File Name: cyber security terms and terminologies .zip
It also contains terms that public utility commissions may encounter during engagements with utilities on the topic of cybersecurity. Definitions contained in this glossary are from authoritative sources.
They are gathered here for ease of use. Many definitions are cited verbatim; however, some have been paraphrased or adapted for clarity and conciseness. Links to original sources are included. A list of notable cybersecurity incidents is included at the end of the glossary.
These incidents are often cited in cybersecurity literature, articles, blogs, webinars, and workshops and are included in this glossary for that reason. The process of granting or denying specific requests: 1 for obtaining and using information and related information processing services; and 2 to enter specific physical facilities e.
A list of permissions associated with an object e. The list specifies who or what is allowed to access the object and what operations are allowed to be performed on the object. An adversary that possesses sophisticated levels of expertise and significant resources used to create opportunities to achieve its objectives by using multiple attack vectors e. These objectives typically include establishing and extending footholds within the information technology infrastructure of the targeted organizations for purposes of exfiltrating information, undermining or impeding critical aspects of a mission, program, or organization; or positioning itself to carry out these objectives in the future.
Summary of key post-exercise evaluation information, including the exercise overview and analysis of objectives and core capabilities. It is developed in conjunction with an improvement plan, which identifies specific corrective actions, assigns them to responsible parties, and establishes target dates for their completion. The lead evaluator and exercise planning team draft the AAR. A threat or an incident, natural or manmade, that warrants action to protect life, property, the environment, and public health or safety, and to minimize disruptions of government, social, or economic activities.
It includes natural disasters, cyber incidents, industrial accidents, pandemics, acts of terrorism, sabotage, and destructive criminal activity targeting critical infrastructure. The validation of all aspects of a computer or system that relate to its safe, secure, and correct operation. Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources. Ensuring timely and reliable access to and use of information.
Resiliency objectives extend the concept to refer to point-in-time availability i. With confidentiality and integrity, availability is considered part of the CIA Triad, which represents the three most crucial components of information security.
The amount of information that can be passed through a communication channel in a given amount of time, usually expressed in bits per second. An electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party. A catastrophic event that severely disrupts the normal functioning of critical infrastructures in multiple regions for long durations.
The restoration of a power station without reliance on the external power transmission system. Black start capabilities are often provided by small co-located diesel generators used to start larger generators, which in turn start the main power station generators.
Idaho National Laboratory. Tamper-resistant digital ledgers implemented in a distributed fashion i. At their basic level, they enable a community of users to record transactions in a shared ledger within that community, such that under normal operation, no transaction can be changed once published.
A collection of computers compromised by malicious code and controlled across a network. See Command and Control. Monitoring and control of digital communications at the external perimeter of an information system to prevent and detect malicious and other unauthorized communications, using devices such as proxies, gateways, routers, firewalls, guards, and encrypted tunnels. Also referred to as perimeter protection. A Cyber Asset that, if rendered unavailable, degraded, or misused, would, within 15 minutes of its required operation, misoperation, or non-operation, adversely impact one or more facilities, systems, or equipment, which, if destroyed, degraded, or otherwise rendered unavailable when needed, would affect the reliable operation of the Bulk Electric System.
Redundancy of affected facilities, systems, and equipment shall not be considered when determining adverse impact. A cybersecurity control employed in lieu of a recommended control that provides equivalent or comparable control. Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.
With integrity and availability, confidentiality is considered part of the CIA Triad, which represents the three most crucial components of information security. The minimum number of nodes or links whose removal results in losing all paths that can be used to transfer information from a source to a sink. The unexpected failure or outage of a system component, such as a generator, transmission line, circuit breaker, switch, or other electrical element. Facilities, systems, and equipment which, if destroyed, degraded, or otherwise rendered unavailable, would affect the reliability or operability of the bulk electric system.
The assets, systems, and networks, whether physical or virtual, so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, public health or safety, or any combination thereof.
A digital currency used as a medium of exchange, similar to other currencies. However, unlike other currencies, cryptocurrency operates independently of a central bank and uses encryption techniques and blockchain technology to secure and verify transactions. An attempt to infiltrate information technology systems, computer networks, or individual computers with a malicious intent to steal information, cause damage, or destroy specific targets within the system.
A program of the U. S Department of Homeland Security that enables actionable, relevant, and timely unclassified information exchange through trusted public-private partnerships across all critical infrastructure sectors. SANS Institute. A framework to provide emergency cyber assistance within the electric power and natural gas industries. Electricity Sector Coordinating Council.
A group of experts that assesses, documents, and responds to a cyber incident so that a network can not only recover quickly, but also avoid future incidents. A model that helps organizations—regardless of size, type, or industry—evaluate, prioritize, and improve their own cybersecurity capabilities. The management, operational, and technical methods, policies, and procedures—manual or automated— i. An event occurring on or conducted through a computer network that actually or imminently jeopardizes the integrity, confidentiality, or availability of computers, information or communications systems or networks, physical or virtual infrastructure controlled by computers or information systems, or information resident thereon.
A cyber incident may include a vulnerability in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source. A public-private data sharing and analysis platform that facilitates the timely bi-directional sharing of unclassified and classified threat information among energy sector stakeholders. A global domain within the information environment consisting of the interdependent network of IT and ICS infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.
Private, distributed file sharing networks where connections are made only between trusted peers. Darknets are distinct from other distributed networks as sharing is anonymous i. Cyber Risk Insurance Forum. Cybersecurity strategy that integrates people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization.
A cyber attack that occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor. A denial-of-service floods the targeted host or network with traffic until the target cannot respond or simply crashes, preventing access for legitimate users.
DoS attacks can cost an organization both time and money while their resources and services are inaccessible. Control achieved by intelligence that is distributed about the process to be controlled, rather than by a centrally located single unit.
An array of activities that support a robust, secure, reliable, and resilient energy infrastructure. These include energy emergency planning, preparedness, mitigation, and response. A security approach that focuses on locking down endpoints—individual computers, phones, tablets, and other network-enabled devices—in order to keep networks safe. CSO Online.
A piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic.
A network security device that monitors incoming and outgoing network traffic and helps screen out hackers, viruses, and worms that try to reach a computer over the Internet. A firewall can be hardware, software, or both. A software program or set of instructions programmed on a hardware device.
It provides the necessary instructions for how the device communicates with the other computer hardware. They provide interdisciplinary expertise and situational awareness to inform decision-making at all levels of government. Fusion centers are owned and operated by State and Local entities with support from federal partners. An intermediate system interface, relay that attaches to two or more computer networks that have similar functions but dissimilar implementations and that enables either one-way or two-way communication between the networks.
A trusted network for homeland security mission operations to share sensitive but unclassified information. Federal, state, local, territorial, tribal, international and private sector homeland security partners use HSIN to manage operations, analyze data, send alerts and notices, and share the information they need to do their jobs and help keep their communities safe. A trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems.
Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.
The hardware or software through which an operator interacts with a controller. An HMI can range from a physical control panel with buttons and indicator lights to an industrial PC with a color graphics display running dedicated HMI software.
Access control based on the identity of the user typically relayed as a characteristic of the process acting on behalf of that user , where access authorizations to specific objects are assigned based on user identity. A general term that includes several types of control systems, including supervisory control and data acquisition SCADA systems, distributed control systems DCS , Programmable Logic Controllers PLC and others often found in industrial and critical infrastructure sectors.
An ICS consists of combinations of control components that act together to achieve an industrial objective. ISC-CERT collaborates law enforcement agencies and the intelligence community and coordinates efforts among Federal, State, local, and tribal governments and control systems owners, operators, and vendors. The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction to provide confidentiality, integrity, and availability.
Sector-specific, member-driven organizations formed by critical infrastructure owners and operators to share information between government and industry. A discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information. The technology involving the development, maintenance, and use of computer systems, software, and networks for the processing and distribution of data.
Merriam Webster Dictionary. A partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical Infrastructure. Guarding against improper information modification or destruction; includes ensuring the non-repudiation and authenticity of information.
With confidentiality and availability, integrity is considered part of the CIA Triad, which represents the three most crucial components of information security. Standards that represent global consensus on a solution to a particular issue. They provide requirements, specifications, guidelines or characteristics to ensure that materials, products, processes and services are safe to use and fit for their purpose.
Main Menu. Cyber Glossary Learn more about common and not so common cybersecurity terminology. Acceptable Interruption Window.
Cybersecurity is an every-day growing industry, which inevitably infiltrates the day-to-day life of each of us. With all the appearing tools, technologies, methods, and attacks, the cybersecurity field remains one of the hardest to grasp and to keep up with. To help you to understand it a little bit better, we wrote this shortlist of basic cybersecurity terms and definitions. Also, this list will make you more aware of the threats that lie in wait for you around every internet corner. Antivirus — software that scans a device or a network to detect security threats, alert you, and neutralize malicious code.
Cyber Security. Is there a better place to start? Phishing is one of the most common hacking terminology used by security people. The high-level policy of an organization that specifies what information is to be collected. The places that use the key or keys 1. This glossary includes most of the terms in the NIST publications. Prowse, David L.
No information is available for this page.
It also contains terms that public utility commissions may encounter during engagements with utilities on the topic of cybersecurity. Definitions contained in this glossary are from authoritative sources. They are gathered here for ease of use. Many definitions are cited verbatim; however, some have been paraphrased or adapted for clarity and conciseness. Links to original sources are included.
The topic of cyber security is sweeping the world by storm with some of the largest and most advanced companies in the world falling victim to cyber-attacks in just the last 5 years. Against that backdrop, highly personal and sensitive information such as social security numbers were recently stolen in the Equifax hack , affecting over million people. Unfortunately, as long as computers exist, we are at risk of having our digital data compromised and manipulated.
I'm at home taking the online class but I feel like I'm ther [ Perry II, University of Tennessee. Toggle navigation. Glossary of Security Terms.
Your email address will not be published. Required fields are marked *