Data Security
Protecting and maintaining the integrity of business, customer, and other data.
Application Security
Ensuring that software and other applications cannot be hacked, compromised, accessed without proper authorization, or disabled.
Network Security
Protecting network infrastructure and software from unauthorized access.
Operational Security
Day-to-day monitoring and security management.
Cloud Security
Cyber security methods used across public, private, or hybrid cloud environments.
Identity and Access Management (IAM)
Authenticating users and authorizing them to access specific applications, data, and other systems.
Privileged Access Management (PAM)
Controlling and monitoring privileged access for users, accounts, applications, and other system assets.
Vulnerability Management (VM)
Proactive identification (such as through scanning) and resolution (such as through patching, systems hardening, implementing new solutions, etc.) of potential threats and vulnerabilities in the IT ecosystem.
Enterprise Mobility Management (EMM)
This can include mobile device management (MDM) and other processes and technologies for securely enabling a mobile workforce.
Business Continuity (BC) and Disaster Recovery (DR).
Planning for events that cause IT disruption (whether arising from human error, equipment failure, malware or hacking attack, environmental catastrophe, etc.) and restoring IT functionality as soon as possible after such an event. BC / DC overlap with incident response, which is focused on marshaling resources to handle a security incident and also forensically investigate how the incident occurred and plan for implications (such as audit, public breach notification, etc.).
Security Training
Teaching employees and other users to identify and appropriately deal with common security issues like phishing, malware, or social engineering.