An Updated List of Common Cybersecurity terms defined
Updated December 2025
There is no doubt that cybersecurity is becoming one of the top priorities across governments, organizations, and individuals. However, not everyone is familiar with the technical cybersecurity terms and definitions. Throughout this article, we will define some of the key terms and cybersecurity jargon commonly used in the industry.
Blue teaming: A cybersecurity testing protocol where an internal team of experts helps identify vulnerabilities through defensive security measures. This could include security audits, best practices education for employees, and real-time threat mitigation through continuous risk assessments and monitoring of response capabilities.
Chief Information Security Officer (CISO): CISOs monitor and manage their organization’s cybersecurity policies, practices, and governance. They oversee the development and deployment of cyber strategy and act as the main point of contact for cybersecurity related issues.
Cybersecurity Health Check: This is an evaluation of an organization’s security posture. This may include risk assessments, policy and procedure reviews, vulnerability assessments, and penetration tests.
Governance, risk, and compliance (GRC): A series of procedures that help organizations identify and address cybersecurity risks before they become major issues. The processing guidelines help ensure an effective strategic framework that organizations can use to align their cybersecurity efforts with business objectives, ensure adherence to industry regulations, and manage risks. The integrated policies, practices, and principles help to safeguard digital assets while remaining compliant with legal and regulatory requirements.
Industrial Control Systems (ICS): This is a general term that describes multiple types of computer-based systems used to monitor and control industrial processes.1 For example, ICS includes supervisory control and data acquisition (SCADA) systems used in power plants, manufacturing facilities, and oil refineries. These have multiple components like electrical, mechanical, hydraulic, and/or others that work together to achieve an industrial objective.
Incident Response: A capability all IT programs need to have in place, an incident response is systematic, ensuring the appropriate actions are taken. Incident response helps personnel to minimize loss or theft of information and disruption of services caused by cybersecurity incidents. 2
Incident Response Plan (IRP): An Incident Response Plan (IRP), sometimes called a Cybersecurity Incident Response Plan or CIRP, is a written document, formally approved by the senior leadership team, that guides an organization throughout a confirmed or suspected security incident. An IRP includes a list of key cybersecurity personnel who may be needed, as well as roles and responsibilities outlining a clear procedure to respond to a cybersecurity incident.3
Interoperability: This refers to the ability of one entity to communicate with and exchange data with different systems and applications.4 It is critical for effective cybersecurity, as it allows different security technologies to work together seamlessly. For example, a security information and event management (SIEM) system can communicate with firewalls and intrusion detection systems to detect and respond to cyber threats.
Managed Detection and Response (MDR): A managed cybersecurity service providing clients with intrusion detection of any malicious activity within their network and preventing them from causing any harm. This service is most effective when it includes containment, investigation, response, and threat hunting. Sometimes this is combined with an XDR service (see below).
National Security Memorandum (NSM): This is issued by the US president to establish national security policy and objectives. NSMs often address cybersecurity issues, such as protecting critical infrastructure from cyberattacks.
National Institute of Standards and Technology (NIST): A division of the US department of commerce that helps to advance measurement of science, standards, and technology with an emphasis on US manufacturing resources and national security protections.
NIST cybersecurity framework: Used to help organizations to better understand and improve their management of cybersecurity risk through the protection of controlled unclassified information in a nonfederal system. The NIST framework is integral to form the basis for prioritizing cybersecurity outcomes tailored to the manufacturing sector, enabling manufacturers to align their cybersecurity efforts with business prioritization, risk mitigation, and available resources.
Operational Technology (OT): Programmable hardware/software that is used to control and monitor physical devices.5 Most commonly seen in the manufacturing and industrial sectors, an example includes industrial control systems such as sensors, valves, and building management systems used in manufacturing plants, power grids, and transportation systems. OT systems are often isolated from traditional IT systems to protect against cybersecurity threats, but digital transformation has changed this as OT and IT are now increasingly integrated.
Penetration testing: Also referred to as a pen test, this is a methodology that experts use to launch a mock cyberattack. This can be carried out through an automated or manual technique such as physical security, phishing, or social engineering attack; to find vulnerabilities in the system. This provides a comprehensive and thorough analysis of vulnerabilities in existing infrastructure so they can be remediated internally.
Phishing: A common tactic used by cybercriminals, perpetrators typically impersonate a legitimate business or reputable person in an attempt obtain access to sensitive data, such as bank account numbers, or access to a larger computerized system through a fraudulent solicitation in email or on a website. While widely known, these tactics are becoming increasingly more sophisticated.
Purple teaming: Enhances an existing system infrastructure in a similar way to pen testing, through a simulation of a realistic threat a scenario. This cyber security testing system combines the holistic offensive and defensive strategies of red and blue teaming, then integrates cyber threat intelligence findings and remediations with other effective measures.
Ransomware: A type of malware that attempts to deny access to a user’s data, usually by encrypting the data with a key known only to the hacker who deployed the malware, until a ransom is paid.
Red teaming: A cybersecurity testing measure that comprises a range of processes used by offensive security experts, such as ethical hackers, penetration testers, and security researchers, who simulate real-world cyberattacks in an internal capacity to identify vulnerabilities, test incident response, and provide insights before breaches can be exploited.
Tabletop exercises (TTX): Similar to blue, purple, and red testing, these exercises engage systems in realistic cyberattack simulations. TTX testing measures are designed to assess and improve an organization’s preparedness for handling various scenarios, such as cybersecurity incidents, emergencies, or operational disruptions.
Extended Detection and Response (XDR): XDR provides detection and response at the endpoint, network, cloud, and even through employee actions. It pulls together detection and response capabilities in a single platform. This is often provided in conjunction with an MDR service (see above).
We will continue to update this cybersecurity glossary with the latest trends and developments in cybersecurity terms and definitions.
Endnotes
- NIST, CSRC Content. 2011. “Industrial Control System (ICS) - Glossary | CSRC.” Csrc.nist.gov. CSRC NIST. March 2011. https://csrc.nist.gov/glossary/term/industrial_control_system. ↩
- Cichonski, Paul, Tom Millar, Tim Grance, and Karen Scarfone. 2012. “Computer Security Incident Handling Guide: Recommendations of the National Institute of Standards and Technology.” Computer Security Incident Handling Guide 2 (2): 1–10. https://doi.org/10.6028/nist.sp.800-61r2. ↩
- Cybersecurity & Infrastructure Security Agency. 2018. “Incident Response Plan (IRP) Basics.” 2018. https://www.cisa.gov/sites/default/files/publications/Incident-Response-Plan-Basics_508c.pdf. ↩
- National Institute of Standards and Technology Special Publication 800-175B Revision 1 Natl. Inst. Stand. Technol. Spec. Publ. 800-175B Rev. 1, 91 pages (March 2020) CODEN: NSPUE2. ↩
- NIST, Computer Security Resource Center. 2018. “Operational Technology - Glossary | CSRC.” Csrc.nist.gov. CSRC NIST. December 2018. https://csrc.nist.gov/glossary/term/operational_technology. ↩
