author photo
By SecureWorld News Team
Fri | Dec 27, 2019 | 8:42 AM PST

If you only remember one thing about acronyms in cybersecurity, remember this: there are too many to remember!

And that's why we've put together this handy guide and glossary of 67 cybersecurity related acronyms as a reference you can bookmark and come back to.

What are the most important cybersecurity acronyms?

This list includes terms we hear security professionals using at SecureWorld regional cybersecurity conferences every year, and some we've heard once or twice over the years. So you'll see many of the most common security acronyms on the list, and some that are more obscure.

You probably know that acronyms are designed to be a memory shortcut—a mnemonic device that can improve your brain's ability to encode and recall the information.

With that in mind, let's see how many of these security acronyms you know or can recall later on.

And don't miss the opportunity to use a few of the terms at your next team meeting to see what your colleagues know, just for fun. 

Now, on to the list of cybersecurity acronyms. Click here for the downloadable PDF glossary.

# Acronym Stands for Definition
1 APT Advanced Persistent Threat A cyber attack that continuously uses advanced techniques to conduct cyber espionage or crime 
2 APWG Anti-Phishing Working Group An international consortium that brings together businesses affected by phishing attacks with security companies, law enforcement, government, trade associations, and others.
3 AV Antivirus A computer program used to prevent, detect, and remove malware. 
4 AVIEN Anti-Virus Information Exchange Network A group of Antivirus and security specialists who share information regarding AV companies, products, malware and other threats. 
5 CAPTCHA Completely Automated Public Turing Test to Tell Computers and Humans Apart A response test used in computing, especially on websites, to confirm that a user is human instead of a bot. 
6 CARO Computer Antivirus Research Organization An organization established in 1990 to study malware. 
7 CAVP Cryptographic Algorithm Validation Program This program provides validation testing of FIPS-approved and NIST-recommended cryptographic algorithms and individual components. Cryptographic algorithm validation is necessary precursor to cryptographic module validation.
8 CBC Cipher Block Chaining Operation for a block cipher using an initialization vector and a chaining mechanism. This will cause the decryption of a block of cipher text to depend on preceding cipher text blocks.
9 CBC-MAC  Cipher Block Chaining Message Authentication Code This constructs a message authentication code from a block cipher. The message is encrypted with some block cipher algorithm in CBC mode. This creates a chain of blocks with each block depending on the correct encryption of the previous block. 
10 CERIAS Center for Education and Research in Information Assurance and Security A part of Purdue University dedicated to research and education in information security.
11 CERT Computer Emergency Response Team In this case, an expert group that handles computer security incidents and alerts organizations about them.
12 CHAP Challenge-Handshake Authentication Protocol A protocol for authentication that provides protection against replay attacks through the use of a changing identifier and a variable challenge-value.
13 CIRT  Computer Incident Response Team A group that handles events involving computer security and data breaches. 
14 CIS Center for Internet Security A 501 nonprofit organization with a mission to "Identify, develop, validate, promote, and sustain best practice solutions for cyber defense and build and lead communities to enable an environment of trust in cyberspace."
15 CISA  Certified Information Systems Auditor Professionals who monitor, audit, control, and assess information systems.
16 CISM Certified Information Systems Security Manager A certification offered by ISACA which "Demonstrates your understanding of the relationship between an information security program and broader business goals and objectives." 
17 CISO Chief Information Security Officer The CISO is the executive responsible for an organization's information and data security. Increasingly, this person aligns security goals with business enablement or digital transformation. CISOs are also increasingly in a "coaching role" helping the business manage cyber risk. This is according to Ponemon Institute research.
18 CISSP  Certified Information Systems Security Professional The CISSP is a security certification for security analysts, offered by ISC(2). It was designed to indicate a person has learned certain standardized knowledge in cybersecurity.
19 CNAP Cybersecurity National Action Plan A U.S. plan to enhance cybersecurity awareness and protections, protect privacy, maintain public safety, and economic and national security.
20 CNCI Comprehensive National Cybersecurity Initiative A U.S. government initiative designed to establish a front line of defense against network intrusion, defend the U.S. against the threats through counterintelligence, and strengthen the cybersecurity environment. 
21 CND Computer Network Defense CND is defined by the U.S. military as defined by the US Department of Defense (DoD) as, "Actions taken through the use of computer networks to protect, monitor, analyze, detect, and respond to unauthorized activity within Department of Defense information systems and computer networks." This style of defense applies to the private sector as well.
22 COBIT Control Objectives for Information and Related Technologies An IT management including practices, tools and models for risk management and compliance.
23 CSEC Cyber Security Education Consortium  The CSEC, also known as the CEC, partners with educators and the broader cybersecurity community to ensure students are prepared to lead and be changemakers in the cybersecurity workforce.  
24 CSA Cloud Security Alliance The Cloud Security Alliance is the world's leading organization for defining best practices in cloud cybersecurity. It also provides a cloud security provider certification program, among other things.
25 CSO  Chief Security Officer In some cases, the Chief Security Officer is in charge of an organization's entire security posture or strategy. This includes both physical security and cybersecurity. In other cases, this title belongs to the senior most role in charge of cybersecurity.
26 CSSIA Center for Systems Security and Information Assurance The CSSIA is a U.S. leader in training cybersecurity educators. It provides these teachers and professors with real-world learning experiences in information assurance and network security.
27 CVE Common Vulnerabilities and Exposures CVE® is a list of entries—each containing an identification number, a description, and at least one public reference—for publicly known cybersecurity vulnerabilities. CVE Entries are used in numerous cybersecurity products and services from around the world, including the U.S. National Vulnerability Database (NVD).
28 CVSS  Common Vulnerability Scoring System An industry standard for rating the severity of security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat. 
29 DDoS Distributed Denial of Service A distributed denial-of-service (DDoS) attack attempts to disrupt normal traffic of a targeted server, service or network to make a service such as a website unusable by “flooding” it with malicious traffic or data from multiple sources (often botnets).
30 DLP Data Loss Prevention An information security strategy to protect corporate data. DLP is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users, either inside or outside of an organization.
31 DNS attack Domain Name Server DNS uses the name of a website to redirect traffic to its owned IP address. should take you to Amazon's website, for example. During this type of attack, which is complex and appears in several ways, cybercriminals can redirect you to another site for their own purposes. This attack takes advantage of the communication back and forth between clients and servers.
32 EDR Endpoint Detection & Response  Endpoint Detection & Response solutions are designed to detect and respond to endpoint anomalies. EDR solutions are not designed to replace IDPS solutions or firewalls but extend their functionality by providing in-depth endpoint visibility and analysis. EDR uses different datasets, which facilitates advanced correlations and detection.
33 FISMA Federal Information Security Management Act FISMA is United States legislation which requires each federal agency to develop, document, and implement an agency-wide program to provide information security for its information systems and data. The act recognized the importance of information security to the economic and national security interests of the United States. 
34 FISMA  Federal Information Security Modernization Act (2014) Laws that assigns responsibilities within the U.S. federal government for setting and complying with policies to secure agencies' information systems. For example, Department of Homeland Security administers cybersecurity policies and the Office of Management and Budget provides oversight.
35 FISSEA Federal Information Systems Security Educators' Association An organization run by and for information systems security professionals to assist federal agencies in meeting their information systems security awareness, training, and education responsibilities. 
36 GRC Governance, Risk Management, and Compliance Three parts of a strategy for managing an organization's overall governance, enterprise risk management and compliance with regulations. Cybersecurity people, practices and tools play a key part in GRC for many organizations.
37 HTTPS  Secure Hypertext Transfer Protocol An extension of the Hypertext Transfer Protocol. It is used for secure communication over a computer network by encrypting the information you send from your computer to another website, for example. It is a means of ensuring privacy, security and also a way of authenticating that the site you’re on is the one you intended to visit. 
38 IA Information Assurance Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation.
39 IAM Identity and access management IAM is a framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources. This helps organizations maintain “least privileged” or "zero trust" account access, where employees only have access to the minimum amount of data needed for their roles.
40 IBE Identity-Based Encryption A type of public-key encryption in which the public key of a user is some unique information about the identity of the user, like a user's email address, for example. 
41 IDS/IDP Intrusion Detection/Intrusion Detection and Prevention Intrusion Detection Systems (IDS) analyze network traffic for signatures that match known cyberattacks. Intrusion Prevention Systems (IPS) analyze packets as well, but can also stop the packet from being delivered based on what kind of attacks it detects, helping to stop the attack.
42 ISACA Information Systems Audit and Control Association ISACA provides certifications for IT security, audit and risk management professionals. ISACA also maintains the COBIT framework for IT management and governance. ISACA was incorporated in 1969 by a small group of individuals who recognized a need for a centralized source of information and guidance in the growing field of auditing controls for computer systems. Today, ISACA serves professionals in 180 countries.
43 ISAKMP  Internet Security Association and Key Management Protocol A protocol for establishing Security Associations  and cryptographic keys in an Internet environment. ISAKMP only provides a framework for authentication and key exchange and is designed to be key exchange independent. 
44 ISAP Information Security Automation Program The ISAP is a U.S. government agency initiative to enable automation and standardization of technical security operations. Its standards based design may benefit those in the private sector as well.
45 (ISC)² International Information Systems Security Certification Consortium A non-profit organization which specializes in training and certification for cybersecurity professionals. Certifications include the CISSP.
46 ISO International Organization for Standardization An organization that develops international standards of many types, including two major information security management standards, ISO 27001 and ISO 27002.
47 ISSA Information Systems Security Association ISSA is a not-for-profit, international organization of information security professionals and practitioners.
48 ISSO  Information Systems Security Officer Individual with assigned responsibility for maintaining the appropriate operational security posture for an information system or program.
49 ISSPM Information Systems Security Program Manager The ISSPM, sometimes called an IT Security Manager, coordinates and executes security policies and controls, as well as assesses vulnerabilities within a company. They are often responsible for data and network security processing, security systems management, and security violation investigation. 
50 JSM  Java Security Manager To use Java security to protect a Java application from performing potentially unsafe actions, you can enable a security manager for the JVM in which the application runs. The security manager enforces a security policy, which is a set of permissions (system access privileges) that are assigned to code sources.
51 MS-ISAC Multi-State Information Sharing and Analysis Center The mission of the MS-ISAC is to improve the overall cybersecurity posture of the nation's state, local, tribal and territorial governments through focused cyber threat prevention, protection, response, and recovery.
52 MSSP Managed Security Services Provider Provides outsourced monitoring and management of security devices and systems. Common services include managed firewall, intrusion detection, virtual private network, vulnerability scanning and anti-viral services. 
53 NCS National Cryptologic School A school within the National Security Agency. The NCS provides the NSA workforce and its Intelligence Community and Department of Defense partners highly-specialized cryptologic training, as well as courses in leadership, professional development, and over 40 foreign languages. 
54 NCSA National Cyber Security Alliance A non-profit working with the Department of Homeland Security, private sector sponsors, and nonprofit collaborators to promote cyber security awareness for home users, small and medium size businesses, and primary and secondary education.
55 NCSAM National Cyber Security Awareness Month NCSAM is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. It occurs each year in October. The security awareness month started with a joint effort by the National Cyber Security Division within the Department of Homeland Security and the nonprofit National Cyber Security Alliance.
56 NCSD National Cyber Security Division A division of the Office of Cyber Security & Communications with the mission of collaborating with the private sector, government, military, and intelligence stakeholders to conduct risk assessments and mitigate vulnerabilities and threats to information technology assets and activities affecting the operation of the civilian government and private sector critical cyber infrastructures. 
57 NICCS National Initiative for Cybersecurity Careers and Studies An online resource for cybersecurity training that connects government employees, students, educators, and industry with cybersecurity training providers throughout the United States.
58 NICE National Initiative for Cybersecurity Education The mission of NICE is to energize and promote a robust network and an ecosystem of cybersecurity education, training, and workforce development.
59 NISPOM National Industrial Security Program Operating Manual The National Industrial Security Program Operating Manual establishes the standard procedures and requirements for all government contractors, with regards to classified information. It covers the entire field of government-industrial security related matters.
60 NIST National Institute of Standards and Technology In cybersecurity circles, NIST is extremely well known for the NIST Cybersecurity Framework, as well the NIST Risk Management Framework (RMF), NIST 800-53 control guidance, NIST Digital Identity Guidelinesand others. The overall NIST mission is to "promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life." NIST is part of the U.S. Department of Commerce. 
61 OPSEC Operational Security OPSEC is a term derived from the U.S. military and is an analytical process used to deny an adversary information that could compromise the secrecy and/or the operational security of a mission.Performing OPSEC related techniques can play a significant role in both offensive and defensive cybersecurity strategies.
62 OSINT Open Source Intelligence OSINT is information drawn from publicly available data that is collected, exploited, and reported to address a specific intelligence requirement. In the intelligence community, the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources).
63 PCI-DSS  Payment Card Industry Data Security Standard The Payment Card Industry Data Security Standard (PCI-DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment.
64 SANS System Administration, Networking, and Security Institute A private company that specializes in information security training and security certification.
65 SIEM Security Information and Event Management Security Information and Event Management (SIEM) technology supports threat detection and security incident response through the real-time collection and historical analysis of security events from a wide variety of event and contextual sources. 
66 SOC Security Operations Center A central location or team within an organization that is responsible for monitoring, assessing and defending security issues.
67 SSO Single Sign-On A system which enables users to securely authenticate themselves with multiple applications and websites by logging in with a single set of credentials.
68 TTP Tactics, Techniques, and Procedures The behavior of an actor. A tactic is the highest-level description of this behavior, while techniques give a more detailed description of behavior in the context of a tactic, and procedures an even lower-level, highly detailed description in the context of a technique.
69 UBA / UEBA User Behavior Analytics UBA tracks a system's users, looking for unusual patterns of behavior. In cybersecurity, the process helps detect insider threats, and other targeted attacks including financial fraud. User behavior analytics solutions look at patterns of human behavior, and then apply algorithms and statistical analysis to detect meaningful anomalies from those patterns. This guides efforts to correct unintentional behavior that puts business at risk and risky and intentional deceit.
70 VPN Virtual Private Network  By connecting through a VPN, all the data you send and receive travels through an encrypted "tunnel" so that no one can see what you are transmitting or decipher it if they do get a hold of it. VPNs also allow you to hide your physical location and IP address, often displaying the IP address of the VPN service, instead.

As we said at the start of this article, there are too many cybersecurity acronyms to remember. And many that were not mentioned here.

So as we create our next acronym list, please let us know which terms you'd like to see included.