An individual, group, organization, or government that executes an attack.

Extended Definition: A party acting with malicious intent to compromise an information system.

Adapted from: Barnum & Sethi (2006), NIST SP 800-63 Rev 1

Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies ( as of 11 November 2015, Global Standards

Comments are closed.