Glossary
Browse the IADC Lexicon alphabetically or by category. Get comprehensive definitions of drilling industry terms.
Malicious Logic
Definition(s)
Malicious Logic
Software that compromises the operation of a system by performing an unauthorized function or process. Adapted from: CNSSI 4009, NIST SP 800-83. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsMalicious Logic
Hardware, firmware, or software that is intentionally included or inserted in a system to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system. Adapted from: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsMalicious Code
Definition(s)
Malicious Code
Program code intended to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system. Extended Definition: Includes software, firmware, and scripts. Adapted from: CNSSI 4009. NIST SP 800-53 Rev 4. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsMalicious Code
Software that compromises the operation of a system by performing an unauthorized function or process. Adapted from: CNSSI 4009, NIST SP 800-83. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsMalicious Code
Programs or code written for the purpose of gathering information about systems or users, destroying system data, providing a foothold for further intrusion into a system, falsifying system data and reports, or providing time-consuming irritation to system operations and maintenance personnel.- NOTE: Malicious code attacks can take the form of viruses, worms, Trojan Horses, or other automated exploits.
- NOTE: Malicious code is also often referred to as “malware.”
Malicious Applet
Definition(s)
Malicious Applet
A small application program that is automatically downloaded and executed and that performs an unauthorized function on an information system. From: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsMalicious Applet
Software that compromises the operation of a system by performing an unauthorized function or process. Adapted from: CNSSI 4009, NIST SP 800-83. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsMacro Virus
Definition(s)
Macro Virus
A type of malicious code that attaches itself to documents and uses the macro programming capabilities of the documents application to execute, replicate, and spread or propagate itself. Adapted from: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsMachine Learning and Evolution
Definition(s)
Machine Learning and Evolution
A field concerned with designing and developing artificial intelligence algorithms for automated knowledge discovery and innovation by information systems. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsLegal Advice and Advocacy
Definition(s)
Legal Advice and Advocacy
In the NICE Workforce Framework, cybersecurity work where a person: Provides legally sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain; advocates legal and policy changes and makes a case on behalf of client via a wide range of written and oral work products, including legal briefs and proceedings. From: NICE Workforce Framework Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsKnowledge Management
Definition(s)
Knowledge Management
In the NICE Workforce Framework, cybersecurity work where a person: Manages and administers processes and tools that enable the organization to identify, document, and access intellectual capital and information content. From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsKeylogger
Definition(s)
Keylogger
Software or hardware that tracks keystrokes and keyboard events, usually surreptitiously / secretly, to monitor actions by the user of an information system. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsKey Resource
Definition(s)
Key Resource
A publicly or privately controlled asset necessary to sustain continuity of government and/or economic operations, or an asset that is of great historical significance. From: NCSD glossary. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsKey Pair
Definition(s)
Key Pair
A public key and its corresponding private key. Extended Definition: Two mathematically related keys having the property that one key can be used to encrypt a message that can only be decrypted using the other key. Adapted from: CNSSI 4009, Federal Bridge Certificate Authority Certification Policy 2.25. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsKey
Definition(s)
Key
The numerical value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification. From: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsIT Asset
Definition(s)
IT Asset
A person, structure, facility, information, and records, information technology systems and resources, material, process, relationships, or reputation that has value. Extended Definition: Anything useful that contributes to the success of something, such as an organizational mission; assets are things of value or properties to which value can be assigned. Adapted from: DHS Risk Lexicon. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsInvestigation
Definition(s)
Investigation
A systematic and formal inquiry into a qualified threat or incident using digital forensics and perhaps other traditional criminal inquiry techniques to determine the events that transpired and to collect evidence. Extended Definition: In the NICE Workforce Framework, cybersecurity work where a person: Applies tactics, techniques, and procedures for a full range of investigative tools and processes to include but not limited to interview and interrogation techniques, surveillance, counter surveillance, and surveillance detection, and appropriately balances the benefits of prosecution versus intelligence gathering. Adapted from: ISSG V1.2 Database; Conrad, E., Misenauer, S., & Feldman, J. (2010). CISSP® Study Guide. Burlington, MA: Syngress; From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsInvestigate
Definition(s)
Investigate
A NICE Workforce Framework category consisting of specialty areas responsible for the investigation of cyber events and/or crimes of IT systems, networks, and digital evidence From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsIntrusion
Definition(s)
Intrusion
An unauthorized act of bypassing the security mechanisms of a network or information system. Adapted from: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsIntrusion
Unauthorized act of compromising a system (See “attack”). Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardInteroperability
Definition(s)
Interoperability
The ability of two or more systems or components to exchange information and to use the information that has been exchanged. Adapted from: IEEE Standard Computer Dictionary. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsIntent
Definition(s)
Intent
A state of mind or desire to achieve an objective.
Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1st Ed. September 2016. Global StandardsIntent
A course of action that a threat intends to follow.
Source:API STANDARD 780, Security Risk Assessment Methodology for the Petroleum and Petrochemical Industries, First Edition, May 2013. Global StandardsIntent
A state of mind or desire to achieve an objective. Sample Usage: The content of domestic extremist websites may demonstrate an intent to conduct acts of terrorism. Annotation:- Adversary intent is the desire or design to conduct a type of attack or to attack a type of target.
- Adversary intent is one of two elements, along with adversary capability, that is commonly considered when estimating the likelihood of terrorist attacks and often refers to the likelihood that an adversary will execute a chosen course of action or attempt a particular type of attack.