Skip to main content
Library homepage
Engineering LibreTexts


  • Page ID
  • \( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \) \( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)\(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\) \(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\)\(\newcommand{\AA}{\unicode[.8,0]{x212B}}\)

    Example and Directions
    Words (or words that have the same definition) The definition is case sensitive (Optional) Image to display with the definition [Not displayed in Glossary, only in pop-up on pages] (Optional) Caption for Image (Optional) External or Internal Link (Optional) Source for Definition
    (Eg. "Genetic, Hereditary, DNA ...") (Eg. "Relating to genes or heredity") The infamous double helix CC-BY-SA; Delmar Larsen
    Glossary Entries



    Image Caption Link Source
    Availability Timely, reliable access to data, information, and systems by authorized users.        
    Confidentiality Assurance that information is not disclosed to unauthorized individuals, processes, or devices.        
    Cybersecurity An approach or series of steps to prevent or manage the risk of damage to, unauthorized use of, exploitation of, and—if needed—to restore electronic information and communications systems, and the information they contain, in order to strengthen the confidentiality, integrity, and availability of these systems.        
    Information Security The approach to protect and manage the risk to information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.        
    Integrity A property whereby data has not been altered in an unauthorized manner since it was created, transmitted or stored.        
    Internet of Things (IoT) The interconnection of electronic devices embedded in everyday or specialized objects, enabling them to sense, collect, process, and transmit data. IoT devices include wearable fitness trackers, “smart” appliances, home automation devices, wireless health devices, and cars—among many others.        
    NIST Cybersecurity Framework A widely used, risk-based approach to managing cybersecurity composed of three parts: the Framework Core, the Framework Profile, and the Framework Implementation Tiers. The Cybersecurity Framework includes references to standards, guidelines, and best practices. The Framework is voluntary for private sector use; federal agencies must use this risk management approach.        
    Risk The extent to which an entity is threatened by a potential circumstance or event. Risk typically is a function of: (i) the adverse impacts that would arise if the circumstance or event occurs; and (ii) the likelihood of occurrence. Information system-related security risks arise from the loss of confidentiality, integrity, or availability of information or information systems. These risks reflect the potential adverse impacts to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation.        
    Risk Management The program and supporting processes to manage information security risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation. Risk management includes: (i) establishing the context for risk-related activities; (ii) assessing risk; (iii) responding to risk once determined; and (iv) monitoring risk over time.        
    Threat Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.        
    Vulnerability A weakness in a system, application, or network that is subject to exploitation or misuse.        
    CIA Confidentiality, Integrity and Availability (of Information)        
    Adversary Effects the potential effects of implementing the enhanced security requirements on risk, specifically by reducing the likelihood of threat events, the ability of threat events to cause harm, and the extent of that harm.        
    Best Practices The set of guidelines, recommendations and industry-standard practices employed to protect information and systems.        
    CISA Cybersecurity and Infrastructure Security Agency (an agency of DHS)        
    CUI Controlled Unclassified Information        
    PHI Protected Health Information.  Sometimes called Electronic Protected Health Information (ePHI)        
    FDA Food and Drug Administration        
    FIPS Federal Information Processing Standard        
    GAO Government Accounting Office        
    NIST National Institute of Standards and Technology        
    HIPAA Health Insurance Portability and Accountability Act        
    HITECH Health Information Technology for Economic and Clinical Health        
    Likelihood The probability of an event occurring         
    MSSP Managed Security Service Providers        
    Impact The degree of disruption, degradation or damage due to an adverse event        
    OT Operation Technology        
    IT Information Technology        
    Risk Assessment An analysis and evaluation of the level of risk a threat poses to a system        
    Risk Management The ability to identify and mitigate risk(s)        
    SBOM Software Bill of Materials (used for IoT devices)        
    • Was this article helpful?