Tabletop Exercise

Tabletop Exercise

Definition(s)


Tabletop Exercise

A discussion-based exercise where personnel meet in a classroom setting or breakout groups and are presented with a scenario to validate the content of plans, procedures, policies, cooperative agreements or other information for managing an incident. Adapted from: NCSD Glossary, DHS Homeland Security Exercise and Evaluation Program. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Systems Security Architecture

Systems Security Architecture

Definition(s)


Systems Security Architecture

In the NICE Workforce Framework, cybersecurity work where a person: Develops system concepts and works on the capabilities phases of the systems development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into system and security designs and processes. From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Systems Security Analysis

Systems Security Analysis

Definition(s)


Systems Security Analysis

In the NICE Workforce Framework, cybersecurity work where a person: Conducts the integration/testing, operations, and maintenance of systems security. From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Systems Requirements Planning

Systems Requirements Planning

Definition(s)


Systems Requirements Planning

In the NICE Workforce Framework, cybersecurity work where a person: Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions; provides guidance to customers about applicability of information systems to meet business needs. From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Systems Development

Systems Development

Definition(s)


Systems Development

In the NICE Workforce Framework, cybersecurity work where a person: Works on the development phases of the systems development lifecycle. From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
System Integrity

System Integrity

Definition(s)


System Integrity

The attribute of an information system when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. From: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
System Administration

System Administration

Definition(s)


System Administration

In the NICE Workforce Framework, cybersecurity work where a person: Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability; also manages accounts, firewalls, and patches; responsible for access control, passwords, and account creation and administration. From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Symmetric Key

Symmetric Key

Definition(s)


Symmetric Key

A cryptographic key that is used to perform both the cryptographic operation and its inverse, for example to encrypt plaintext and decrypt ciphertext, or create a message authentication code and to verify the code. Extended Definition: Also, a cryptographic algorithm that uses a single key (i.e., a secret key) for both encryption of plaintext and decryption of ciphertext. From: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Symmetric Encryption Algorithm

Symmetric Encryption Algorithm

Definition(s)


Symmetric Encryption Algorithm

A branch of cryptography in which a cryptographic system or algorithms use the same secret key (a shared secret key). Adapted from: CNSSI 4009, SANS. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Supply Chain Risk Management

Supply Chain Risk Management

Definition(s)


Supply Chain Risk Management

The process of identifying, analyzing, and assessing supply chain risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken. Adapted from: DHS Risk Lexicon, CNSSD 505 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Subject

Subject

Definition(s)


Subject

An individual, process, or device causing information to flow among objects or a change to the system state. Extended Definition: An active entity. Adapted from: NIST SP 800-53 Rev 4., CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Strategic Planning and Policy Development

Strategic Planning and Policy Development

Definition(s)


Strategic Planning and Policy Development

In the NICE Workforce Framework, cybersecurity work where a person: Applies knowledge of priorities to define an entity. From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Spyware

Spyware

Definition(s)


Spyware

Deceptive software that collects private or confidential information from a computer user.
  • NOTE Information can include matters such as websites most frequently visited or more sensitive information such as passwords.
Source: ISO/IEC 27032:2015, Information technology — Security techniques — Guidelines for cybersecurity, First Edition, July 2012. Global Standards

Spyware

Software that is secretly or surreptitiously installed into an information system without the knowledge of the system user or owner. SP 800-53 Rev 4. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Spoofing

Spoofing

Definition(s)


Spoofing

Faking the sending address of a transmission to gain illegal [unauthorized] entry into a secure system. Extended Definition: The deliberate inducement of a user or resource to take incorrect action. Note: Impersonating, masquerading, piggybacking, and mimicking are forms of spoofing. From: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Spillage

Spillage

Definition(s)


Spillage

The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Spam

Spam

Definition(s)


Spam

Abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages.
  • NOTE While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, web search engine spam, spam in blogs, wiki spam, mobile phone messaging spam, Internet forum spam and junk fax transmissions.
Source: ISO/IEC 27032:2015, Information technology — Security techniques — Guidelines for cybersecurity, First Edition, July 2012. Global Standards

Spam

The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. Adapted from: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Software Assurance and Security Engineering

Software Assurance and Security Engineering

Definition(s)


Software Assurance and Security Engineering

In the NICE Workforce Framework, cybersecurity work where a person: Develops and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs following software assurance best practices. From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Software Assurance

Software Assurance

Definition(s)


Software Assurance

The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software functions in the intended manner. From: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Situational Awareness

Situational Awareness

Definition(s)


Situational Awareness

Comprehending information about the current and developing security posture and risks, based on information gathered, observation and analysis, and knowledge or experience. Extended Definition: In cybersecurity, comprehending the current status and security posture with respect to availability, confidentiality, and integrity of networks, systems, users, and data, as well as projecting future states of these. Adapted from: CNSSI 4009, DHS personnel, National Response Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Signature

Signature

Definition(s)


Signature

A recognizable, distinguishing pattern. Extended Definition: Types of signatures: attack signature, digital signature, electronic signature. From: CNSSI 4009; Adapted from: NIST SP 800-94. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Security Program Management

Security Program Management

Definition(s)


Security Program Management

In the NICE Workforce Framework, cybersecurity work where a person: Manages information security (e.g., information security) implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, policy enforcement, emergency planning, security awareness, and other resources (e.g., the role of a Chief Information Security Officer). From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Security Policy

Security Policy

Definition(s)


Security Policy

A rule or set of rules that govern the acceptable use of an organization's information and services to a level of acceptable risk and the means for protecting the organization's information assets. Extended Definition: A rule or set of rules applied to an information system to provide security services. Adapted from: CNSSI 4009, NIST SP 800-53 Rev 4, NIST SP 800-130, OASIS SAML Glossary 2.0. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards  

Security Policy

Set of rules that specify or regulate how a system or organization provides security services to protect its assets [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
Security Incident

Security Incident

Definition(s)


Security Incident

A security event which may compromise an asset and require action. Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1st Ed. September 2016. Global Standards

Security Incident

An occurrence that actually or potentially results in adverse consequences to (adverse effects on) (poses a threat to) an information system or the information that the system processes, stores, or transmits and that may require a response action to mitigate the consequences. Extended Definition: An occurrence that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies. Adapted from: CNSSI 4009, FIPS 200, NIST SP 800-53 Rev 4, ISSG. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards  

Security Incident

A security-related occurrence, threat, or action that has led to or could potentially lead to adversely affecting people, the environment, assets, and economic stability.

Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards  

Security Incident

Adverse event in a system or network or the threat of the occurrence of such an event [10].
  • NOTE: The term “near miss” is sometimes used to describe an event that could have been an incident under slightly different circumstances.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
Security Automation

Security Automation

Definition(s)


Security Automation

The use of information technology in place of manual processes for cyber incident response and management. Adapted from: DHS personnel. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Securely Provision

Securely Provision

Definition(s)


Securely Provision

A NICE Workforce Framework category consisting of specialty areas concerned with conceptualizing, designing, and building secure IT systems, with responsibility for some aspect of the systems' development. From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Secret Key

Secret Key

Definition(s)


Secret Key

A cryptographic key that is used for both encryption and decryption, enabling the operation of a symmetric key cryptography scheme. Extended Definition: Also, a cryptographic algorithm that uses a single key (i.e., a secret key) for both encryption of plaintext and decryption of ciphertext. Adapted from: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Rootkit

Rootkit

Definition(s)


Rootkit

A set of software tools with administrator-level access privileges installed on an information system and designed to hide the presence of the tools, maintain the access privileges, and conceal the activities conducted by the tools. Adapted from: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Risk-based Data Management

Risk-based Data Management

Definition(s)


Risk-based Data Management

A structured approach to managing risks to data and information by which an organization selects and applies appropriate security controls in compliance with policy and commensurate with the sensitivity and value of the data. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Risk Mitigation

Risk Mitigation

Definition(s)


Risk Mitigation

Application of measure or measures to reduce the likelihood of an unwanted occurrence and/or its consequences.

Source:API STANDARD 780, Security Risk Assessment Methodology for the Petroleum and Petrochemical Industries, First Edition, May 2013. Global Standards

Risk Mitigation

Application of measure or measures to reduce the likelihood of an unwanted occurrence and/or its consequences. Sample Usage: Through risk mitigation, the potential impact of the natural disaster on the local population was greatly reduced. Annotation: Risk mitigation measures may be implemented prior to, during, or after an incident, event, or occurrence. Source: DHS Risk Lexicon, U.S. Department of Homeland Security, 2010 Edition. September 2010 Regulatory Guidance

Risk Mitigation

The application of one or more measures to reduce the likelihood of an unwanted occurrence and/or lessen its consequences. Extended Definition: Implementing appropriate risk-reduction controls based on risk management priorities and analysis of alternatives. Adapted from: DHS Risk Lexicon, CNSSI 4009, NIST SP 800-53 Rev 4 Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Response Plan

Response Plan

Definition(s)


Response Plan

A set of predetermined and documented procedures to detect and respond to a cyber incident. Adapted from: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards