Cybersecurity Terms.
Cybersecurity professionals, like many engineers and technical experts, often use industry jargon when trying to communicate. Combine complex topics with a “word salad” of acronyms, initialisms, and abbreviations, and confusion often sets in. Below are sets of terms to help define some of the jargon you may encounter.
Definitions.
Access Control: restricting the usage of a resource – either physical or informational.
Attack Vector: path or means by which a vulnerability is exploited.
Availability: ensuring information is accessible to authorized users. Availability is the third component of the CIA Triad.
CIA Triad: model or construct used to guide information security policies and planning.
The Cloud: computing services hosted by a third part and accessed via the Internet. Modern cloud providers have a management infrastructure around those services to allow for identity and access management (IAM), access control, and advanced features.
Confidentiality: ensuring information is protected from unauthorized access. Confidentiality is the first component of the CIA Triad.
Cybersecurity: the protection of information technology systems, including computers, mobile devices, networks, and cloud services. Cybersecurity can be considered a subset of Information Security, although the two terms are often used synonymously.
Information Security (InfoSec): the practice of ensuring the confidentiality, integrity, and availability of information resources – both physical and electronic. The construct of confidentiality, integrity, and availability is known as the CIA Triad.
Insider Threat: employee or independent contractor who uses authorized access in an inappropriate way, causing damage or loss to the organization.
Inside Threat: accounts or systems inside a corporate resource that has been compromised by a bad actor.
Integrity: ensuring information is reliable, correct, and protected from unauthorized modification. Integrity is the second component of the CIA Triad.
Risk: the impact of a threat given its likelihood and consequences of happening. Risk = Threat x Likelihood x Severity.
Threat: circumstance or event that could cause damage or danger. Threats can be man-made or natural events.
Vector: path or means by which a vulnerability is exploited. Also known as Threat Vector and Attack Vector.
Vulnerability: flaw or weakness causing exposure to a threat.
For a more complete list of terms, please see the online glossary of NIST’s Computer Resource Center.
Acronyms & Initialisms.
- 2FA: Two Factor Authentication; see MFA
AES: Advanced Encryption Standard developed by NIST; AES-256 is the current preferred encryption method
ASIS: Professional organization for security professionals, previously known as the American Society for Industrial Security
ASLR: Address Space Layout Randomization; ASLR is a technical function built into operating systems that deters attacks against system memory by changing where certain critical information is stored
COOP: Continuity of Operations Planning; often associated with test alerts and responses
DEP: Data Execution Prevention; DEP is a technical function built into operating systems that deters attacks against system memory by preventing the execution of code in restricted memory locations
DKIM: Domain Keys Identified Mail; DKIM is an optional setting that allows a receiving email server to verify the sending email server
DLP: Data Loss Prevention; DLP detects sensitive information and blocks its transmission based on defined keywords and rules
- DMARC: Domain-based Message Authentication, Reporting and Conformance; DMARC is an optional extension of SPF and DKIM that allows a receiving email server authenticate email senders
DNS: Domain Name System; DNS is a global system that associates IP Addresses with human-friendly domain names
- EAP/TLS: Extensible Authentication Protocol – Transport Layer Security; EAP/TLS is an IETF standard and the original method for authentication on wireless networks
- EDR: Endpoint Detection & Response; an endpoint security solution that continuously monitors end-user devices to detect and respond to cyber threats like ransomware
- FAQ: Frequently Asked Questions; support documents typically provided to customers
IAM: Identity and Access Management; IAM is a framework of policies and controls to enforce authorized access to information resrouces
- IDS: Intrusion Detection System; an IDS monitors a computer network and alerts when suspicious or known bad activity is detected
IETF: Internet Engineering Task Force; originally a US government organization, the IETF is now a non-profit that develops and promotes Internet standards
- IPS: Intrusion Prevention System; an IPS monitors a computer network and blocks suspicious or known bad activity
- ISAC: Information Sharing and Analysis Center; a non-profit organization and public-private partnership for security information sharing; sector-specific ISACs exist
- ISACA: Professional organization for security professionals, previously known as the Information Systems Audit and Control Association
- ISSA: Professional organization for security professionals, previously known as the Information Systems Security Association
- MDR: Managed Detection & Response; EDR with a human element added for incident response activities
MFA: Multi Factor Authentication; MFA is a method of authenticating a user by requiring multiple sets of criteria, such as a username & password combination AND a code provided via text message. Often referred to as Two Factor Authentication, as 2FA is the most common form of MFA
- PII: Personally Identifiable Information; information that can be used to identify a specific individual, such as name, address, phone number, and account info
- PIP: Performance Improvement Plan; a document identifying employee issues and course of action to correct, often tied to a review process
- RFID: Radio-Frequency Identification; a wireless method of asset tracking
- S/PII: Sensitive and Personally Identifiable Information; PII that is particularly sensitive, such as date of birth and Social Security Number
- SCAP: Security Content Automation Protocol; SCAP is a method for applying automated vulnerability management
- SIEM: Security Information and Event Management; a SIEM is an advanced form of log management enabling event correlation and alerting
- SPF: Sender Policy Framework; SPF is an optional setting that allows a receiving email server detect email address forgery
- TLA: Three-letter acronym
- TTX: Table Top Exercise; a TTX is a simulation of a disruptive event and the response to it
- UBA: User Behavior Analytics; UBA detects threats by analyzing human behavior in computer systems and detecting anomalies
- UPS: Uninterruptible Power Supply; also known as battery backup
- URL: Uniform Resource Locator; a URL is most commonly referred to as a “website address” and is used in Internet web browsers
- VLAN: Virtual Local Area Network; a VLAN is a separate computer network; technically, it is a broadcast domain that is isolated at the data link layer
- WIDS: Wireless Intrusion Detection System; a WIDS monitors a wireless network and alerts when suspicious or known bad activity is detected
- XDR: Extended Detection & Response; extension of EDR capability to include networks, servers, back office application, and cloud services.
SECURITY
SETS YOU FREE.