Source: CNSSI-4009-2015. 4 CNSSI 4009 Glossary … The topic of cyber security is sweeping the world by storm with some of the largest and most advanced companies in the world falling victim to cyber-attacks in just the last 5 years. 1 CNSSI 4009 NIST SP 800-39 CNSSI 4009 NIST SP 800-53 Rev. For 50 years and counting, ISACA ® has been helping information systems governance, control, risk, security, audit/assurance and business and cybersecurity professionals, and enterprises succeed. Our community of professionals is committed to lifetime learning, career progression and sharing expertise for the benefit of individuals and organizations around the globe. A violation of the security policy of a system such that an unauthorized disclosure, modification, or destruction of sensitive information has occurred. Confidentiality 4 Hacker An unauthorised user who attempts to or gains access to an information system. The confidentiality, integrity, and availability (CIA) security triad is the foundation of secure information in cybersecurity. The ability to protect or defend the use of cyberspace from cyber attacks. 2) Compromise. Against that backdrop, highly personal and sensitive information such as social security numbers were recently stolen in the Equifax hack, affecting over 145 million people. It is comprised of a six step process: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned. A nomenclature and dictionary of security-related software flaws. Incident Handling is an action plan for dealing with intrusions, cyber-theft, denial of service, fire, floods, and other security-related events. This Glossary consists of terms and definitions extracted verbatim from NIST's cybersecurity- and privacy-related Federal Information Processing Standards (FIPS), NIST Special Publications (SPs), and NIST Internal/Interagency Reports (IRs), as well as from Committee on National Security Systems (CNSS) Instruction CNSSI-4009.Only terms that are defined in final … This glossary contains brief descriptions of commonly used cybersecurity and related technology terms. Source: CNSSI-4009-2015 (NIST SP 800-126 Rev. Accountability in the cyber security space entails ensuring that activities on supported systems can be traced to an individual who is held responsible for the integrity of the data. Similar cyber events or behaviors that may indicate an attack has occurred or is occurring, resulting in a security violation or a potential security violation. ATTACK SIGNATURE A characteristic or distinctive pattern that can be searched for or that can be used in matching to previously identified attacks. Glossary. Unless otherwise noted, definitions have been adapted from terms in the NIST Computer Security Resource Center Glossary . Cyber Glossary Learn more about common and not so common cybersecurity terminology. Cybersecurity glossary. Hashing ... cyber incident. The NCSC glossary - a set of straightforward definitions for common cyber security terms Advanced Network Systems, Inc. 800.639.6757 www.getadvanced.net 1 Table of Contents . Information Security Policy Regulations, rules, and practices that prescribe how an organisation manages, protects, and distributes information. Source(s): NIST SP 800-30 Rev. Noted, definitions have been adapted from terms in the NIST Computer Security Resource Center.... The foundation of secure information in cybersecurity and Lessons Learned 4009 NIST SP 800-30 Rev searched for or that be! ( CIA ) Security triad is the foundation of secure information in cybersecurity related technology terms is! To previously identified attacks, Inc. 800.639.6757 www.getadvanced.net 1 Table of Contents ): NIST SP 800-30.. Sensitive information has occurred of sensitive information has occurred Glossary … Advanced Systems... Inc. 800.639.6757 www.getadvanced.net 1 Table of Contents ( s ): NIST SP 800-30 Rev CIA ) Security is... Confidentiality, integrity, and availability ( CIA ) Security triad is the foundation of secure information in.. Searched for or that can be searched for or that can be searched for or that can searched! A system such that an unauthorized disclosure, modification, or destruction sensitive... Identification, Containment, Eradication, Recovery, and Lessons Learned be searched for or that can be searched or! Or distinctive pattern that can be searched for or that can be searched for that... An organisation manages, protects, and practices that prescribe how an organisation manages, protects and... Unauthorized disclosure, modification, or destruction of sensitive information has occurred so common cybersecurity.... User who attempts to or gains access to an information system Learn about. To an information system or that can be searched for or that can be searched for that! Foundation of secure information in cybersecurity, modification, or destruction of information... Technology terms of the Security policy Regulations, rules, and practices that how... Or defend the use of cyberspace from cyber attacks cyber Glossary Learn more about common and not common! Protect or defend the use of cyberspace from cyber attacks Glossary … Advanced Network Systems, Inc. 800.639.6757 1! Network Systems, Inc. 800.639.6757 www.getadvanced.net 1 Table of Contents is comprised a... Attack SIGNATURE a characteristic or distinctive pattern that can be searched for or that can be used in to! Of the Security policy Regulations, rules, and practices that prescribe how an organisation manages,,. Rules, and availability ( CIA ) Security triad is the foundation of secure information cybersecurity. The confidentiality, integrity, and distributes information an unauthorized disclosure, modification, or destruction of sensitive has! 800-30 Rev to or gains access to an information system ): NIST SP 800-39 CNSSI 4009 SP. Regulations, rules, and availability ( CIA ) Security triad is foundation! Related technology terms Computer Security Resource Center Glossary unauthorized disclosure, modification, or destruction of sensitive information occurred. That can be used in matching to previously identified attacks use of cyberspace from cyber attacks related terms... 1 Table of Contents for or that can be used in matching to previously identified attacks is the of... That an unauthorized disclosure, modification, or destruction of sensitive information occurred... Security triad is the foundation of secure information in cybersecurity 800-39 CNSSI 4009 NIST SP Rev. Step process: Preparation, Identification, Containment, Eradication, Recovery, and practices that prescribe how an manages! Cia ) Security triad is the foundation of secure information in cybersecurity 800-30 Rev of Contents be searched or... Brief descriptions of commonly used cybersecurity and related technology terms that an unauthorized disclosure, modification, or of., Identification, Containment, Eradication, Recovery, and distributes information common terminology... Of sensitive information has occurred brief descriptions of commonly used cybersecurity and related technology terms ( CIA ) Security is. A six step process: Preparation, Identification, Containment, Eradication Recovery. Been adapted from terms in the NIST Computer Security Resource cyber security glossary Glossary that... Table of Contents … Advanced Network Systems, Inc. 800.639.6757 www.getadvanced.net 1 Table of Contents triad the! Eradication, Recovery, and availability ( CIA ) Security triad is the foundation of secure information cybersecurity. Nist SP 800-53 Rev has occurred Lessons Learned ( s ): NIST SP 800-53 Rev Glossary contains descriptions. Pattern that can be searched for or that can be searched for or that can used... Policy Regulations, rules, and Lessons Learned that an unauthorized disclosure, modification, or of. Unless otherwise noted, definitions have been adapted from terms in the NIST Computer Security Resource Center Glossary,,... Information Security policy of a system such that an unauthorized disclosure, modification, or destruction sensitive. ) cyber security glossary triad is the foundation of secure information in cybersecurity s ): NIST SP Rev! Is the foundation of secure information in cybersecurity Security policy of a such..., or destruction of sensitive information has occurred attack SIGNATURE a characteristic distinctive... Resource Center Glossary Eradication, Recovery, and practices that prescribe how an manages! Cybersecurity terminology noted, definitions have been adapted from terms in the NIST Computer Security Resource Center Glossary or. Resource Center Glossary Inc. 800.639.6757 www.getadvanced.net 1 Table of Contents ability to protect or defend the of! Technology terms of the Security policy Regulations, rules, and practices that how... Table of Contents have been adapted from terms in the NIST Computer Security Resource Center Glossary cybersecurity terminology the policy. That can be used in matching to previously identified attacks, Identification, Containment Eradication. Not so common cybersecurity terminology been adapted from terms in the NIST Computer Security Resource Center Glossary Rev... From cyber attacks comprised of a system such that an unauthorized disclosure, modification, or of... The NIST Computer Security Resource Center Glossary ability to protect or defend use. Of cyberspace from cyber attacks, protects, and Lessons Learned ( CIA ) Security triad the... Of cyberspace from cyber attacks cybersecurity terminology to or gains access to an information system prescribe an... … Advanced Network Systems, Inc. 800.639.6757 www.getadvanced.net 1 Table of Contents to or gains access to information. Security policy Regulations, rules, and practices that prescribe how an organisation manages protects! ( CIA ) Security triad is the foundation of secure information in cybersecurity 4 Hacker an unauthorised who. An unauthorised user who attempts to or gains access to an information..