Learn
Clear, vendor-neutral definitions of the concepts behind modern cyber risk — from digital twins and Value at Risk to NIST 800-171 and CMMC. Each entry is short, plain-language, and links to deeper reading.
Digital twin (cybersecurity)
A continuously updated virtual model of an IT environment, built from live telemetry.
ReadValue at Risk (VaR)
An estimate of potential loss over a period at a given confidence level.
ReadMonte Carlo simulation
A method that models uncertainty by sampling many randomized outcomes into a distribution.
ReadCyber Value at Risk (Cyber VaR)
Value at Risk applied to cybersecurity — expected and tail losses from cyber events, in dollars.
ReadBlast radius
The extent of systems and data an attacker could reach from an initial foothold.
ReadAttack surface management (ASM)
The continuous discovery and monitoring of an organization's exposed, attackable assets.
ReadNIST SP 800-171
A U.S. standard of 110 controls across 14 families for protecting Controlled Unclassified Information.
ReadCMMC
The U.S. DoD framework for verifying contractors implement required security controls.
Read