Glossary
- Page ID
- 85438
\( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \) \( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)\(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\) \(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\)\(\newcommand{\AA}{\unicode[.8,0]{x212B}}\)
| Words (or words that have the same definition) | The definition is case sensitive | (Optional) Image to display with the definition [Not displayed in Glossary, only in pop-up on pages] | (Optional) Caption for Image | (Optional) External or Internal Link | (Optional) Source for Definition |
|---|---|---|---|---|---|
| (Eg. "Genetic, Hereditary, DNA ...") | (Eg. "Relating to genes or heredity") |  |
The infamous double helix | https://bio.libretexts.org/ | CC-BY-SA; Delmar Larsen |
|
Word(s) |
Definition |
Image | Caption | Link | Source |
|---|---|---|---|---|---|
| Availability | Timely, reliable access to data, information, and systems by authorized users. | ||||
| Confidentiality | Assurance that information is not disclosed to unauthorized individuals, processes, or devices. | ||||
| Cybersecurity | An approach or series of steps to prevent or manage the risk of damage to, unauthorized use of, exploitation of, and—if needed—to restore electronic information and communications systems, and the information they contain, in order to strengthen the confidentiality, integrity, and availability of these systems. | ||||
| Information Security | The approach to protect and manage the risk to information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. | ||||
| Integrity | A property whereby data has not been altered in an unauthorized manner since it was created, transmitted or stored. | ||||
| Internet of Things (IoT) | The interconnection of electronic devices embedded in everyday or specialized objects, enabling them to sense, collect, process, and transmit data. IoT devices include wearable fitness trackers, “smart” appliances, home automation devices, wireless health devices, and cars—among many others. | ||||
| NIST Cybersecurity Framework | A widely used, risk-based approach to managing cybersecurity composed of three parts: the Framework Core, the Framework Profile, and the Framework Implementation Tiers. The Cybersecurity Framework includes references to standards, guidelines, and best practices. The Framework is voluntary for private sector use; federal agencies must use this risk management approach. | ||||
| Risk | The extent to which an entity is threatened by a potential circumstance or event. Risk typically is a function of: (i) the adverse impacts that would arise if the circumstance or event occurs; and (ii) the likelihood of occurrence. Information system-related security risks arise from the loss of confidentiality, integrity, or availability of information or information systems. These risks reflect the potential adverse impacts to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation. | ||||
| Risk Management | The program and supporting processes to manage information security risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation. Risk management includes: (i) establishing the context for risk-related activities; (ii) assessing risk; (iii) responding to risk once determined; and (iv) monitoring risk over time. | ||||
| Threat | Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. | ||||
| Vulnerability | A weakness in a system, application, or network that is subject to exploitation or misuse. | ||||
| CIA | Confidentiality, Integrity and Availability (of Information) | ||||
| Adversary Effects | the potential effects of implementing the enhanced security requirements on risk, specifically by reducing the likelihood of threat events, the ability of threat events to cause harm, and the extent of that harm. | ||||
| Best Practices | The set of guidelines, recommendations and industry-standard practices employed to protect information and systems. | ||||
| CISA | Cybersecurity and Infrastructure Security Agency (an agency of DHS) | ||||
| CUI | Controlled Unclassified Information | ||||
| PHI | Protected Health Information. Sometimes called Electronic Protected Health Information (ePHI) | ||||
| FDA | Food and Drug Administration | ||||
| FIPS | Federal Information Processing Standard | ||||
| GAO | Government Accounting Office | ||||
| NIST | National Institute of Standards and Technology | ||||
| HIPAA | Health Insurance Portability and Accountability Act | ||||
| HITECH | Health Information Technology for Economic and Clinical Health | ||||
| Likelihood | The probability of an event occurring | ||||
| MSSP | Managed Security Service Providers | ||||
| Impact | The degree of disruption, degradation or damage due to an adverse event | ||||
| OT | Operation Technology | ||||
| IT | Information Technology | ||||
| Risk Assessment | An analysis and evaluation of the level of risk a threat poses to a system | ||||
| Risk Management | The ability to identify and mitigate risk(s) | ||||
| SBOM | Software Bill of Materials (used for IoT devices) |