| Term |
Short Description |
Additional info |
| AIW |
Acceptable Interruption Window |
The maximum period of time that an information system or service can be unavailable before compromising the achievement of the organization's business objectives. |
| BAU |
Business As Usual |
- |
| BCP |
Business Continuity Planning |
- |
| BIA |
Business Impact Analysis |
A process for determining the potential impacts resulting from the interruption of time sensitive or critical business processes. |
| BUAL |
BSD User Account Locked |
- |
| BYOD |
Bring Your Own Device |
Refers to being allowed to use one's personally owned device, rather than being required to use an officially provided device. |
| CbD |
Compliance by Design |
[The Boston Consulting Group] CbD: Banking's Unmissable Opportunity |
| DAE |
Designer, Architect and Engineer |
- |
| DRP |
Disaster Recovery Plan |
- |
| DRM |
Disaster Recovery Management |
- |
| EOM |
End Of Message |
- |
| FYA |
For Your Attention |
Follow-up required (NFAR is unacceptable) |
| FYI |
For Your Information |
Read it, understand it and follow-up or NFAR |
| GRC |
Goverenance, Risk and Compliance |
- |
| KCCO |
 |
TFR |
| IaC |
Infrastructure as Code |
Managing and provisioning of infrastructure through code instead of through manual processes.
With IaC, configuration files are created that contain your infrastructure specifications, which makes it easier to edit and distribute configurations. It also ensures that you provision the same environment every time.
By codifying and documenting your configuration specifications, IaC aids configuration management and helps you to avoid undocumented, ad-hoc configuration changes.
Version control is an important part of IaC, and your configuration files should be under source control just like any other software source code file.
Deploying your infrastructure as code also means that you can divide your infrastructure into modular components that can then be combined in different ways through automation.
|
| IoA |
Indicators of Attack |
Focus on detecting the intent of what an attacker is trying to accomplish, regardless of the malware or exploit used in an attack. |
| IoC |
Indicators of Compromise |
Object or activity that, observed on a network or on a device, indicates a high probability of unauthorized access to the system. |
| LUAL |
Linux User Account Locked |
- |
| MVP |
Minimum Viable Product |
A version of a product with just enough features to be usable by early customers who can then provide feedback for future product development. |
| NFAR |
No Further Action Required |
> /dev/null 2>&1 |
| PoC |
Proof of Concept |
Evidence, typically deriving from an experiment or pilot project, which demonstrates that a design concept, business proposal, etc. is feasible. |
| QA |
Quality Assurance |
A way of preventing mistakes and defects in manufactured products and avoiding problems when delivering products or services to customers. |
| RA |
Risk Assessment |
A process to identify potential hazards and analyze what could happen if a hazard occurs. |
| RAR |
Risk Assessment Report |
- |
| RCOTI |
Root Cause of The Issue |
- |
| RPO |
Recovery Point Objective |
The earliest point time that is acceptable to recover data from. The RPO effectively specifies the amount of data loss that is acceptable to the business. |
| RTE |
Runtime Environment |
The environment in which a program or application is executed. It's the hardware and software infrastructure that supports the running of a particular codebase in real-time. |
| RTO |
Recovery Time Objective |
The amount of time allowed for the recovery of an information system or service after a disaster event has occurred. The RTO effectively specifies the amount of time that is acceptable to the business to be without the system. |
| SbD |
Security by Design |
- |
| SML |
Security Maturity Level |
- |
| TFR |
Try Fail Repeat |
Daily hands-on experience workout |
| TGIF |
Thanks God It's Friday |
Weekend is coming |
| TH |
Threat Hunting |
Identifying IoA + IoC |
| TI |
Threat Intelligence |
- |
| TM |
Threat Modelling |
- |
| UC |
Use Case |
- |
| UUAL |
Unix User Account Locked |
LUAL or BUAL |
| VA |
Vulnerability Assessment |
- |
| VM |
Vulnerability Management |
- |
| WUAL |
Windows User Account Locked |
- |
| WYSIWYG |
What You See Is What You Get |
 |
| WYSIWYM |
What You See Is What You Mean |
A paradigm for editing a structured document. It is an adjunct to the better-known WYSIWYG paradigm, which displays the result of a formatted document as it will appear on screen or in print - without showing the descriptive code underneath. |
| ZT |
Zero Trust |
The term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources. |
| ZTA |
Zero Trust Architecture |
ZTA uses ZT principles to plan industrial and enterprise infrastructure and workflows. |