Cyber Security Acronyms

There is no shortage of unique terms and acronyms within the cybersecurity industry. In many ways, security has a language of its own. This guide lists more than 40 of the most common cybersecurity acronyms, serving as a resource for beginners and a reference guide for those with more experience. Terms are listed in alphabetical order for ease-of-use.

  • Advanced Persistent Threat (APT)
  • Advanced Threat Protection (ATP)
  • Adversarial Tactics, Techniques & Common Knowledge (ATT&CK)
  • Cloud Access Security Broker (CASB)
  • Chief Compliance Officer (CCO)
  • Chief Information Officer (CIO)
  • Chief Information Security Officer (CISO)
  • Chief Risk Officer (CRO)
  • Chief Security Officer (CSO)
  • Chief Technology Officer (CTO)
  • Computer Emergency Response Team (CERT)
  • Computer Incident Response Team (CIRT)
  • Data-Centric Audit and Protection (DCAP)
  • Data Loss Prevention (DLP)
  • Data Protection Officer (DPO)
  • Digital Rights Management (DRM)
  • Distributed Denial of Service (DDOS Attack)
  • Endpoint Detection and Response (EDR)
  • Federal Information Security Management Act (FISMA)
  • Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool
  • File Transfer Protocol (FTP)
  • General Data Protection Regulation (GDPR)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Health Information Technology for Economic and Clinical Health (HITECH)
  • Health Information Trust Alliance (HITRUST)
  • Incident Response Team (IRT)
  • Industrial Control System (ICS)
  • Intrusion Detection System (IDS)
  • Intrusion Prevention System (IPS)
  • Man-in-the-Middle (MITM Attack)
  • Managed Service Provider (MSP)
  • Managed Security Services Provider (MSSP)
  • National Institute of Standards and Technology (NIST)
  • New York Department of Financial Services (NYDFS) Cybersecurity Regulation
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Personally Identifiable Information (PII)
  • Protected Health Information (PHI)
  • Role-Based Access Control (RBAC)
  • Security as a Service (SECaaS)
  • Security Information Management (SIM)
  • Security Information and Event Management (SIEM)
  • Security Operations Center (SOC)
  • Security Operations and Analytics Platform Architecture (SOAPA)
  • Security Orchestration, Automation and Response (SOAR)
  • User and Entity Behavior Analysis (UEBA)
  • User Behavior Analytics (UBA)