Security & Compliance Glossary
Key terms and definitions in cybersecurity, compliance frameworks, and industrial control systems.
253 terms
Access Control
Access Control is a fundamental component of cybersecurity that determines who is allowed to access and interact with resources within a network. In the context of OT/IT cybersecurity, access control...
Access Control List
An Access Control List (ACL) is a set of rules that determines which users or systems are granted or denied access to specific resources within a network. ACLs are crucial for managing permissions and...
Accounts Receivable
Accounts Receivable (AR) refers to the outstanding invoices a company has or the money clients owe the company for goods or services provided on credit. It is recorded as an asset on the company's bal...
Admin Dashboard
An admin dashboard is a centralized interface that provides administrators with a comprehensive overview and control of a system's operations and security posture. In the context of OT/IT cybersecurit...
Advanced Cyber Hygiene
Advanced Cyber Hygiene refers to a comprehensive and proactive approach to maintaining and improving the security posture of an organization by implementing best practices and procedures that go beyon...
Antivirus
An antivirus is a software program designed to detect, prevent, and remove malicious software, known as malware, from computers and networks. In the context of OT/IT cybersecurity, antivirus solutions...
Asset Management
Asset Management refers to the systematic process of developing, operating, maintaining, upgrading, and disposing of assets in a cost-effective manner. In the context of OT/IT cybersecurity, asset man...
Authentication Methods
Authentication methods are techniques used to verify the identity of a user, device, or system before granting access to a network or application. In the context of OT/IT cybersecurity, these methods...
Award Notice
An award notice is an official communication that announces the successful bidder or contractor who has been selected to receive a contract, often in the context of government procurement. This notice...
Azure Government
Azure Government is a specialized cloud platform provided by Microsoft, tailored for U.S. government agencies and their partners to ensure secure, compliant, and reliable cloud computing services. Des...
Backup and Restore
Backup and Restore is the process of copying and archiving data to ensure it can be recovered in the event of data loss, and subsequently retrieving that data to restore normal operations. This critic...
Barcode Scanner
A barcode scanner is a device used to read and interpret barcodes, which are visual representations of data in the form of patterns or symbols. These devices are commonly used in inventory management...
Bid
A bid is a formal proposal submitted by a company or individual to undertake a specific project or deliver a particular service, often in response to a request for proposals (RFP) or invitation to ten...
Biometric Authentication
Biometric Authentication is a security process that verifies a user's identity based on unique biological characteristics, such as fingerprints or facial features. This method is increasingly utilized...
Business Continuity Planning
Business Continuity Planning (BCP) is a proactive process designed to ensure that an organization can continue to operate during and after a disruption or crisis. It involves identifying potential ris...
Buy American Act
The Buy American Act (BAA) is a federal legislation enacted in 1933 that requires the United States government to prefer U.S.-made products in its purchases. The act mandates that goods bought by the...
CAGE Code
CAGE Code stands for Commercial and Government Entity Code, a unique identifier assigned to suppliers, contractors, or entities that work with or seek to work with the United States government. It is...
Capability Statement
A capability statement is a concise document or presentation that outlines a company's qualifications, competencies, and experience, often used to demonstrate its ability to meet the specific needs of...
Certifications
Certifications are formal recognitions issued by authoritative bodies that verify an individual, organization, or product meets specific standards of competence, quality, or the ability to perform par...
Change Management
Change Management is the systematic approach to dealing with the transition or transformation of an organization's goals, processes, or technologies. Within the realm of OT/IT cybersecurity, it specif...
Cloud Backup
Cloud backup refers to the practice of copying data to a remote, cloud-based server to ensure its protection and availability in the event of data loss, corruption, or disaster. This method of backup...
Cloud Security
Cloud Security refers to the set of policies, technologies, and controls deployed to protect data, applications, and infrastructure associated with cloud computing environments. It encompasses a wide...
Cloud Storage
Cloud storage is a model of data storage where digital data is stored in logical pools, and the physical storage spans multiple servers, often in various locations, managed by a third-party service pr...
CMMC
Cybersecurity Maturity Model Certification (CMMC) is a framework designed to enhance the protection of sensitive unclassified information within the Defense Industrial Base (DIB). It mandates cybersec...
CMMC Level 1
CMMC Level 1, or Basic Cyber Hygiene, represents the foundational tier of the Cybersecurity Maturity Model Certification (CMMC), focusing on implementing fundamental cybersecurity practices to protect...
CMMC Level 2
CMMC Level 2 refers to the second level of the Cybersecurity Maturity Model Certification (CMMC), which is designed to ensure that Defense Industrial Base (DIB) contractors implement effective cyberse...
Commerce Control List
Commerce Control List (CCL) refers to a detailed index of items under the jurisdiction of the U.S. Department of Commerce that are subject to export controls. These items often include commodities, so...
Compliance Auditing
Compliance auditing refers to the process of evaluating an organization's adherence to regulatory standards, policies, and guidelines. In the context of cybersecurity, it involves ensuring that system...
Compliance Framework
A compliance framework is a structured set of guidelines and best practices designed to help organizations meet regulatory requirements and manage risks effectively. In the context of OT/IT cybersecur...
Compliance Software
Compliance software is a specialized tool designed to help organizations manage and adhere to regulatory requirements, industry standards, and internal policies. It often integrates with Governance, R...
Configuration Management
Configuration Management (CM) is a process for maintaining consistency of a system's performance, functional, and physical attributes with its requirements, design, and operational information through...
Continuous Improvement
Continuous Improvement is a systematic, ongoing effort to enhance products, services, or processes by making incremental improvements over time. In the context of OT/IT cybersecurity, this involves re...