the ability of everyday objects (rather than computers and devices) to connect to the Internet. Examples include kettles,…

Refers to the ability of everyday objects (rather than computers and devices) to connect to the Internet. Examples include kettles, fridges and televisions.