The IoT and OT security glossary for all

Comprehend essential terms and jargons of the converged security domain

G
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
G
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

A

Access

A permission that grants a user to interact or control a system is known as access.

Access Control

The ability to grant, limit or deny a user access to the system is called access control.

Advanced Persistent Threat (APT)

A threat actor or an adversarial group that operates with a substantial amount skill, resources and bandwidth to persistently carry out and achieve objectives of ill intent via multiple attack vectors Example: APT 41, APT 27 etc.

Air Gap

The physical separation or isolation of a system from other systems or networks.

Alert

In cybersecurity, ‘Alert’ means a prompt or a notification that qualifies to be a matter of urgency and criticality to the right designated user indicating potential (or active) threats, vulnerabilities, or risks.

Asset

In IoT and OT security; an Asset can be defined as a device, equipment or a control system that allows a continual operation of a certain objective with minimal to no human interaction

Attack Surface

A potential weakness of a system or an asset that allows a threat actor to penetrate, compromise or infiltrate into the system or the network.

B

Behavior Monitoring

The process of examining the interactions of users, assets or systems in a network against a set of predetermined baselines set within the designated areas of operations.

Bot

A system or an asset that has been compromised with malicious intent to carry out rogue activities under the remote control of a malicious threat actor.

Related Term(s): botnet

Botnet

A swarm of compromised systems or rogue assets across a network is called a botnet.

C

Converged networks

A group networks that habituates systems, assets of various technologies and requirements and communicate with each other to better operability is known a converged networks.

Cryptographic Algorithm

A process of problem-solving operations using a cryptographic key is known as a cryptographic algorithm

Cyber Kill Chain

The entire lifecycle of an attack from the early stage of planning, reconnaissance, probing, infiltration, to the end of its objective is known as a cyber kill chain.

Cyber Operations

Analysis, research, observation and calibration of the networks where systems, users and assets interact directly or indirectly in a well-documented and a procedural method to eliminate challenges or occurrence of future challenges is called as cyberoperations.

Cyber Threat

Expression of ill intent or gaps that allow a user or a system to compromise the network/system/user/asset is known as a cyber threat.

Cyber Threat Intelligence (CTI)

Actionable and contextual Information used to prevent, defend, mitigate, or eliminate potential harm/risk gathered from various aspects and processes regarding a cyberthreat(s) with potential risk(s) to one’s organization, critical systems and assets is called as cyber threat intelligence.

Cybersecurity

Cybersecurity can simply be defined as (1) Mitigation of risks via policy/law enforcement, vulnerability management and threat detection (2) Safety from threats and attacks of ill intent to maintain confidentiality, integrity and availability of interacting users, systems, networks and connected assets in the cyberspace.

Cyberspace

Network(s) (Connected to the internet or Offline networks) where users, systems and assets interoperate or interact is known as cyberspace.

D

Data Aggregation

Collection and mapping of data sourced from various aspects revealing new information is called as data aggregation.

Related Term(s): data mining

Data Breach

The revelation, prohibited transit, or exfiltration of information of criticality(or confidential) from an adversary, system, user, asset or network to unauthorized personnel is called a data breach.

Related Term(s): data loss, data theft, exfiltration

Data Integrity

The completeness, intactness and confidentiality of Information in transit or storage with availability to only authorized personnel is called data integrity.

Related Term(s): integrity, system integrity

Decryption

The process of decoding unintelligible information, or liberation of encrypted information to a comprehensive, actionable, and operatable intelligence is called decryption.

Synonym(s): decode, decrypt, decipher

Denial of Service (DoS)

A failure that cripples or denies the optimal functionality of authorized operations/tasks by a system, asset or network caused by the overwhelming amount service requests.

Digital Forensics

The process of gathering, documenting, and examining information/evidence enabling the accurate determination of a cybercrime or a suspected cyber crime that provides source, method, cause and extent of damage occurred due to the crime.

Synonym(s): computer forensics, forensics

Digital Signature

Digital signature is a mathematical algorithm that provides identification to validate an authorized interacting user, system or an asset in the network and information regarding the activities of an unauthorized user, system or an asset in the network.

Related Term(s): electronic signature

Distributed Denial of Service (DDoS)

A distributed denial of service is a method to cause a denial of service by the abuse of multiple systems and assets (Botnet)to target and attack a system, user or network simultaneously.

Related Term(s): denial of service, botnet

DNS Hijacking

A malicious threat actor that obtains control over an unauthorised DNS is called DNS hijacking.

Related terms: Traffic distribution system, Access Management

E

Electronic Signature

Any mark in electronic form associated with an electronic document, applied with the intent to sign the document.

Related Term(s): digital signature

Encryption

The process of obfuscating the information, system, asset or network to prevent any unauthorised activity by cryptography and coding

Synonym(s): encipher, encode

Exploit

A breach of a network, system, or an asset by an unauthorized actor with ill intent to obtain information or control of a system, asset or network is called as an exploit.

Exploitation Analysis

The process of determining the source, cause, the damage caused or potential risks of an exploit or potential exploit is called as exploitation analysis.

F

Failure (System Failure)

The impairment or failure of a system or asset to operate at optimal performance or the inability to function is called as a system failure.

Fileless Malware

A malware that requires no deployment of a file to exploit a system, asset or a network but relies on existing programs/files within to breach or compromise the target making it hard to detect and eliminate.

Firewall

A set of rules that limit the access of a asset or system programs that are connected to the network to prevent malicious activities.

H

Hacker

A threat actor with ill intentions that may cause harm/breach/ or gains unauthorised access to a network, asset or a system.

Hacktivism

Hacktivism is a form of collective hacking of systems, assets and networks driven by set of manifests.

Hash Value

A digital fingerprint of a numeric value derived from a mathematical algorithm against a collection of data.

Synonym(s): cryptographic hash value

Related Term(s): hashing

Hashing

The process of converting or transforming a key or a string of characters of arbitrary size to another value that is well structured and easy to comprehend.