A.C.R.O.N.Y.M.S.
PII
What is Personally Identifying Information?
A type of malware meant to encrypt a victim’s data and prevent account access, until the victim pays a fee set by the attacker.
What is a ransomware attack?
One member of the Fu Associates, Ltd. cybersecurity team.
Who is David Sieracki/Nima Patel/Tommy Lo/HT Gold?
The likelihood that a threat will exploit a vulnerability.
What is risk?
The potential to cause unauthorized disclosure, changes, or destruction to an asset.
What is a threat?
PIV
What is Personal Identity Verification?
A social engineering scam whereby intruders seek access to your personal information or passwords by posing as a legitimate business or organization with legitimate reason to request information.
What is a phishing attack?
Fu Associates, Ltd. Privacy Officer.
Who is Debbie Harvey?
Who are we?
Any flaw or weakness that can be exploited and could result in a breach or a violation of a system’s security policy.
What is a vulnerability?
HIPAA
What is Health Insurance Portability and Accountability Act?
A cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
What is a denial of service attack?
Fu Associates, Ltd. Information Technology Director.
Who is Dave Sieracki?
The three guiding principles of information security.
What are confidentiality, integrity, and availability?
A sequence of words or other text used to control access to a computer system, program or data (similar to a password in usage, but is generally longer for added security).
What is a passphrase?
Example: “Take me out to the ballgame!” becomes “Tmo2tBG!”
FISMA
What is the Federal Information Security Management Act?
When an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.
What is cross-site scripting?
Fu Associates, Ltd. Technical Team Leader.
Who is Pam Kress?
An example of physical access control.
What are keys, security fobs, sign-in sheets, etc?
The process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot.
HITECH
What is the Health Information Technology for Economic and Clinical Health Act?
A technique used to attack data-driven applications, in which malicious structured query language statements are inserted into an entry field for execution to expose
What is a SQL injection attack?
Report suspected or confirmed privacy incidents to these 3 people.
Who are Pam Kress, Debbie Harvey, and Dave Sieracki.
Rules for strong passwords.
What are create a password at least eight characters in length, and password should contain at least one of each: capital letter, lowercase letter, number, and special character (!,@,#,$,%,^,&,*,(,),_,+,)?
The loss of, unauthorized access to, or disclosure of, personal information.
What is a breach of privacy?