Cybersecurity Glossary

Jump to: A · B · C · D · E · F · G · H · I · M · N · O · P · R · S · T · V · X · Z

A

ABDM (Ayushman Bharat Digital Mission)

Government of India digital health initiative establishing standards for health identifiers (ABHA), Health Information Exchanges and Consent Managers, Personal Health Records and a Healthcare Professionals Registry.

AES (Advanced Encryption Standard)

Symmetric encryption algorithm standardised by NIST in 2001. Most widely deployed encryption algorithm for data-at-rest and data-in-transit. AES-256 is the typical enterprise default.

API Security

Discipline of protecting application programming interfaces against authentication abuse, authorisation flaws (BOLA, BFLA), injection, rate-abuse and business-logic attacks. OWASP API Security Top 10 is the reference checklist.

ASM (Attack Surface Management)

Continuous discovery and assessment of internet-exposed assets — domains, subdomains, IPs, services, code repositories, leaked credentials. Often called External Attack Surface Management (EASM).

B

BAS (Breach & Attack Simulation)

Tooling that automatically tests security controls by simulating known attacker techniques mapped to MITRE ATT&CK — measuring control efficacy continuously.

BCP (Business Continuity Plan)

Documented strategy for maintaining business operations during disruptions, including cyber incidents. Distinct from but related to disaster recovery.

C

CASB (Cloud Access Security Broker)

Security control sitting between users and SaaS applications providing visibility, DLP, threat protection and access control across sanctioned and shadow SaaS.

CCMP (Cyber Crisis Management Plan)

RBI-mandated plan for banks documenting roles, communication, technical response and recovery procedures during cyber crises. Required to be tested periodically.

CCSK

Certificate of Cloud Security Knowledge — Cloud Security Alliance certification commonly held by cloud-security architects.

CERT-In

Indian Computer Emergency Response Team — national agency under MeitY responsible for incident response coordination, threat intelligence and the 2022 Direction on incident reporting and log retention.

CIEM (Cloud Infrastructure Entitlement Management)

Discipline of discovering and right-sizing identity entitlements in cloud environments. A subset of cloud security focused on identity and permission risk.

CIS Controls

Centre for Internet Security Critical Security Controls — prioritised list of defensive actions widely used as a baseline benchmark.

CISO (Chief Information Security Officer)

Senior leadership role accountable for the enterprise security programme. Required by name in several Indian regulatory frameworks (RBI, SEBI).

CSCRF

SEBI Cyber Security & Cyber Resilience Framework — applicable to SEBI-regulated entities including stock exchanges, depositories, AMCs, RTAs, brokers, RAs.

CSF (RBI Cyber Security Framework)

Reserve Bank of India's 2016 master direction on cybersecurity for banks, with Annex 1-3 covering baseline controls, cyber-resilience and operations.

CSPM (Cloud Security Posture Management)

Continuous assessment of cloud configurations against security baselines (CIS, NIST, CSA CCM) and detection of misconfigurations across AWS, Azure and GCP.

CWPP (Cloud Workload Protection Platform)

Runtime protection for cloud workloads — VMs, containers, serverless — including vulnerability scanning, behaviour monitoring and segmentation.

D

DDoS (Distributed Denial of Service)

Attack pattern using many sources to overwhelm a target service. Mitigation typically combines network-layer (Cloudflare, Akamai, AWS Shield) and application-layer protections.

DLP (Data Loss Prevention)

Technology and process to prevent unauthorised data exfiltration via endpoint, email, web, network or cloud channels. Modern DLP integrates with classification and Insider Risk Management tools.

DPB (Data Protection Board)

Statutory body under the DPDP Act 2023 with adjudication powers over data-protection breaches and complaints.

DPDP Act 2023

India's Digital Personal Data Protection Act 2023, establishing obligations on Data Fiduciaries processing personal data of Indian Data Principals.

DPO (Data Protection Officer)

Senior role required by the DPDP Act for Significant Data Fiduciaries, based in India and accountable to the board.

E

EASM

External Attack Surface Management — see ASM. Vendor examples include Palo Alto Cortex Xpanse, CrowdStrike Falcon Surface, Microsoft Defender EASM.

EDR (Endpoint Detection and Response)

Endpoint security category that records detailed telemetry, detects suspicious behaviour and enables response actions. Examples: CrowdStrike Falcon, Microsoft Defender for Endpoint, Palo Alto Cortex XDR, FortiEDR.

Entra ID

Microsoft's cloud identity and access management platform (formerly Azure Active Directory). Includes Entra ID, Entra ID P1/P2, Entra Permissions Management, Entra Verified ID.

F

FIDO2 / WebAuthn

Phishing-resistant authentication standard using public-key cryptography and hardware-backed keys (YubiKey, Windows Hello, Touch ID). Eliminates password-based phishing entirely.

G

GRC (Governance, Risk, Compliance)

Enterprise discipline managing policy, risk register, compliance obligations and audit. Tools include MetricStream, ServiceNow GRC, Archer, OneTrust.

H

HIPAA

US Health Insurance Portability and Accountability Act — health-data privacy and security rules. Applies to Indian entities serving US healthcare clients.

I

IAM (Identity and Access Management)

Discipline covering authentication, authorisation, identity lifecycle, privileged access and identity governance.

ICS / SCADA

Industrial Control Systems and Supervisory Control and Data Acquisition — operational technology systems controlling physical processes in plants, utilities, transport.

IEC 62443

International standard for industrial automation and control system security. Reference framework for OT security architecture.

Incident Response (IR)

Discipline of preparing for, detecting, containing, eradicating and recovering from cyber incidents. Often documented in IR playbooks per scenario.

IRDAI Cyber Security Guidelines

Insurance Regulatory and Development Authority of India directions on cybersecurity for insurers and reinsurers.

ISO 27001

International standard for Information Security Management Systems (ISMS). Common audit requirement for IT services firms and enterprises.

ITDR (Identity Threat Detection & Response)

Detection and response category focused on identity attacks — credential theft, lateral movement, privilege escalation in AD and cloud directories.

M

MDR (Managed Detection & Response)

Service offering combining 24×7 SOC monitoring, threat hunting, alert triage and response coordination — often built on EDR/XDR platforms.

MFA (Multi-Factor Authentication)

Authentication using two or more factors. Modern best practice favours phishing-resistant MFA (FIDO2) over SMS/OTP which is vulnerable to interception.

MITRE ATT&CK

Knowledge base of adversary tactics and techniques used as a common language for detection engineering, threat hunting and red-team work.

MXDR (Managed XDR)

Managed service combining MDR with XDR platform — typically branded by EDR vendors (Defender XDR, Cortex XSIAM) or delivered by partners on top of vendor platforms.

N

NDR (Network Detection & Response)

Network-traffic analysis category detecting anomalies and threats from packet/flow telemetry. Vendors include Vectra, ExtraHop, Darktrace, Cisco Secure Network Analytics.

NGFW (Next-Generation Firewall)

Firewall category integrating application awareness, IPS, URL filtering, malware defence and decryption. Examples: Palo Alto Strata, Fortinet FortiGate, Cisco Secure Firewall, Check Point Quantum.

NIST CSF

NIST Cybersecurity Framework — Identify, Protect, Detect, Respond, Recover. Reference framework adopted by SEBI CSCRF and many Indian enterprises.

NPCI

National Payments Corporation of India — operates UPI, IMPS, RuPay and other payment systems with member-bank security mandates.

O

OT (Operational Technology)

Hardware and software that monitors and controls physical processes — distinct from IT. Plant networks, ICS, SCADA, building management systems.

OWASP

Open Worldwide Application Security Project — best-known for OWASP Top 10 (web apps) and OWASP API Security Top 10.

P

PAM (Privileged Access Management)

Discipline of securing privileged accounts via vaulting, session brokering, just-in-time elevation and continuous monitoring. Vendors include CyberArk, Delinea, BeyondTrust.

PCI DSS

Payment Card Industry Data Security Standard — applicable to entities processing, storing or transmitting card data. Current version is v4.0.

Phishing-Resistant MFA

Authentication that cannot be intercepted by a real-time phishing site — typically FIDO2/WebAuthn or certificate-based authentication.

Purdue Model

Hierarchical reference model for industrial control system networks (Levels 0-5). Foundation for OT segmentation strategies.

R

Ransomware

Malware that encrypts data and demands payment for decryption. Modern variants also exfiltrate data and threaten public release (double extortion).

RBI CSF

See CSF (RBI Cyber Security Framework).

S

SASE (Secure Access Service Edge)

Architecture combining SD-WAN with security services (SWG, ZTNA, CASB, FWaaS) delivered from the cloud. Vendors include Palo Alto Prisma Access, Fortinet FortiSASE, Cisco Secure Access, Zscaler.

SBOM (Software Bill of Materials)

Inventory of components in a software artefact. Increasingly required for software supply-chain security.

SEBI CSCRF

See CSCRF.

SIEM (Security Information & Event Management)

Platform aggregating logs and security telemetry, applying correlation rules and supporting analyst investigations. Examples: Microsoft Sentinel, Splunk, IBM QRadar, FortiSIEM, CrowdStrike Falcon Next-Gen SIEM.

SOAR (Security Orchestration, Automation & Response)

Tooling for automating SOC workflows — case management, enrichment, response actions, playbook execution. Often integrated with SIEM.

SOC (Security Operations Centre)

Function (in-house or managed) responsible for monitoring, detection, triage and response. Modern SOCs are typically 24×7 with India-resident operations for Indian regulated entities.

SOC 2

AICPA audit framework with five Trust Service Criteria — Security, Availability, Processing Integrity, Confidentiality, Privacy. Common requirement for IT services firms and SaaS companies serving US/EU clients.

SSE (Security Service Edge)

The security half of SASE — SWG, CASB, ZTNA delivered as cloud services. Used when SD-WAN is not in scope.

SWIFT CSP

SWIFT Customer Security Programme — security control framework for SWIFT-connected institutions. Annual self-attestation against the Customer Security Controls Framework (CSCF).

T

TPRM (Third-Party Risk Management)

Discipline of assessing and managing risk from suppliers, vendors and partners. Increasingly automated through TPRM platforms and security questionnaires.

V

VAPT (Vulnerability Assessment & Penetration Testing)

Combined offering of automated vulnerability scanning and manual penetration testing. Common Indian regulatory expectation.

X

XDR (Extended Detection & Response)

Successor to EDR — correlation across endpoint, network, identity, email and cloud telemetry. Examples: Palo Alto Cortex XDR, CrowdStrike Falcon Insight XDR, Microsoft Defender XDR.

Z

Zero Trust

Security model assuming no implicit trust based on network location — every access request is verified by identity, device posture and context. Typically rolled out in phases targeting identity, network, applications and data.

ZTNA (Zero Trust Network Access)

Architecture replacing VPN with per-application brokered access, validated by user, device and context. A core component of SASE/SSE.