Insurance Terms Defined

APT (Advanced Persistent Threat) – An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objective by using multiple attack vectors (cyber, physical and deception). APT attacks can be conducted by foreign nation-state actors that have a continual focus on penetrating a specific target.

ASP (Application Service Provider) – A third-party entity that manages and distributes software-based services via the internet from a central data center

Authentication – The process of verifying the identity or other attributes of an entity. May also be utilized in Multi-Factor 
Authentication, which refers to the process in which multiple factors are utilized when identifying and authenticating an individual

Blackhat – Used to describe a hacker who breaks into a computer system or network with malicious intent

Blacklist – A list of entities or individuals who are blocked or denied privileges or access

Bot – A computer connected to the Internet that has been secretly compromised with malicious code to perform activities under remote command and control of a remote administrator (or hacker

Breach (Data) – A security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used
by an individual unauthorized to do so. Data breaches are also subject to state specific definitions that may also govern when certain types of breach responses are required

Botnet – A collection of computers compromised by malicious code and controlled across a network. Typically used in DDoS attacks (definition below

Brute Force Attack A trial and error method used by applications to decode encrypted data such as passwords by checking all password combination options by methods such as a dictionary attack. This primitive hacking/cracking method is very time consuming and can be thwarted by basic security controls

DDoS – Acronym for Distributed Denial of Service Attack. This is an attack where multiple compromised systems are used to flood a target with network traffic, thus causing the targeted network to experience an outage.

Breach Costs – The costs associated with Breach Response services. These (typically) insurable amounts can include computer
forensics services, notification services and credit monitoring services. Breach costs are considered a “first party” insurance
coverage and are typically triggered by a breach event, rather than a lawsuit. Insurance policies may offer these services on a voluntary basis or only in response to a breach of information that triggers certain state or federal data breach laws.

Breach Response – The act of responding to a data breach. Companies may have predefined breach response plans that articulate a step-by-step plan of action to respond to a breach. The scope of these plans typically include many escalation phases, including Incident Analysis, Incident Disclosure, Loss Mitigation and Communication/Remediation. Insurance carriers may provide third party vendors to navigate this process in the event of a breach

Children’s Online Privacy Protection Act (COPPA) – Federal Trade Commission (FTC) legislation governing websites that are collecting information from children under the age of thirteen

Cloud Computing – The general term to describe the delivery of hosted services over the internet. Cloud computing enables businesses to consume computing resources as a utility, similar to a telephone service, rather than building and maintaining their own hardware infrastructure.(See Infrastructure as a Service and Platform as a Service

Cloud Hosting – The general term to describe a service where data and resources are stored by a hosting facility. Cloud infrastructure may be set up as public, private or hybrid deployments. Benefits typically include redundant data storage, no single point of failure, flexibility and affordable pricing.

Collocation (or Co-location) – Refers to the practice of businesses leasing real estate, cooling, power and bandwidth from a hosting facility that allows them to place their own resources (servers, storage) with the hosting facility’s environment (typically in secured cages). Most collocation facilities also offer high-security, fire detection, filtered power and backup generators to ensure business continuity

CryptographyThe act of protecting information by transforming it into an unreadable format (cipher text). The cipher may be converted into legible formats (decrypted) through the usage of a secret key. There are various forms of encryption and key distribution that may be utilized, including the widely-distributed format, PGP (Pretty Good Privacy

Computer Forensics – The application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. These investigations are the first line of defense when identifying the size, scope and cause of a data breach

Zero-Day – An exploit that takes advantage of a security vulnerability on the same day that the vulnerability becomes publicly or generally known. These exploits are typically thwarted at later dates through security patches/updates released by the software vendor.

EMR – Acronym for Electronic Medical Records. The term is typically utilized when referring to electronic records management systems employed by the healthcare industry.

EMV – Acronym for Europay, MasterCard and Visa. It is a global standard for inter-operation of integrated circuit cards (or “chip cards”) deployed by the payment card industry for use with cardpresent point of sale (POS) systems

Hacktivism – Terminology referring to the motivations behind certain hacking events. Hacktivists may be politically or socially motivated, rather than acting with financial gain as a primary motivator

HIE – Acronym for Health Information Exchange. Refers to the mobilization of healthcare information electronically across organizations within a region, community or hospital system. The term may also refer to the organization that facilitates the actual exchange

IaaS – Acronym for Infrastructure as a Service. Defined as computer infrastructure being delivered as a service (over the internet).

PCI – Acronym for Payment Card Information. The PCI SSC defines ‘cardholder data’ as the full Primary Account Number (PAN) or the full PAN along with any of the following elements: Cardholder name, Expiration Date, Service code. Sensitive Authentication Data also requiring protection includes full magnetic stripe data, CAV2, CVC2, CVV2, CID and PINs, amongst other information

PCI DSS – Set forth by the PCI SSC, the PCI Data Security Standards define the minimum level of security required of any organization handling payment card transactions. As of March 2015, there are four levels of PCI DSS, each of which is derived from the annual volume of payment cards handled by a business. PCI Level 1 is the highest standard of compliance required by the PCI SSC, with PCI Level 4 being the least onerous (due to light payment card volume).

Phishing – A technique utilized by hackers or other individuals with dubious intentions where the perpetrator falsely claims to
be a legitimate contact in an attempt to scam the user into surrendering private or sensitive information. Other types of phishing techniques include “spear phishing” (focusing on a single user or department) or “whale phishing” (focusing on individuals of high importance or worth

PHI – Acronym for Protected Health Information. This constitutes any information about health status, provision of health care,
or payment for health care that can be linked to a specific individual. This is interpreted rather broadly and includes any part of a
patient’s medical record or payment history

Phreaking – Using a computer or other device to trick a phone system. Typically, phreaking is used to make free phone calls or
to have calls charged to a different account. This is one of the earliest forms of “hacking

POS – Acronym for Point of Sale, referring to the capturing of data and customer payment information at a physical location where goods or services are bought and sold. Depending on the context, POS may also refer to the software platform utilized to capture and/or transmit this information.

Ram Scraping – A technique utilized by various Malware (namely, the BackOff variant) where payment card information is extracted from a machines memory prior to being encrypted.

Ransomware – a type of malware which restricts access to the computer system it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed

SaaS – Acronym for Software as a Service. This delivery method allows for software functionality to be delivered over the internet (or cloud) rather than being installed locally on the end-user’s machine.

Tokenization – The process of substituting a sensitive data element with a nonsensitive equivalent, referred to as a token.

SCADA – Acronym for Supervisory Control and Data Automation. These systems can be used in controlling industrial and manufacturing processes

Spoofing – Describes a variety of ways in which hardware and software can be fooled. Spoofing may also refer to faking a certain telephone number, IP address or other unique identifier.

Spyware – Software that covertly gathers user information without their knowledge, usually for advertising purposes.

Trojan Horse – A program (Malware) designed to breach the security of a computer system and, when executed, carry out actions determined by the nature of the Trojan (typically theft of data or computer harm).

White hat – A term referring to “ethical hacking”. White hat hacking attempts are typically requested by the target themselves, in an attempt to discover vulnerabilities previously unknown to them.

Worm – A program or algorithm that replicates itself over a computer network and usually performs malicious actions

Personal Umbrella - Is a type of insurance that provides liability coverage over and above your automobile or homeowners policy. One of the most common types of coverage besides homeowners & auto insurance. The Umbrella policy can also include personal possessions that are other wise added in by endorsement to a homeowners policy such as jewelry. One should weigh out the pros and cons of adding an endorsement to a homeowners policy verses buying an Umbrella. You can typically get more coverage with an Umbrella policy at a lessor cost than with a homeowner endorsement.


Social Engineering - Social Engineering/Cyber Deception occurs when a criminal disguises themselves as a vendor, client or employee and tricks the insured’s employee into transferring funds to an account under their control.