A digital copy of data, stored on a different type of storage media than the original copy, or a different device, increasing the likelihood of accessibility in the event the primary system is interrupted.

An information breach may be physical or digital. Digital breaches are incursions into networks or digital devices, that may result in loss of business records or intellectual property. Physical information breaches may occur at unattended loading docks, offices, and storage rooms, or unlocked file cabinets.

Credentials are user identification factors that grant access to a computer or a system. In general, the credentials consist of a user name and password.  For a system that relies on two-factor identification, there is an additional, physical element such as a keyfob, smart phone, or biometric factor that is part of the credential.

Data recovery is the act of retrieving digital information. Data recovery is part of incident response. But not all incident response includes data recovery.

DDOS stands for distributed denial of service. It's an attack that makes a server unavailable by bombarding it with bogus traffic.

The process of uncovering and interpreting electronic data, with the goal of drawing conclusions about events that occurred in the past. A trained digital forensic practitioner can help put evidence into its proper context by collecting, identifying, and confirming the authenticity of digital information. The trained practitioner uses a process that will preserve evidence as closely as possible to the state in which it was uncovered.

Comprehensive preparation for unforeseen incidents or crises that disrupt normal operations. The development should include participants from across all departments. It should address upper- management succession and authority for major decisions, loss mitigation, internal and external communication; legal liabilities arising from all conceivable disruptions, and business continuity while damage is being assessed and repaired.

Disaster recovery is a response to a widespread data-loss incident in which your primary systems go offline, and functionality is recovered using secondary or tertiary systems. Disaster recovery is most often successful when it follows a plan that was made in advance of the disaster (see above item).

Hiding digital information by encoding it so that only those authorized to view the information can see it.

The term used by the courts to describe digital information that’s sought for civil litigation.

An often misused term for cybercriminal. Hacking may include experimentation in which devices are altered in order to perform a function they were not originally intended to perform, for good purposes or bad. Generally, “hacker” should not be used to describe someone who gains unauthorized access to digital systems or information for the purpose of causing damage, theft, or disruption.

People performing politically-motivated cyber-intrusions, primarily for the purpose of causing business disruption or generating publicity.

A mission to simultaneously assess damage, shore up defenses, and restore business operations after systems have been attacked or otherwise compromised. Examples of incidents causing disruption are natural disasters, power outages, fire, industrial sabotage, disgruntled employees, and cyberattacks.

Information assets consist of all data, in any format, or any digital system or device that:

  1. Contains intellectual property
  2. Is under a data-related mandate, or
  3. Otherwise provides value to the organization


In considering what constitutes information assets, consider whether loss, inaccessibility, damage, or public exposure of the  data or device would cause the organization to suffer impaired performance, safety, credibility or diminished reputation.


The practice and processes related to protecting information systems against unauthorized access, disruptions due to natural or human-caused disasters, and attacks by cybercriminals.

A body that develops business standards to promote a uniform approach to physical and digital security, information and records management, and quality control. Each standard is identified by a number. Data Clone Labs works with ISO 27001 and ISO 22301, both of which are related to information security and incident response.

Log in credentials requiring a user name and password, plus a second, physical element. The second factor could be a token on your keychain, a biometric scan of fingerprint or the iris of your eye, or a message sent from your cell phone.

Processes and technologies designed to protect information that travels over digital communication networks.

National Institute of Standards and Technology, a non-regulatory federal agency within the U.S. Department of Commerce. NIST advocates a system that can be used across industries to standardize procedures and policies surrounding information security. NIST or other standards-based systems can facilitate information accountability within organizations.

An online repository where anyone can copy-and-paste text for sharing. The site made headlines when someone posted an offer of six million JP Morgan account-holder records for sale.

A strain of cyberattacks containing malware that locks up or encrypts files, accompanied by a demand for money.  Payment of ransom sometimes, but not always results in decryption of files.


Oval 15 + Datto_Logo
Oval 17 + Dell_SonicWALL_Logo
Oval 11 + blue-sophos-logo
Oval 12 + Yubico_Logo
Oval 13 + MiToken_Logo
Oval 14 + GFI_Logo