The IoT and OT security glossary for all
Comprehend essential terms and jargons of the converged security domain
A permission that grants a user to interact or control a system is known as access.
The ability to grant, limit or deny a user access to the system is called access control.
Advanced Persistent Threat (APT)
A threat actor or an adversarial group that operates with a substantial amount skill, resources and bandwidth to persistently carry out and achieve objectives of ill intent via multiple attack vectors Example: APT 41, APT 27 etc.
The physical separation or isolation of a system from other systems or networks.
In cybersecurity, ‘Alert’ means a prompt or a notification that qualifies to be a matter of urgency and criticality to the right designated user indicating potential (or active) threats, vulnerabilities, or risks.
In IoT and OT security; an Asset can be defined as a device, equipment or a control system that allows a continual operation of a certain objective with minimal to no human interaction
A potential weakness of a system or an asset that allows a threat actor to penetrate, compromise or infiltrate into the system or the network.
The process of examining the interactions of users, assets or systems in a network against a set of predetermined baselines set within the designated areas of operations.
A system or an asset that has been compromised with malicious intent to carry out rogue activities under the remote control of a malicious threat actor.
Related Term(s): botnet
A swarm of compromised systems or rogue assets across a network is called a botnet.
A group networks that habituates systems, assets of various technologies and requirements and communicate with each other to better operability is known a converged networks.
A process of problem-solving operations using a cryptographic key is known as a cryptographic algorithm
Cyber Kill Chain
The entire lifecycle of an attack from the early stage of planning, reconnaissance, probing, infiltration, to the end of its objective is known as a cyber kill chain.
Analysis, research, observation and calibration of the networks where systems, users and assets interact directly or indirectly in a well-documented and a procedural method to eliminate challenges or occurrence of future challenges is called as cyberoperations.
Expression of ill intent or gaps that allow a user or a system to compromise the network/system/user/asset is known as a cyber threat.
Cyber Threat Intelligence (CTI)
Actionable and contextual Information used to prevent, defend, mitigate, or eliminate potential harm/risk gathered from various aspects and processes regarding a cyberthreat(s) with potential risk(s) to one’s organization, critical systems and assets is called as cyber threat intelligence.
Cybersecurity can simply be defined as (1) Mitigation of risks via policy/law enforcement, vulnerability management and threat detection (2) Safety from threats and attacks of ill intent to maintain confidentiality, integrity and availability of interacting users, systems, networks and connected assets in the cyberspace.
Network(s) (Connected to the internet or Offline networks) where users, systems and assets interoperate or interact is known as cyberspace.
Collection and mapping of data sourced from various aspects revealing new information is called as data aggregation.
Related Term(s): data mining
The revelation, prohibited transit, or exfiltration of information of criticality(or confidential) from an adversary, system, user, asset or network to unauthorized personnel is called a data breach.
Related Term(s): data loss, data theft, exfiltration
The completeness, intactness and confidentiality of Information in transit or storage with availability to only authorized personnel is called data integrity.
Related Term(s): integrity, system integrity
The process of decoding unintelligible information, or liberation of encrypted information to a comprehensive, actionable, and operatable intelligence is called decryption.
Synonym(s): decode, decrypt, decipher
Denial of Service (DoS)
A failure that cripples or denies the optimal functionality of authorized operations/tasks by a system, asset or network caused by the overwhelming amount service requests.
The process of gathering, documenting, and examining information/evidence enabling the accurate determination of a cybercrime or a suspected cyber crime that provides source, method, cause and extent of damage occurred due to the crime.
Synonym(s): computer forensics, forensics
Digital signature is a mathematical algorithm that provides identification to validate an authorized interacting user, system or an asset in the network and information regarding the activities of an unauthorized user, system or an asset in the network.
Related Term(s): electronic signature
Distributed Denial of Service (DDoS)
A distributed denial of service is a method to cause a denial of service by the abuse of multiple systems and assets (Botnet)to target and attack a system, user or network simultaneously.
Related Term(s): denial of service, botnet
A malicious threat actor that obtains control over an unauthorised DNS is called DNS hijacking.
Related terms: Traffic distribution system, Access Management
Any mark in electronic form associated with an electronic document, applied with the intent to sign the document.
Related Term(s): digital signature
The process of obfuscating the information, system, asset or network to prevent any unauthorised activity by cryptography and coding
Synonym(s): encipher, encode
A breach of a network, system, or an asset by an unauthorized actor with ill intent to obtain information or control of a system, asset or network is called as an exploit.
The process of determining the source, cause, the damage caused or potential risks of an exploit or potential exploit is called as exploitation analysis.
Failure (System Failure)
The impairment or failure of a system or asset to operate at optimal performance or the inability to function is called as a system failure.
A malware that requires no deployment of a file to exploit a system, asset or a network but relies on existing programs/files within to breach or compromise the target making it hard to detect and eliminate.
A set of rules that limit the access of a asset or system programs that are connected to the network to prevent malicious activities.
A threat actor with ill intentions that may cause harm/breach/ or gains unauthorised access to a network, asset or a system.
Hacktivism is a form of collective hacking of systems, assets and networks driven by set of manifests.
A digital fingerprint of a numeric value derived from a mathematical algorithm against a collection of data.
Synonym(s): cryptographic hash value
Related Term(s): hashing
The process of converting or transforming a key or a string of characters of arbitrary size to another value that is well structured and easy to comprehend.