2022 Ultimate Security Guide for Small Businesses. Read Now

HomeCommon Cyber Security Acronyms

Common Cyber Security Acronyms

Cybersecurity is renowned for having many acronyms, some with multiple meanings. Here we look at many of the popular security acronyms. 

You can also check out our other resources <here>.

Common Cyber
Security Acronyms

A&AAssessment and Authorization
ADPAutomated Data Processing
AESAdvanced Encryption Standard
AIMSAutomated Infrastructure Management System
AISAutomated Information Systems
AMIDSAudit Monitoring and Intrusion Detection System
ANSIAmerican National Standards Institute
AOAuthorizing Official
AODRAuthorizing Official Designated Representative
APTAdvanced Persistent Threat
ASIMSAutomated Security Incident Measuring System
ASSISTAutomated System Security Incident Support Team
ATCAuthorization to Connect
ATDAuthorization Termination Date
ATMAsynchronous Transfer Mode
ATOAuthorization to Operate
BIOSBasic Input and Output System
BotnetRobot Network
C&ACertification and Accreditation
C&A WGCertification and Accreditation Working Group
C2Command and Control
C2WCommand and Control Warfare
C4Command, Control, Communications, and Computers
C4ISRCommand, Control, Communications, Computer, Intelligence, Surveilance and Reconnaisssance
CACertification Authority
CAAPCritical Asset Assurance Program
CACCommon Access Card
CAPConnection Approval Program
CAPTCHACompletely Automated Public Turing Test to Tell Computers and Humans Apart
CCCommon Criteria
CCAClinger-Cohen Act
CCBConfiguration Control Board
CCIControl Correlation Identifier
CDCross Domain
CDSCross-Domain Solution
CEHCertified Ethical Hacker
CERTComputer Emergency Response Team
CERT/CCCERT/Coordination Center
CFRCode of Federal Regulations
CIACComputer Incident Advisory Capability
CIAOCritical Infrastructure Assurance office
CIOChief Information Officer
CIPCritical Infrastructure Protection
CIPWGCritical Infrastructure Protection Working Group
CIRTComputer Incident Response Team
CISACertified Information Systems Auditor
CISOChief Information Security Officer
CISSPCertified Information Systems Security Professional
CITACComputer Investigation and Infrastructure Threat Assessment Center
CMDSComputer Misuse Detection System
CMMCCybersecurity Maturity Model Certification
CMSCOMSEC Management System
CNAComputer Network Attack
CNDSPComputer Network Defense Service Provider
CNSSCommittee on National Security Systems
CNSSICommittee on National Security Systems Instruction
CNSSPCommittee on National Security Systems Policy
COECommon Operating Environment
COMSECCommunications Security
CONOPSConcept of Operations
COOChief Operating Officer
COTSCommericial Off-the-Shelf
CSAComputer Security Act
CSIRComputer (and Network) Security Incident Response
CSOChief Security Officer
CSPCloud Service Provider
CSSCentral Security Service
CSSOComputer Systems Security Officers
CUIControlled Unclassified Information
CVSSCommon Vulnerability Scoring System
DARPADefense Advanced Research Projects Agency
DATODenial of Authorization To Operate
DCPDSDefense Civilian Personnel Data System
DDoSDistributed Denial-of-Service
DESDigital Encryption Standard
DevOpsA portmanteau of “Development” and “Operations”
DevSecOpsA portmanteau of “Development”, “Security” and “Operations”
DHSDepartment of Homeland Security
DIADefense Intelligence Agency
DIACCSDefense IA Command and Control System
DIAMONDDefense Intrusion Analysis & Monitoring Desk
DIAPDefense Information Assurance Program
DIDSDistributed Intrusions Detection System
DIIDefense Information Infrastructure
DISADefense Information Systems Agency
DISNDefense Information System Network
DITSWGDefense Information Technology Security Working Group
DLPData Loss Prevention
DMCDefense MegaCenter
DMSDefense Message System
DNSDomain Name Servers
DoDDepartment of Defense
DoDDDepartment of Defense Directive
DODINDepartment of Defense information networks
DRENDefense Research and Engineering Network
DSAWGDefense IA Security Accreditation Working Group
DSSDefense Security Service
EALEvaluation Assurance Level
EDREndpoint Detection and Response
EFOIAElectronic Freedom of Information Act
EOExecutive Order
EOPExecutive Office of the President
ETAEducation, Training and Awareness
ETAPWGEducation, Training, Awareness and Professionalization Working Group
FIPSPUBFederal Information Processing Standard Publication
FIRSTForum of Incident Resonse and Security Teams
FISMAFederal Information Security Management Act
FOIAFreedom of information Act
FTSFederal Telecommunications Service
GDPRGeneral Data Protection Regulation
GMITSGuidelines for the Management of IT Security
GOTSGovernment Off-the-Shelf
GRCGovernance, Risk Management and Compliance
GSAGeneral Services Administration
GSIIGovernment Services Information Infrastructure
HBSSHost Based Security System
HIPAAHealth Information Portability and Accountability Act
HTTPSHypertext Transfer Protocol Secure
I&WIndications and Warning
IAInformation Assurance
IADInformation Assurance Document
IAGinformation Assurance Group
IAMInformation Assurance Manager
IAOInformation Assurance Officer
IAPWGInformation Assurance Policy Working Group
IASEInformation Assurance Support Environment
IATACInformation Assurance Technology Analysis Center
IATCInterim Authority to Connect
IATOIntermin Authority to Operate
IATTIntermin Authority to Test
IAVAInformation Assurance Vulnerability Alert
ICIntelligence Community
IDSIntrusion Detection System
INFOCONsInformation Operations Conditions
INFOSECInformation Systems Security
INFOSYSInformation Systems
IOInformation Operations
IoTInternet of Things
IPInternet Protocol
IP addressInternet Protocol
IPRInternet Protocol Router
IPSIntrusion Prevention System
IPSecInternet Protocol Security
IRMInformation Resource Management
IRSIncident Reporting Structure
IRTIncident Response Team
ISInformation System
ISACAInformation Systems Audit and Control Association
ISOInternational Organization for Standardization
ISRMCInformation Security Risk Management Committee
ISSMInformation System Security Manager
ISSOInformation System Security Officer
ITInformation Technology
ITMRAInformation Technology Management Reform Act
JCCCJoint Communications Control Center
JCIDSJoint Capabilities Integration and Development System
JDIICSJoint DII Control Systems
JIDJoint Intrusion Detection
JIEJoint Information Environment
JIEOJoint Interoperability Engineering Organization
JIWGJoint IA Operations Working Group
JPO STCJoint Program Office for Special Technical Countermeasures
JTF-CNOJoint Task Force – Computer Network Operations
JWICSJoint Worldwide Intelligence Communications System
JWIDJoint Warrior Interoperability Demonstration
KMIKey Management Infrastructure
KSKnowledge Service
LANLocal Area Network
LELaw Enforcement
LE/CILaw Enforcement and Counterintelligence
LEALaw Enforcement Agency
MAMission Area
MCDESMalicious Code Detection and Eradication System
MFAMulti-factor Authentication
MITRE® ATT&CKMITRE Adversarial Tactics, Techniques, and Common Knowledge
MLS WGMultilevel Security Working Group
MOAMemorandum of Agreement
MOUMemorandum of Understanding
MSPManaged Service Provider
NANot Applicable
NCSAMNational Cybersecurity Awareness Month
NGFWNext-generation Firewall
NIACNational Infrastructure Assurance Council
NICCSNational Initiative for Cybersecurity Careers and Studies
NICENational Institute for Cybersecurity Education
NIDNetwork Intrusion Detector
NIINational Information Infrastructure
NIPCNational Infrastructure Protection Center
NIPRNetNon-Classified Internet Protocol Router Network
NISTNational Institute of Standards and Technology
NITBNational INFOSEC Technical baseline
NOCNetwork Operating Centers
NOSCNetwork Operation Security Center
NS/EPNational Security and Emergency Preparedness
NSANational Security Agency
NSA/CSSNational Security Agency/Central Security Service
NSDNational Security Directive
NSIRCNational Security Incident Response Center
NSOCNational Security Operations Center
NSSNational Security System
NSTACNational Security Telecommunication Advisory Committee
NSTISSCNational Security Telecommunications and Information Systems Security Committee
NSTISSINational Security Telecommunications and Information Systems Security Instruction
NSUNon-Standard Usage
OPSECOperations Security
OSI modelOpen Systems Interconnection model
OSINTOpen Source Intelligence
OT&EOperational Test and Evaluation
PaaSPlatform as a Service
PAOPrincipal Authorizing Official
PCI-DSSPayment Card Industry Data Security Standard
PGPPretty Good Privacy
PIAPrivacy Impact Assessment
PIIPersonally Identifiable Information
PINPersonal Identification Number
PITPlatform Information Technology
PKIPublic Key Infrastructure
PMProgram Manager or Project Manager
PM/SMProgram Manager/System Manager
POA&MPlan of Action and Milestones
POMProgram Objective Memorandum
PPPProgram Protection Plan
PPSInternet Protocol Suite and Associated Ports
PPSMPorts, Protocols, and Services Management
PPTPPoint-to-Point Tunneling Protocol
RAMRandom Access Memory
RASPRuntime Application Self-Protection
RBACRole-based Access Control
RCERemote Code Execution
RCERTsRegional Computer Emergency Response Teams
RDT&EResearch, Development, Test and Evaluation
RFRadio Frequency
RMFRisk Management Framework
ROSCRegional Operations and Security Center
RT&EResearch, Test, and Evaluation
SaaSSoftware as a Service
SABISecret and Below Interoperability
SABI WGSecret and Below Interoperability Working Group
SANSSysadmin, Audit, Network and Security
SAPSpecial Access Program
SARSecurity Assessment Report
SATANSystems Administrators’ Tool for Assessing Networks
SCASecurity Control Assessor
SCAPSecurity Content Automation Protocol
SCGSecurity Configuration Guide
SCISensitive Compartment Information
SETSecure Encrypted Transaction
SIEMSecurity Information and Events Management
SIOSpecial Information Operations
SIPRNetSecret Internet Protocol Router Network
SISOSenior Information Security Officer
SITRSecret Internet Protocol Router Network Information Technology Registry
SLAService-Level Agreement
SMSystem Manager
SNAPSystems/Networks Approval Process
SOCSecurity Operations Center
SPSpecial Publication
SPBSecurity Policy Board
SQLiStructured Query Language Injection
SRGSecurity Requirements Guide
SSAASystems Security Authorization Agreement
SSESystem Security Engineering
SSLSecure Socket Layer
SSOSingle sign-on
STIGsSecurity Technical Implementation Guides
SysadminSystem Administrator
T&ETest and Evaluation
TAGTechnical Advisory Group
TCP/IP modelTransmission Control Protocol/Internet Protocol
THREATCONThreat Condition
TPMTrusted Platform Module
TRANSECTransmission Security
TRMCTest Resource Management Center
TSNTrusted Systems and Networks
TTPTactics, Techniques and Procedures
UBAUser Behavior Analytics
VAAPVulnerability and Assessment Program
VASVulnerability Assessment System
VPNVirtual Private Network
WAPWireless Application Protocol
WASWeb Application Security
XSSCross-site Scripting
ZTNAZero Trust Network Access