Technology and cybersecurity risk management
Expert-defined terms from the Specialist Certification in Risk Management in the Restaurant Business course at London School of Business and Administration. Free to read, free to share, paired with a globally recognised certification pathway.
Access Control #
Access control refers to the procedures and mechanisms used to manage who has access to a restaurant's physical and digital assets, including data and systems. Related terms include authentication, authorization, and identity management. Access control is essential in risk management as it helps prevent unauthorized access to sensitive information and reduces the risk of data breaches. In a restaurant business, access control can be applied to limit access to certain areas, such as the kitchen or storage rooms, and to restrict access to sensitive information, such as employee records or financial data.
Advanced Persistent Threats (APTs) #
Advanced Persistent Threats refer to sophisticated and targeted cyber attacks that are designed to evade detection and persist on a network for an extended period. Related terms include malware, phishing, and zero-day exploits. APTs are a significant risk to restaurants as they can result in the theft of sensitive information, disruption of business operations, and damage to reputation. Restaurants can protect themselves against APTs by implementing robust security measures, such as firewalls, intrusion detection systems, and encryption.
Application Security #
Application security refers to the practices and procedures used to ensure that software applications are secure and free from vulnerabilities. Related terms include secure coding, penetration testing, and vulnerability management. Application security is crucial in risk management as it helps prevent data breaches and protects against cyber attacks. In a restaurant business, application security can be applied to ensure that point-of-sale systems, online ordering systems, and other software applications are secure and protected against cyber threats.
Asset Management #
Asset management refers to the process of identifying, classifying, and managing an organization's assets, including physical and digital assets. Related terms include inventory management, asset tracking, and disposal management. Asset management is essential in risk management as it helps identify and mitigate potential risks to an organization's assets. In a restaurant business, asset management can be applied to manage assets such as kitchen equipment, furniture, and technology systems.
Authentication #
Authentication refers to the process of verifying the identity of users, devices, or systems. Related terms include authorization, identity management, and password management. Authentication is critical in risk management as it helps prevent unauthorized access to sensitive information and reduces the risk of data breaches. In a restaurant business, authentication can be applied to verify the identity of employees, customers, and suppliers.
Availability #
Availability refers to the degree to which a system, network, or application is accessible and usable when needed. Related terms include uptime, downtime, and recovery time. Availability is essential in risk management as it helps ensure that business operations are not disrupted and that customers can access services when needed. In a restaurant business, availability can be applied to ensure that point-of-sale systems, online ordering systems, and other critical systems are available and functioning properly.
Backup and Recovery #
Backup and recovery refer to the processes of creating and storing copies of data and restoring data in the event of a loss or disruption. Related terms include data backup, disaster recovery, and business continuity. Backup and recovery are critical in risk management as they help ensure that business operations can be restored quickly in the event of a disaster or disruption. In a restaurant business, backup and recovery can be applied to protect critical data such as employee records, customer data, and financial information.
Business Continuity Planning (BCP) #
Business continuity planning refers to the process of developing and implementing plans to ensure that business operations can continue in the event of a disaster or disruption. Related terms include disaster recovery, emergency response, and crisis management. BCP is essential in risk management as it helps ensure that business operations are not disrupted and that customers can continue to access services. In a restaurant business, BCP can be applied to develop plans to respond to natural disasters, cyber attacks, and other disruptions.
Business Impact Analysis (BIA) #
Business impact analysis refers to the process of identifying and assessing the potential impact of a disaster or disruption on business operations. Related terms include risk assessment, threat analysis, and vulnerability assessment. BIA is critical in risk management as it helps identify and mitigate potential risks to business operations. In a restaurant business, BIA can be applied to assess the potential impact of a disaster or disruption on critical business functions such as food preparation, customer service, and financial management.
Cloud Computing #
Cloud computing refers to the delivery of computing services over the internet, including storage, processing, and applications. Related terms include cloud security, cloud storage, and cloud migration. Cloud computing is a significant risk to restaurants as it can result in the loss of control over sensitive information and increase the risk of data breaches. Restaurants can protect themselves against cloud computing risks by implementing robust security measures, such as encryption and access controls.
Compliance #
Compliance refers to the process of adhering to laws, regulations, and industry standards. Related terms include regulatory compliance, industry standards, and audit compliance. Compliance is essential in risk management as it helps reduce the risk of legal and financial penalties. In a restaurant business, compliance can be applied to ensure adherence to food safety regulations, labor laws, and financial reporting requirements.
Computer Security #
Computer security refers to the practices and procedures used to protect computer systems and networks from cyber threats. Related terms include network security, firewall configuration, and intrusion detection. Computer security is critical in risk management as it helps prevent data breaches and protects against cyber attacks. In a restaurant business, computer security can be applied to protect point-of-sale systems, online ordering systems, and other critical systems.
Confidentiality #
Confidentiality refers to the protection of sensitive information from unauthorized access or disclosure. Related terms include data protection, privacy, and secrecy. Confidentiality is essential in risk management as it helps prevent the theft or misuse of sensitive information. In a restaurant business, confidentiality can be applied to protect customer data, employee records, and financial information.
Cryptocurrency #
Cryptocurrency refers to digital or virtual currencies that use cryptography for secure financial transactions. Related terms include blockchain, bitcoin, and ethereum. Cryptocurrency is a significant risk to restaurants as it can result in the loss of control over financial transactions and increase the risk of financial fraud. Restaurants can protect themselves against cryptocurrency risks by implementing robust security measures, such as encryption and access controls.
Cybersecurity #
Cybersecurity refers to the practices and procedures used to protect computer systems and networks from cyber threats. Related terms include computer security, network security, and information security. Cybersecurity is critical in risk management as it helps prevent data breaches and protects against cyber attacks. In a restaurant business, cybersecurity can be applied to protect point-of-sale systems, online ordering systems, and other critical systems.
Data Analytics #
Data analytics refers to the process of analyzing and interpreting data to gain insights and make informed decisions. Related terms include data mining, business intelligence, and predictive analytics. Data analytics is essential in risk management as it helps identify and mitigate potential risks to business operations. In a restaurant business, data analytics can be applied to analyze customer behavior, sales trends, and financial performance.
Data Breach #
Data breach refers to the unauthorized access or disclosure of sensitive information. Related terms include data loss, data theft, and cyber attack. Data breach is a significant risk to restaurants as it can result in the theft or misuse of sensitive information and damage to reputation. Restaurants can protect themselves against data breach risks by implementing robust security measures, such as encryption and access controls.
Data Loss Prevention (DLP) #
Data loss prevention refers to the practices and procedures used to prevent the unauthorized access or disclosure of sensitive information. Related terms include data protection, data security, and information security. DLP is essential in risk management as it helps prevent the theft or misuse of sensitive information. In a restaurant business, DLP can be applied to protect customer data, employee records, and financial information.
Data Mining #
Data mining refers to the process of analyzing and interpreting large datasets to gain insights and make informed decisions. Related terms include data analytics, business intelligence, and predictive analytics. Data mining is essential in risk management as it helps identify and mitigate potential risks to business operations. In a restaurant business, data mining can be applied to analyze customer behavior, sales trends, and financial performance.
Data Protection #
Data protection refers to the practices and procedures used to protect sensitive information from unauthorized access or disclosure. Related terms include data security, data privacy, and information security. Data protection is essential in risk management as it helps prevent the theft or misuse of sensitive information. In a restaurant business, data protection can be applied to protect customer data, employee records, and financial information.
Data Security #
Data security refers to the practices and procedures used to protect sensitive information from unauthorized access or disclosure. Related terms include data protection, data privacy, and information security. Data security is essential in risk management as it helps prevent the theft or misuse of sensitive information. In a restaurant business, data security can be applied to protect customer data, employee records, and financial information.
Denial of Service (DoS) #
Denial of service refers to a type of cyber attack that is designed to make a computer system or network unavailable. Related terms include distributed denial of service, DDoS, and malware. DoS is a significant risk to restaurants as it can result in the disruption of business operations and damage to reputation. Restaurants can protect themselves against DoS risks by implementing robust security measures, such as firewalls and intrusion detection systems.
Disaster Recovery #
Disaster recovery refers to the process of restoring business operations in the event of a disaster or disruption. Related terms include business continuity, emergency response, and crisis management. Disaster recovery is essential in risk management as it helps ensure that business operations can be restored quickly in the event of a disaster or disruption. In a restaurant business, disaster recovery can be applied to develop plans to respond to natural disasters, cyber attacks, and other disruptions.
Distributed Denial of Service (DDoS) #
Distributed denial of service refers to a type of cyber attack that is designed to make a computer system or network unavailable. Related terms include denial of service, DoS, and malware. DDoS is a significant risk to restaurants as it can result in the disruption of business operations and damage to reputation. Restaurants can protect themselves against DDoS risks by implementing robust security measures, such as firewalls and intrusion detection systems.
Encryption #
Encryption refers to the process of converting plaintext into unreadable ciphertext to protect sensitive information. Related terms include decryption, cryptography, and secure communication. Encryption is essential in risk management as it helps prevent the theft or misuse of sensitive information. In a restaurant business, encryption can be applied to protect customer data, employee records, and financial information.
Firewall #
Firewall refers to a network security system that monitors and controls incoming and outgoing network traffic. Related terms include network security, intrusion detection, and access control. Firewall is essential in risk management as it helps prevent unauthorized access to sensitive information and reduces the risk of data breaches. In a restaurant business, firewall can be applied to protect point-of-sale systems, online ordering systems, and other critical systems.
Governance #
Governance refers to the framework of policies, procedures, and standards used to manage and direct an organization. Related terms include compliance, regulatory compliance, and industry standards. Governance is essential in risk management as it helps ensure that an organization is operating in a legal and ethical manner. In a restaurant business, governance can be applied to ensure adherence to food safety regulations, labor laws, and financial reporting requirements.
Identity Management #
Identity management refers to the process of managing and verifying the identity of users, devices, or systems. Related terms include authentication, authorization, and access control. Identity management is critical in risk management as it helps prevent unauthorized access to sensitive information and reduces the risk of data breaches. In a restaurant business, identity management can be applied to verify the identity of employees, customers, and suppliers.
Incident Response #
Incident response refers to the process of responding to and managing security incidents, such as data breaches or cyber attacks. Related terms include incident management, crisis management, and emergency response. Incident response is essential in risk management as it helps minimize the impact of security incidents and reduce the risk of data breaches. In a restaurant business, incident response can be applied to develop plans to respond to security incidents, such as data breaches or cyber attacks.
Information Security #
Information security refers to the practices and procedures used to protect sensitive information from unauthorized access or disclosure. Related terms include data security, data protection, and cybersecurity. Information security is essential in risk management as it helps prevent the theft or misuse of sensitive information. In a restaurant business, information security can be applied to protect customer data, employee records, and financial information.
Intellectual Property (IP) #
Intellectual property refers to the ownership and protection of creative works, such as trademarks, copyrights, and patents. Related terms include trademark, copyright, and patent law. IP is essential in risk management as it helps protect an organization's creative works and prevent unauthorized use. In a restaurant business, IP can be applied to protect trademarks, copyrights, and patents related to menu items, recipes, and branding materials.
Internet of Things (IoT) #
Internet of things refers to the network of physical devices, vehicles, and other items that are embedded with sensors, software, and connectivity, allowing them to collect and exchange data. Related terms include smart devices, wearable technology, and connected devices. IoT is a significant risk to restaurants as it can result in the loss of control over sensitive information and increase the risk of data breaches. Restaurants can protect themselves against IoT risks by implementing robust security measures, such as encryption and access controls.
Intrusion Detection #
Intrusion detection refers to the process of monitoring and detecting unauthorized access to a computer system or network. Related terms include intrusion prevention, firewall configuration, and network security. Intrusion detection is essential in risk management as it helps prevent unauthorized access to sensitive information and reduces the risk of data breaches. In a restaurant business, intrusion detection can be applied to protect point-of-sale systems, online ordering systems, and other critical systems.
Malware #
Malware refers to software that is designed to harm or exploit a computer system or network. Related terms include virus, trojan, and spyware. Malware is a significant risk to restaurants as it can result in the theft or misuse of sensitive information and damage to reputation. Restaurants can protect themselves against malware risks by implementing robust security measures, such as antivirus software and firewalls.
Network Security #
Network security refers to the practices and procedures used to protect computer networks from unauthorized access or malicious activity. Related terms include computer security, firewall configuration, and intrusion detection. Network security is essential in risk management as it helps prevent unauthorized access to sensitive information and reduces the risk of data breaches. In a restaurant business, network security can be applied to protect point-of-sale systems, online ordering systems, and other critical systems.
Password Management #
Password management refers to the process of managing and securing passwords to prevent unauthorized access to sensitive information. Related terms include password policy, password protection, and access control. Password management is critical in risk management as it helps prevent unauthorized access to sensitive information and reduces the risk of data breaches. In a restaurant business, password management can be applied to secure passwords for employees, customers, and suppliers.
Payment Card Industry Data Security Standard (PCI DSS) #
Payment card industry data security standard refers to a set of security standards designed to ensure the secure handling of payment card information. Related terms include payment card security, credit card security, and data security. PCI DSS is essential in risk management as it helps prevent the theft or misuse of payment card information. In a restaurant business, PCI DSS can be applied to ensure the secure handling of payment card information and prevent data breaches.
Phishing #
Phishing refers to a type of cyber attack that is designed to trick individuals into revealing sensitive information, such as passwords or financial information. Related terms include social engineering, spam, and malware. Phishing is a significant risk to restaurants as it can result in the theft or misuse of sensitive information and damage to reputation. Restaurants can protect themselves against phishing risks by implementing robust security measures, such as antivirus software and firewalls.
Privacy #
Privacy refers to the protection of sensitive information from unauthorized access or disclosure. Related terms include data protection, confidentiality, and secrecy. Privacy is essential in risk management as it helps prevent the theft or misuse of sensitive information. In a restaurant business, privacy can be applied to protect customer data, employee records, and financial information.
Risk Assessment #
Risk assessment refers to the process of identifying and assessing potential risks to an organization. Related terms include risk management, threat analysis, and vulnerability assessment. Risk assessment is essential in risk management as it helps identify and mitigate potential risks to business operations. In a restaurant business, risk assessment can be applied to assess the potential risks to critical business functions such as food preparation, customer service, and financial management.
Risk Management #
Risk management refers to the process of identifying, assessing, and mitigating potential risks to an organization. Risk management is essential in risk management as it helps identify and mitigate potential risks to business operations. In a restaurant business, risk management can be applied to develop plans to respond to security incidents, such as data breaches or cyber attacks.
Security Information and Event Management (SIEM) #
Security information and event management refers to the process of monitoring and analyzing security-related data to identify potential security threats. Related terms include security analytics, incident response, and threat detection. SIEM is essential in risk management as it helps identify and mitigate potential security threats. In a restaurant business, SIEM can be applied to monitor and analyze security-related data to identify potential security threats.
Social Engineering #
Social engineering refers to a type of cyber attack that is designed to trick individuals into revealing sensitive information, such as passwords or financial information. Related terms include phishing, spam, and malware. Social engineering is a significant risk to restaurants as it can result in the theft or misuse of sensitive information and damage to reputation. Restaurants can protect themselves against social engineering risks by implementing robust security measures, such as antivirus software and firewalls.
Supply Chain Risk Management #
Supply chain risk management refers to the process of identifying and mitigating potential risks to an organization's supply chain. Related terms include supply chain management, vendor management, and third-party risk management. Supply chain risk management is essential in risk management as it helps identify and mitigate potential risks to business operations. In a restaurant business, supply chain risk management can be applied to assess the potential risks to critical suppliers, such as food and beverage suppliers.
Threat Intelligence #
Threat intelligence refers to the process of gathering and analyzing data to identify potential security threats. Threat intelligence is essential in risk management as it helps identify and mitigate potential security threats. In a restaurant business, threat intelligence can be applied to monitor and analyze security-related data to identify potential security threats.
Vulnerability Management #
Vulnerability management refers to the process of identifying and mitigating potential vulnerabilities in an organization's systems and networks. Related terms include vulnerability assessment, penetration testing, and patch management. Vulnerability management is essential in risk management as it helps identify and mitigate potential risks to business operations. In a restaurant business, vulnerability management can be applied to identify and mitigate potential vulnerabilities in point-of-sale systems, online ordering systems, and other critical systems.
Wireless Security #
Wireless security refers to the practices and procedures used to protect wireless networks from unauthorized access or malicious activity. Related terms include wireless networking, Wi-Fi security, and network security. Wireless security is essential in risk management as it helps prevent unauthorized access to sensitive information and reduces the risk of data breaches. In a restaurant business, wireless security can be applied to protect wireless networks used for point-of-sale systems, online ordering systems, and other critical systems.
Zero #
Day Exploit: Zero-day exploit refers to a type of cyber attack that is designed to exploit a previously unknown vulnerability in a computer system or network. Related terms include zero-day attack, exploit kit, and malware. Zero-day exploit is a significant risk to restaurants as it can result in the theft or misuse of sensitive information and damage to reputation. Restaurants can protect themselves against zero-day exploit risks by implementing robust security measures, such as antivirus software and firewalls.