Glossary
Browse the IADC Lexicon alphabetically or by category. Get comprehensive definitions of drilling industry terms.
Cyber Operations
Definition(s)
Cyber Operations
In the NICE Workforce Framework, cybersecurity work where a person: Performs activities to gather evidence on criminal or foreign intelligence entities in order to mitigate possible or real-time threats, protect against espionage or insider threats, foreign sabotage, international terrorist activities, or to support other intelligence activities. From: NICE Workforce Framework Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCyber Infrastructure
Definition(s)
Cyber Infrastructure
An electronic information and communications systems and services and the information contained therein. Extended Definition: The information and communications systems and services composed of all hardware and software that process, store, and communicate information, or any combination of all of these elements: Processing includes the creation, access, modification, and destruction of information. Storage includes paper, magnetic, electronic, and all other media types. Communications include sharing and distribution of information. Adapted from: NIPP. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCyber Incident Response Plan
Definition(s)
Cyber Incident Response Plan
A set of predetermined and documented procedures to detect and respond to a cyber incident. Adapted from: CNSSI 4009 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCyber Incident
Definition(s)
Cyber Incident
An occurrence that actually or potentially results in adverse consequences to (adverse effects on) (poses a threat to) an information system or the information that the system processes, stores, or transmits and that may require a response action to mitigate the consequences. Extended Definition: An occurrence that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies. Adapted from: CNSSI 4009, FIPS 200, NIST SP 800-53 Rev 4, ISSG Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCyber Exercise
Definition(s)
Cyber Exercise
A planned event during which an organization simulates a cyber disruption to develop or test capabilities such as preventing, detecting, mitigating, responding to or recovering from the disruption. Adapted from: NCSD Glossary, DHS Homeland Security Exercise and Evaluation Program. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCyber Ecosystem
Definition(s)
Cyber Ecosystem
The interconnected information infrastructure of interactions among persons, processes, data, and information and communications technologies, along with the environment and conditions that influence those interactions. Adapted from: DHS personnel Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCustomer Service and Technical Support
Definition(s)
Customer Service and Technical Support
In the NICE Workforce Framework, cybersecurity work where a person: Addresses problems, installs, configures, troubleshoots, and provides maintenance and training in response to customer requirements or inquiries (e.g., tiered-level customer support). From: NICE Workforce Framework Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCryptography
Definition(s)
Cryptography
The mathematical science that deals with cryptanalysis and cryptography. From: CNSSI 4009 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCryptography
The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication, and data origin authentication. Extended Definition: The art or science concerning the principles, means, and methods for converting plaintext into ciphertext and for restoring encrypted ciphertext to plaintext. From: NIST SP 800-130; Adapted from: CNSSI 4009 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCryptographic Hash Value
Definition(s)
Cryptographic Hash Value
A numeric value resulting from applying a mathematical algorithm against a set of data such as a file. Adapted from: CNSSI 4009 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCryptographic Algorithm
Definition(s)
Cryptographic Algorithm
Algorithm based upon the science of cryptography, including encryption algorithms, cryptographic hash algorithms, digital signature algorithms, and key agreement algorithms.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardCryptographic Algorithm
A well-defined computational procedure that takes variable inputs, including a cryptographic key, and produces an output. From: CNSSI 4009 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCryptanalysis
Definition(s)
Cryptanalysis
The operations performed in defeating or circumventing cryptographic protection of information by applying mathematical techniques and without an initial knowledge of the key employed in providing the protection. Extended Definition: The study of mathematical techniques for attempting to defeat or circumvent cryptographic techniques and/or information systems security. Adapted from: CNSSI 4009, NIST SP 800-130 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCritical Infrastructure and Key Resources
Definition(s)
Critical Infrastructure and Key Resources
The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters. Adapted from: National Infrastructure Protection Plan Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCritical Infrastructure
Definition(s)
Critical Infrastructure
The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters. Adapted from: National Infrastructure Protection Plan Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsContinuity of Operations Plan
Definition(s)
Continuity of Operations Plan
A document that sets forth procedures for the continued performance of core capabilities and critical operations during any disruption or potential disruption. Adapted from: CPG 101, CNSSI 4009 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsConfidentiality
Definition(s)
Confidentiality
A property that information is not disclosed to users, processes, or devices unless they have been authorized to access the information. Extended Definition: Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. Adapted from: CNSSI 4009, NIST SP 800-53 Rev 4, 44 U.S.C., Sec 3542 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsConfidentiality
Property that information is not made available or disclosed to unauthorized individuals, entities, or processes. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsConfidentiality
assurance that information is not disclosed to unauthorized individuals, processes, or devices [9]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardsComputer Security Incident
Definition(s)
Computer Security Incident
An occurrence that actually or potentially results in adverse consequences to (adverse effects on) (poses a threat to) an information system or the information that the system processes, stores, or transmits and that may require a response action to mitigate the consequences. Extended Definition: An occurrence that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies. Adapted from: CNSSI 4009, FIPS 200, NIST SP 800-53 Rev 4, ISSG Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsComputer Network Defense Infrastructure Support
Definition(s)
Computer Network Defense Infrastructure Support
In the NICE Workforce Framework, cybersecurity work where a person: Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources; monitors network to actively remediate unauthorized activities. From: NICE Workforce Framework Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsComputer Network Defense Analysis
Definition(s)
Computer Network Defense Analysis
In the NICE Workforce Framework, cybersecurity work where a person: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats. From: NICE Workforce Framework Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsComputer Network Defense
Definition(s)
Computer Network Defense
The actions taken to defend against unauthorized activity within computer networks. From: CNSSI 4009 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsComputer Forensics
Definition(s)
Computer Forensics
The processes and specialized techniques for gathering, retaining, and analyzing system-related data (digital evidence) for investigative purposes. Extended Definition: In the NICE Workforce Framework, cybersecurity work where a person: Collects, processes, preserves, analyzes, and presents computer-related evidence in support of network vulnerability, mitigation, and/or criminal, fraud, counterintelligence or law enforcement investigations. Adapted from: CNSSI 4009; From: NICE Workforce Framework Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCollection Operations
Definition(s)
Collection Operations
In the NICE Workforce Framework, cybersecurity work where a person: Executes collection using appropriate strategies and within the priorities established through the collection management process. From: NICE Workforce Framework Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCollect & Operate
Definition(s)
Collect & Operate
A NICE Workforce Framework category consisting of specialty areas responsible for specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence. From: NICE Workforce Framework Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCloud Computing
Definition(s)
Cloud Computing
A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Adapted from: CNSSI 4009, NIST SP 800-145 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCiphertext
Definition(s)
Ciphertext
Data or information in its encrypted form. From: CNSSI 4009 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsCiphertext
Data that has been transformed by encryption so that its semantic information content (i.e., its meaning) is no longer intelligible or directly available.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardCipher
Definition(s)
Cipher
A well-defined computational procedure that takes variable inputs, including a cryptographic key, and produces an output. From: CNSSI 4009 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsBuild Security In
Definition(s)
Build Security In
A set of principles, practices, and tools to design, develop, and evolve information systems and software that enhance resistance to vulnerabilities, flaws, and attacks. Adapted from: Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program (2011), US-CERT's Build Security In website Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsBug
Definition(s)
Bug
An unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device. Adapted from: NCSD Glossary Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsBotnet
Definition(s)
Botnet
Remote control software, specifically a collection of malicious bots, that run autonomously or automatically on compromised computers. Source: ISO/IEC 27032:2015, Information technology — Security techniques — Guidelines for cybersecurity, First Edition, July 2012. Global StandardsBotnet
A collection of computers compromised by malicious code and controlled across a network. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsBotnet
Collection of software robots, or bots, which run autonomously.- NOTE: A botnet's originator can control the group remotely, possibly for nefarious purposes.