Cyber Security Glossary

Find definitions for IT security and compliance in our online glossary of key terms, acronyms, and vocabulary.

AJAX progress indicator
All categories All categories
  • Term
    Definition
  • Definition: The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions. Synonym(s): identity and access management
  • Definition: The process of granting or denying specific requests for or attempts to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities. Related Term(s): access control mechanism
  • Definition: Security measures designed to detect and deny unauthorized access and permit authorized access to an information system or a physical facility.
  • "1) relates to an allocated responsibility. The responsibility can be based on regulation or agreement or through assignment as part of delegation; 2) For systems, a property that ensures that actions of an entity can be traced uniquely to the entity; 3) In a governance context, the obligation(...)
  • "Closeness of computations or estimates to the exact or true values that the statistics were intended to measure."
  • "The ability of a person to change the decision of the model through actionable input variables."
  • Definition: An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources, its data, or its operations. Related Term(s): passive attack
  • Definition: Software that is able to automatically carry out or trigger actions without the explicit intervention of a user.
  • Active data is information residing on the direct access storage media of computer systems, which is readily visible to the operating system and/or application software with which it was created and immediately accessible to users without undeletion, modification or reconstruction (i.e., word(...)
  • Files residing on disk drives of PCs, LAN file servers, laptops, etc. Include backup files created by application software such as Microsoft Word.
  • "A proposed method for modifying machine learning algorithms by allowing them to specify test regions to improve their accuracy. At any point, the algorithm can choose a new point x, observe the output and incorporate the new (x, y) pair into its training base. It has been applied to neural(...)
  • "[a machine learning algorithm that can] decide what actions to take [with regards to its training data, in contrast to a passive learning agent, which is limited to a fixed policy]."
  • Active records are records related to current, ongoing or in process activities and are referred to on a regular basis to respond to day-to-day operational requirements. An active record resides in native application format and is accessible for purposes of business processing with no(...)
  • "Work that an organization performs using business processes; can be singular or compound."
  • "An adaptive dynamic programming (or ADP) agent takes advantage of the constraints among the utilities of states by learning the transition model that connects them and solving the corresponding Markov decision process using dynamic programming."
  • "Updating predictive models online during their operation to react to concept drifts"
  • The term address can be used to mean:  • An Internet address - a unique location on the Internet.  • An e-mail address or  • A web page address (also known as a URL)
  • Definition: An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives by using multiple attack vectors (e.g., cyber, physical, and deception).
  • "actions characterised by mala fide (malicious) intent and/or bad faith."
  • "Machine learning input sample formed by applying a small but intentionally worst-case perturbation ... to a clean example, such that the perturbed input causes a learned model to output an incorrect answer."
  • "A practice concerned with the design of ML algorithms that can resist security challenges, the study of the capabilities of attackers, and the understanding of attack consequences."
  • Definition: An individual, group, organization, or government that conducts or has the intent to conduct detrimental activities. Related Term(s): threat agent, attacker
  • "A notification of i) a refusal to grant credit in substantially the amount or on substantially the terms requested in an application unless the creditor makes a counteroffer (to grant credit in a different amount or on other terms) and the applicant uses or expressly accepts the credit(...)
  • "A substantially different rate of selection [such as in hiring] which works to the disadvantage of members of a race, sex, or ethnic group."
  • "a development approach that delivers software in increments by following the principles of the Manifesto for Agile Software Development."
  • "[An overarching concept, value, belief, or norm that guides AI development, testing, and deployment across the AI lifecycle. The OECD] identifies five complementary values-based principles for the responsible stewardship of trustworthy AI and calls on AI actors to promote and implement them:(...)
  • Definition: The physical separation or isolation of a system from other systems or networks.
  • Definition: A notification that a specific attack has been detected or directed at an organization’s information systems.
  • "A set of step-by-step instructions. Computer algorithms can be simple (if it's 3 p.m., send a reminder) or complex (identify pedestrians)."
  • "[a] framework [that] centers human decision making, providing a more precise lens for studying the social impacts of algorithmic decision making aids; . . . processes that employ algorithmic aids to enhance human decision making. In contrast to the human-in-the-loop paradigm, which privileges(...)
  • "biased assessment of an algorithm which manifests in negative behaviours and attitudes towards the algorithm compared to a human agent."
  • "ensur[ing] that powerful AI is properly aligned with human values. ... The challenge of alignment has two parts. The first part is technical and focuses on how to formally encode values or principles in artificial agents so that they reliably do what they ought to do. ... The second part of(...)
  • Definition: In the NICE Framework, cybersecurity work where a person: Analyzes threat information from multiple sources, disciplines, and agencies across the Intelligence Community. Synthesizes and places intelligence information in context; draws insights about the possible implications.
  • Definition: A list of entities that are considered trustworthy and are granted access or privileges. Related Term(s): Blocklist
  • "[an act of amplifying, which is] to make larger or greater (as in amount, importance, or intensity)."
  • "Analytics is the application of scientific & mathematical methods to the study & analysis of problems involving complex systems. There are three distinct types of analytics: * Descriptive Analytics gives insight into past events, using historical data. * Predictive Analytics provides insight(...)
  • Definition: A NICE Framework category consisting of specialty areas responsible for highly specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.
  • "Further documentation accompanying a requirement."
  • "Anything observed in the documentation or operation of a system that deviates from expectations based on previously verified system, software, or hardware products or reference documents."
  • "The process in which individually identifiable data is altered in such a way that it no longer can be related back to a given individual. Among many techniques, there are three primary ways that data is anonymized. Suppression is the most basic version of anonymization and it simply removes(...)
  • "the attribution of distinctively human-like feelings, mental states, and behavioral characteristics to inanimate objects, animals, and in general to natural phenomena and supernatural entities"
  • Definition: A program that specializes in detecting and blocking or removing forms of spyware. Related Term(s): spyware
  • Definition: A program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents. Sometimes by removing or neutralizing the malicious code.
  • An application is a collection of one or more related software programs that enables a user to enter, store, view, modify or extract information from files or databases. The term is commonly used in place of “program,” or “software.” Applications may include word processors, Internet browsing(...)
  • "A software program hosted by an information system."
  • "a software contract between the application and client, expressed as a collection of methods or functions. . . it defines the available functions you can execute; . . . the intermediary interface between the client and the application."
  • Archival data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes. Archival data may be written to removable media such as a CD, magneto-optical media, tape or other electronic(...)
  • Archives are long term repositories for the storage of records. Electronic archives preserve the content, prevent or track alterations and control access to electronic records.
  • "Algorithms that perform a wide variety of tasks and switch simultaneously from one activity to another in the manner that humans do."
  • "Interdisciplinary field, usually regarded as a branch of computer science, dealing with models and systems for the performance of functions generally associated with human intelligence, such as reasoning and learning."
  • "The ingestion of a corpus, application of semantic mapping, and relevant ontology of structured and/or unstructured data that yields inference and correlation leading to the creation of useful conclusive or predictive capabilities in a given knowledge domain. Strong AI learning also includes(...)
  • "[an AI system that] is designed to accomplish a specific problem-solving or reasoning task."
  • "A computing system, made up of a number of simple, highly interconnected processing elements, which processes information by its dynamic state response to external inputs."
  • "Action of applying specific documented criteria to a specific software module, package or product for the purpose of determining acceptance or release of the software module, package or product."
  • Definition: Anything useful that contributes to the success of something, such as an organizational mission; assets are things of value or properties to which value can be assigned.
  • Synonym(s): public key cryptography
  • An attachment is a record or file associated with another record for the purpose of storage or transfer. There may be multiple attachments associated with a single “parent” or “master” record. The attachments and associated record may be managed and processed as a single unit. In common use,(...)
  • Definition: An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity. Related Term(s): active attack, passive attack
  • Definition: The manner or technique and means an adversary may use in an assault on information or an information system.
  • Definition: The steps that an adversary takes or may take to plan, prepare for, and execute an attack.
  • Definition: A characteristic or distinctive pattern that can be searched for or that can be used in matching to previously identified attacks. Related Term(s): attack pattern
  • Definition: An information system's characteristics that permit an adversary to probe, attack, or maintain presence in the information system.
  • Definition: An individual, group, organization, or government that executes an attack. Related Term(s): adversary, threat agent
  • An attribute is a characteristic of data that sets it apart from other data, such as location, length, or type. The term attribute is sometimes used synonymously with “data element” or “property.”  ASCII (Acronym for American Standard Code): ASCII is a code that assigns a number to each(...)
  • "Systematic, independent, documented process for obtaining records, statements of fact, or other relevant information and assessing them objectively, to determine the extent to which specified requirements are fulfilled."
  • "A chronological record of system activities, including records of system accesses and operations performed in a given period."
  • Definition: The process of verifying the identity or other attributes of an entity (user, process, or device). Extended Definition: Also the process of verifying the source and integrity of data.
  • Definition: A property achieved through cryptographic methods of being genuine and being able to be verified and trusted, resulting in confidence in the validity of a transmission, information or a message, or sender of information or a message. Related Term(s): integrity, non-repudiation
  • The author of a document is the person, office or designated position responsible for its creation or issuance. In the case of a document in the form of a letter, the author or originator is usually indicated on the letterhead or by signature. In some cases, the software application producing(...)
  • Definition: A process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resource. Extended Definition: The process or act of granting access privileges or the access privileges as granted.
  • "Independent machine-managed choreography of the operation of one or more digital systems."
  • "over-relying on the outputs of AI systems"
  • "A monitor-analyze-plan-execute (MAPE) computer system capable of sensing environments, interpreting policy, accessing knowledge (data --- information --- knowledge), making decisions, and initiating dynamically assembled routines of choreographed activity to both complete a process and update(...)
  • "[an] automobile, bus, tractor, combine, boat, forklift, etc. . . . capable of sensing its environment and moving safely with little or no human input."
  • "The system has a set of intelligence-based capabilities that allows it to respond to situations that were not pre-programmed or anticipated (i.e., decision-based responses) prior to system deployment. Autonomous systems have a degree of self-government and self-directed behavior (with the(...)
  • Definition: In cybersecurity, applies to assets such as information or information systems. Related Term(s): confidentiality, integrity
  • "the quantitative evaluation of a model’s performance both from a statistical and trading perspective"
  • "A form of outcomes analysis that involves the comparison of actual outcomes with modeled forecasts during a development sample time period (in-sample back-testing) and during a sample period not used in model development (out-of-time back-testing), and at an observation frequency that matches(...)
  • "The way many neural nets learn. They find the difference between their output and the desired output, then adjust the calculations in reverse order of execution."
  • To create a copy of data as a precaution against the loss or damage of the original data. Most users backup some of their files, and many computer networks utilize automatic backup software to make regular copies of some or all of the data on the network. Some backup systems use digital audio(...)
  • Backup data is information that is not presently in use by an organization and is routinely stored separately upon portable media, to free up space and permit data recovery in the event of disaster.
  • Files copied to diskettes, portable disk drives, backup tapes and compact disks, providing the user with access to data in case of emergency. Some backup files are created automatically by certain applications or operating systems, are not readily apparent to the user and are maintained (as(...)
  • Backup or disaster recovery tapes are portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery.
  • Backup tape recycling is the process whereby an organization’s backup tapes are overwritten with new backup data, usually on a fixed schedule (i.e., the use of nightly backup tapes for each day of the week with the daily backup tape for a particular day being overwritten on the same day the(...)
  • "individuals or entities who are responsible for cyber incidents against enterprises, governments, and users."
  • "Bagging predictors is a method for generating multiple versions of a predictor and using these to get an aggregated predictor."
  • The amount of information or data that can be sent over a network connection in a given period of time. Bandwidth is usually stated in bits per second (bps), kilobits per second (kbps), or megabits per second (mps).
  • "Process automation execution of intentionally segregated work processes that are able to be processed irrespective of their contextual placement within a service."
  • A bates production number is a tracking number assigned to each page of each document in the production set.
  • Definition: Observing activities of users, information systems, and processes and measuring the activities against organizational policies and rule, baselines of normal activity, thresholds, and trends.
  • "Standard against which results can be measured or assessed; Procedure, problem, or test that can be used to compare systems or components to each other or to a standard."
  • The Best Evidence Rule states that to prove the content of a written document, recording, or photograph, the "original" writing, recording, or photograph is ordinarily required.
  • "A systematic error. In the context of fairness, we are concerned with unwanted bias that places privileged groups at systematic advantage and unprivileged groups at systematic disadvantage."
  • "A procedure for reducing unwanted bias in training data or models."
  • "As it relates to disparate impact, courts and regulators have utilized or considered as acceptable various statistical tests to evaluate evidence of disparate impact. Traditional methods of statistical bias testing look at differences in predictions across protected classes, such as race or(...)
  • "Extremely large data sets that are statistically analyzed to gain detailed insights. The data can involve billions of records and require substantial computer-processing power. Datasets are sometimes linked together to see how patterns in one domain affect other areas. Data can be structured(...)
  • Mathematical base 2, or numbers composed of a series of zeros and ones. Since zero's and one's can be easily represented by two voltage levels on an electronic device, the binary number system is widely used in digital computing.
  • "a technique of lumping small ranges of values together into categories, or "bins," for the purpose of reducing the variability (removing some of the fine structure) in a data set."
  • "personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopic data;"
  • Basic input output system
  • A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code. A collection of bits is put together to form a byte.
  • Definition: A list of entities that are blocked or denied privileges or access. Related Term(s): Allowlist
  • Blogs, also referred to as Web logs, are frequent, chronological Web publications consisting of links and postings. The most recent posting appears at the top of the page.
  • Definition: A group that defends an enterprise's information systems when mock attackers (i.e., the Red Team) attack, typically as part of an operational exercise conducted according to rules established and monitored by a neutral group (i.e., the White Team). Related Term(s): Red Team,(...)
  • "Boosting works by sequentially applying a classification algorithm to reweighted versions of the training data and then taking a weighted majority vote of the sequence of classifiers thus produced."
  • Definition: A computer connected to the Internet that has been surreptitiously / secretly compromised with malicious logic to perform activities under remote the command and control of a remote administrator. Synonym(s): zombie Related Term(s): botnet
  • Definition: The controller of a botnet that, from a remote location, provides direction to the compromised computers in the botnet. Synonym(s): bot herder
  • Definition: A collection of computers compromised by malicious code and controlled across a network.
  • "The loss of control, compromise, unauthorized disclosure, unauthorized acquisition, or any similar occurrence where: a person other than an authorized user accesses or potentially accesses personally identifiable information; or an authorized user accesses personally identifiable information(...)
  • "Complex, computational, cognitive automation system capable of providing descriptive, predictive, prescriptive, and limited deductive analytics with relevance and accuracy exceeding human expertise in a broad, logically related set of knowledge domains."
  • Definition: An unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device. Can lead to application errors, crash, or vulnerablity
  • "Reward given to independent security researchers, penetrations testers, and white hat hackers for discovering exploitable software vulnerabilities and sharing this knowledge with the operator of a particular bug-bounty program (BBP)."
  • Definition: A set of principles, practices, and tools to design, develop, and evolve information systems and software that enhance resistance to vulnerabilities, flaws, and attacks.
  • "Equipment or software embedded in the operational components or systems, as opposed to external support units, which perform a test or sequence of tests to verify mechanical or electrical continuity of hardware, or the proper automatic sequencing, data processing, and readout of hardware or(...)
  • Slang for making (burning) a CD-ROM copy of data, whether it is music, software, or other data.
  • "A defined set of business activities that represent the steps or tasks required to achieve a business objective, including the flow and use of information, participants, and human or digital resources."
  • "Discipline involving any combination of modeling, automation, execution, control, measurement and optimization of business activity flows, in support of enterprise goals, spanning systems, employees, customers, and partners within and beyond the enterprise boundaries."
  • "Definition, constraint, dependency, or decision criteria that determine the method of execution of a task or tasks, or influences the order of execution of a task or tasks. Business rules assert control, or influence the behavior, of a business process within computing systems."
  • Eight bits. The byte is the basis for measurement of most computer data as multiples of the byte value. A "megabyte" is one million bytes or eight million bits or a "gigabyte" is one billion bytes or eight billion bits. 1 gigabyte = 1,000 megabytes 1 terabyte = 1,000 gigabytes
  • A fast storage buffer in the central processing unit of a computer that temporarily stores frequently used information for quick access.
  • "A comparison between a device under test and an established standard, such as UTC(NIST). When the calibration is finished, it should be possible to state the estimated time offset and/or frequency offset of the device under test with respect to the standard, as well as the measurement uncertainty."
  • Definition: The means to accomplish a mission, function, or objective. Related Term(s): intent
  • "Single entry, single exit multiple way branch that defines a control expression, specifies the processing to be performed for each value of the control expression, and returns control in all instances to the statement immediately following the overall construct."
  • "an intellectual discipline that considers the assumptions, study designs, and estimation strategies that allow researchers to draw causal conclusions based on data. The term ‘causal conclusion’ used here refers to a conclusion regarding the effect of a causal variable (often referred to as(...)
  • "acting as the cause of something"
  • Data storage medium that uses compact discs to store about 1,500 floppy discs worth of data.
  • A chain of custody tracks evidence from its original source to what is offered as evidence in court
  • "Conversational agent that dialogues with its user (for example: empathic robots available to patients, or automated conversation services in customer relations)."
  • "An ordered sequence of system-to-system message exchanges between two or more participants. In choreography, there is no central controller, responsible entity, or observer of the process."
  • Synonym(s): cryptographic algorithm
  • Definition: Data or information in its encrypted form. Related Term(s): plaintext
  • "When the output is one of a finite set of values (such as sunny, cloudy or rainy), the learning problem is called classification, and is called Boolean or binary classification if there are only two values."
  • "A model that predicts categorical labels from features."
  • A computer network design involving desktop PCs that depend on other (generally larger) computers to provide the PCs with information and/or applications. In the client/server environment, the client (PC) and the server are symbiotic and processing occurs in both places. Client- server(...)
  • Definition: A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
  • "Detecting potentially useful clusters of input examples."
  • Document coding is the process of capturing case-relevant information (i.e. author, date authored, date sent, recipient, date opened, etc.) from a paper document.
  • "The identification, assessment, and application of available machine learning algorithms for the purpose of leveraging domain knowledge and reasoning to further automate the machine learning already present in a manner that may be thought of as cognitive. With cognitive automation, the system(...)
  • "Complex computational systems designed to — Sense (perceive the world and collect data); — Comprehend (analyze and understand the information collected); - Act (make informed decisions and provide guidance based on this analysis in an independent way); and — Adapt (adapt capabilities based(...)
  • Definition: A NICE Framework category consisting of specialty areas responsible for specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence.
  • Definition: In the NICE Framework, cybersecurity work where a person: Executes collection using appropriate strategies and within the priorities established through the collection management process.
  • "In the context of relational databases, a column is a set of data values, all of a single type, in a table."
  • "A canonical example [of algorithmic bias] comes from a tool used by courts in the United States to make pretrial detention and release decisions. The software, Correctional Offender Management Profiling for Alternative Sanctions (COMPAS), measures the risk of a person to recommit another(...)
  • A technology that reduces the size of a file. Compression programs are valuable to network users because they help save both time and bandwidth.
  • Computer forensics is the use of specialized techniques for recovery, authentication, and analysis of electronic data when a case involves issues relating to reconstruction of computer usage, examination of residual data, authentication of data by technical analysis or explanation of(...)
  • The science of obtaining, preserving, and documenting evidence from digital electronic storage devices, such as computers, pagers, PDAs, digital cameras, cell phones, and various memory storage devices. All must be done in a manner designed to preserve the probative value of the evidence and(...)
  • Definition: The actions taken to defend against unauthorized activity within computer networks.
  • Definition: In the NICE Framework, cybersecurity work where a person: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and(...)
  • Definition: In the NICE Framework, cybersecurity work where a person: Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources; monitors(...)
  • Refers to the entire computing environment. This environment may consist of one large computer serving many users (e.g. a mainframe or mini- computer) or one or more personal computers working individually or linked together through a network. A computer system includes all hardware and(...)
  • "The digital process of perceiving and learning visual tasks in order to interpret and understand the world through cameras and sensors."
  • "Use of a system outside the planned domain of application, and a common cause of performance gaps between laboratory settings and the real world."
  • Definition: A property that information is not disclosed to users, processes, or devices unless they have been authorized to access the information.Related Term(s): availability, integrity
  • "A matrix showing the predicted and actual classifications. A confusion matrix is of size LxL, where L is the number of different label values"
  • "‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her."
  • Definition: In cybersecurity, the effect of a loss of confidentiality, integrity or availability of information or an information system on an organization's operations, its assets, on individuals, other organizations, or on national interests.
  • "independent system that forms part of a system of systems (SoS) (note: Constituent systems can be part of one or more SoS. Each constituent system is a useful system by itself, having its own development, management, utilization, goals, and resources, but interacts within the SoS to provide(...)
  • "Specification of what may be contained in a data or metadata set in terms of the content or, for data only, in terms of the set of key combinations to which specific attributes (defined by the data structure) may be attached."
  • "the degree to which the application of constructs to phenomena is warranted with respect to the research goals and questions."
  • "the psychological, social, physical, or other harms experienced by someone while they are interacting with content that is algorithmically recommended to them."
  • "Refers to the extent to which a measure thoroughly and appropriately assesses the skills or characteristics it is intended to measure."
  • "A contestable statement, claim, legal decision, etc. is one that is possible to argue about or try to have changed because it may be wrong"
  • "The context is the circumstances, purpose, and perspective under which an object is defined or used."
  • ""
  • "The Context of Use is the actual conditions under which a given artifact/software product is used, or will be used in a normal day to day working situation."
  • "A computing system with sufficient knowledge regarding its purpose that it understands the source, relevance, and utility of data and inputs."
  • Definition: A document that sets forth procedures for the continued performance of core capabilities and critical operations during any disruption or potential disruption.Related Term(s): Business Continuity Plan, Disaster Recovery Plan, Contingency Plan
  • "(control group) the set of observations in an experiment or prospective study that do not receive the experimental treatment(s). These observations serve (a) as a comparison point to evaluate the magnitude and significance of each experimental treatment, (b) as a reality check to compare the(...)
  • "property of a system that allows a human or another external agent to intervene in the system’s functioning; such a system is heteronomous."
  • "‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the(...)
  • Small data files written to a user's hard drive by a Web server. These files contain specific information that identifies users (i.e., passwords and lists of pages visited). 
  • A copy is an accurate reproduction of information contained in the data objects independent of the original physical
  • "A deliberately assembled collection of knowledge and data (structured and/or unstructured) believed to contain relevant information on a topic or topics to be used by software systems for which useful analysis, prediction, or outcome is being sought."
  • "In its most general sense correlation denoted the interdependence between quantitative or qualitative data. In this sense it would include the association of dichotomised attributes and the contingency of multiply-classified attributes."
  • "Statements taking the form: Score p was returned because variables V had values (v1, v2,...) associated with them. If V instead had values (v1', v2',...) score p' would have been returned."
  • "Our definition of counterfactual fairness captures the intuition that a decision is fair towards an individual if it the same in (a) the actual world and (b) a counterfactual world where the individual belonged to a different demographic group."
  • "Actions, devices, procedures, techniques, or other measures that reduce the vulnerability of a system. Synonymous with security controls and safeguards."
  • "compares responses to future performance or to those obtained from other, more well-established surveys. Criterion validity is made up two subcategories: predictive and concurrent. Predictive validity refers to the extent to which a survey measure forecasts future performance. A graduate(...)
  • Definition: The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters. Related Term(s): key resource
  • "a type of participative online activity in which an individual, an institution, a non-profit organization, or company proposes to a group of individuals of varying knowledge, heterogeneity, and number, via a flexible open call, the voluntary undertaking of a task. The undertaking of the task,(...)
  • Definition: The operations performed in defeating or circumventing cryptographic protection of information by applying mathematical techniques and without an initial knowledge of the key employed in providing the protection.
  • Definition: A well-defined computational procedure that takes variable inputs, including a cryptographic key, and produces an output. Related Term(s): key, encryption, decryption, symmetric key, asymmetric key
  • Definition: The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication, and data origin authentication. Extended Definition: The art or science concerning the principles, means, and methods for converting plaintext into(...)
  • Definition: The mathematical science that deals with cryptanalysis and cryptography. Related Term(s): cryptanalysis, cryptography
  • "The beneficiary of the execution of an automated task, process, or service."
  • Definition: In the NICE Framework, cybersecurity work where a person: Addresses problems, installs, configures, troubleshoots, and provides maintenance and training in response to customer requirements or inquiries (e.g., tiered-level customer support).
  • Definition: The interconnected information infrastructure of interactions among persons, processes, data, and information and communications technologies, along with the environment and conditions that influence those interactions.
  • Definition: A planned event during which an organization simulates a cyber disruption to develop or test capabilities such as preventing, detecting, mitigating, responding to or recovering from the disruption.
  • Definition: The information and communications systems and services composed of all hardware and software that process, store, and communicate information, or any combination of all of these elements:  Processing includes the creation, access, modification, and destruction of(...)
  • Definition: In the NICE Framework, cybersecurity work where a person: Performs activities to gather evidence on criminal or foreign intelligence entities in order to mitigate possible or real-time threats, protect against espionage or insider threats, foreign sabotage, international terrorist(...)
  • Definition: in the NICE Framework, cybersecurity work where a person: Performs in-depth joint targeting and cyber planning process. Gathers information and develops detailed Operational Plans and Orders supporting requirements. Conducts strategic and operational-level planning across the full(...)
  • Definition: The collecting, processing, organizing, and analyzing data into actionable information that relates to capabilities, opportunities, actions, and intent of adversaries in the cyber domain to meet a specific requirement determined by and informing decision-makers.
  • Definition: Strategy, policy, and standards regarding the security of and operations in cyberspace, and encompass[ing] the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities,(...)
  • Definition: The interdependent network of information technology infrastructures, that includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers.
  • "“Dark pattern” means a user interface designed or manipulated with the substantial effect of subverting or impairing user autonomy, decisionmaking, or choice, as further defined by regulation."
  • Used as a storage medium in some backup systems.
  • Information stored on the computer system and used by applications to accomplish tasks. 3
  • Definition: In the NICE Framework, cybersecurity work where a person: Develops and administers databases and/or data management systems that allow for the storage, query, and utilization of data.
  • Definition: The process of gathering and combining data from different sources, so that the combined data reveals new information. Related Term(s): data mining
  • "The analysis of data to gather substantive insights. Researchers use statistical techniques to find trends or patterns in the data, which give them a better understanding of a range of different topics. Data analytic approaches are used in many businesses and organizations to track day-to-day(...)
  • Definition: The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information. Related Term(s): data loss, data theft, exfiltration
  • "Data Cleaning is the process of identifying, correcting, or removing inaccurate or corrupt data records"
  • "management oversight of information policies for an organization’s information; observing and reporting on how processes are working and managing issues."
  • "A statistical bias in which testing huge numbers of hypotheses of a dataset may appear to yield statistical significance even when the results are statistically nonsignificant."
  • "The change in model input data that leads to model performance degradation."
  • "Data-driven decision making (DDD) refers to the practice of basing decisions on the analysis of data rather than purely on intuition."
  • "A data corpus, after the application of semantic mapping, relevant ontologies, and data seeding sufficient for artificial intelligence (AI) or machine learning algorithms to provide meaningful insight, prediction, and/or prescription."
  •  See File
  • "A process in which data, generated by multiple sensory sources, is integrated and/or correlated to create information, knowledge, and/or intelligence that may be displayed for user or be actionable to accomplish the tasks."
  • "A set of processes that ensures that data assets are formally managed throughout the enterprise. A data governance model establishes authority and management and decision making parameters related to the data produced or managed by the enterprise."
  • Definition: The property that data is complete, intact, and trusted and has not been modified or destroyed in an unauthorized or accidental manner. Related Term(s): integrity, system integrity
  • Definition: The result of unintentionally or accidentally deleting data, forgetting where it is stored, or exposure to an unauthorized party. Related Term(s): data leakage, data theft
  • Definition: A set of procedures and mechanisms to stop sensitive data from leaving a security boundary. Related Term(s): data loss, data theft, data leak
  • Definition: The process or techniques used to analyze large sets of existing information to discover previously unrevealed patterns or correlations. Related Term(s): data aggregation
  • "a discrete unit of information."
  • "Machine learning systems trained on user-provided data are susceptible to data poisoning attacks, whereby malicious users inject false training data with the aim ofcorrupting the learned model"
  • "We define data preparation as the set of preprocessing operations performed in early stages of a data processing pipeline, i.e., data transformations at the structural and syntactical levels"
  • "Data that are closely related to and serve in place of data that are either unobservable or immeasurable."
  • "degree to which the characteristics of data satisfy stated and implied needs when used under specified conditions"
  • "The field that combines domain expertise, programming skills, and knowledge of mathematics and statistics to extract meaningful insights from data."
  • "A practitioner who has sufficient knowledge in the overlapping regimes of business needs, domain knowledge, analytical skills, and software and systems engineering to manage the end-to-end data processes in the analytics life cycle."
  • "The intentional introduction of initial state conditions, influencing factors, and outcomes (both successful and unsuccessful) in a data fabric to create sufficient machine learning analysis signals to enable encouragement/discouragement to enrich deterministic relationships between data(...)
  • Definition: The deliberate or intentional act of stealing of information. Related Term(s): data aggregation, data leakage, data loss
  • "process by which the data required by an application is identified, extracted, cleaned and integrated, to yield a data set that is suitable for exploration and analysis."
  • De-Duplication (“De-Duping”) is the process of comparing electronic records based on their characteristics and removing duplicate records from the data set. 
  • Definition: To convert enciphered text to plain text by means of a cryptographic system. Synonym(s): decode, decrypt
  • "A conclusion reached after consideration of business rules and relevant data within a given process."
  • "the cognitive process resulting in the selection of a belief or a course of action among several possible alternative options. It could be either rational or irrational. The decision-making process is a reasoning process based on assumptions of values, preferences and beliefs of the(...)
  • "A point within a business process where the process flow can take one of several alternative paths, including recursive."
  • ""
  • "a computer program application used to improve a company's decision-making capabilities. It analyzes large amounts of data and presents an organization with the best possible options available[; they] bring together data and knowledge from different areas and sources to provide users with(...)
  • "Tree‐structure resembling a flowchart, where every node represents a test to an attribute, each branch represents the possible outcomes of that test, and the leaves represent the class labels."
  • Definition: To convert encoded text to plain text by means of a code. Synonym(s): decipher, decrypt
  • "the total or partial removal of existing components and their corresponding sub-components from Production and any relevant environment, minimizing risks and impacts, ensuring policy compliance, and maximizing the financial benefits (i.e., optimizing the cost reduction)."
  • Definition: A generic term encompassing decode and decipher. Synonym(s): decipher, decode
  • Definition: The process of transforming ciphertext into its original plaintext. Extended Definition: The process of converting encrypted data back into its original form, so it can be understood.Synonym(s): decode, decrypt, decipher
  • "Insights, reporting, and information answering the question, "What would likely happen IF…?” Deductive analytics evaluates causes and outcomes of possible future events."
  • "A subset of machine learning that relies on neural networks with many layers of neurons. In so doing, deep learning employs statistics to spot underlying trends or data patterns and applies that knowledge to other layers of analysis. Some have labeled this as a way to “learn by example” and a(...)
  • "Digital images and audio that are artificially altered or manipulated by AI and/or deep learning often to make someone do or say something he or she did not actually do or say. Pictures or videos can be edited to put someone in a compromising position or to have someone make a controversial(...)
  • Deleted data is data that, in the past, existed on the computer as live data and which has been deleted by the computer system or end-user activity. Deleted data remains on storage media in whole or in part until it is overwritten by ongoing usage or “wiped” with a software program(...)
  • A file with disk space that has been designated as available for reuse. The deleted file remains intact until it has been overwritten with a new file. 
  • Deletion is the process whereby data is removed from active files and other data storage structures on computers and rendered inaccessible except using special data recovery tools designed to recover deleted data.
  • Definition: An attack that prevents or impairs the authorized use of information system resources or services.
  • "(denigrate) to attack the reputation of"
  • " ability to perform as and when required (note 1: includes availability, reliability, recoverability, maintainability, and maintenance support performance, and, in some cases, other characteristics such as durability, safety and security. Note 2: used as a collective term for the time-related(...)
  • "Phase of a project in which a system is put into operation and cutover issues are resolved"
  • "Insights, reporting, and information answering the question, “Why did something happen?” Descriptive analytics determines information useful to understanding the cause(s) of an event(s)."
  • Usually refers to an individual PC -- a user's desktop computer.
  • "modelling [that] produces consistent outcomes for a given set of inputs, regardless of how many times the model is recalculated. The mathematical characteristics are known in this case. None of them is random, and each problem has just one set of specified values as well as one answer or(...)
  • "An algorithm that, given the same inputs, always produces the same outputs."
  • "A general term that includes developers or manufacturers of systems, system components, or system services; systems integrators; vendors; and product resellers. Development of systems, components, or services can occur internally within organizations or through external entities."
  • "Insights, reporting, and information answering the question, “Why did something happen?” Diagnostic analytics determines information useful to understanding the cause(s) of an event(s)."
  • "Pertaining to the detection and isolation of faults or failures"
  • "Differential privacy is a method for measuring how much information the output of a computation reveals about an individual. It is based on the randomised injection of "noise". Noise is a random alteration of data in a dataset so that values such as direct or indirect identifiers of(...)
  • "Differential validity states that the validities in two applicant populations are unequal, that is, pi != pa."
  • Storing information as a string of digits – namely “1”s and “0”s. 
  • Information stored or transmitted in binary form that may be relied upon in court.
  • Definition: The processes and specialized techniques for gathering, retaining, and analyzing system-related data (digital evidence) for investigative purposes.Synonym(s): computer forensics, forensics
  • "Digital automation of information technology systems and/or business processes that successfully delivers work output previously performed by human labor or new work output that would typically or alternatively have been performed by human labor."
  • Definition: A form of access control technology to protect and manage use of digital content or devices in accordance with the content or device provider's intentions.
  • Definition: A value computed with a cryptographic process using a private key and then appended to a data object, thereby digitally signing the data.Related Term(s): electronic signature
  • "The collective suite of automation technologies delivering existing or new work output as applied in a business; the manifestation of digital labor."
  • "The dimension of an object is a topological measure of the size of its covering properties. Roughly speaking, it is the number of coordinates needed to specify a point on the object."
  • "Dimensionality reduction is the process of taking data in a high dimensional space and mapping it into a new space whose dimensionality is much smaller"
  • It may be a floppy disk, or it may be a hard disk. Either way, it is a magnetic storage medium on which data is digitally stored. A disc may also refer to a CD-ROM.  Distributed Data: Distributed data is that information belonging to an organization which resides on portable media and(...)
  • "Disadvantageous treatment of a person based on belonging to a category rather than on individual merit."
  • "Facially neutral practices that might nevertheless have an unjustified adverse impact on members of a protected class."
  • "Intentional discrimination, including (i) decisions explicitly based on protected characteristics; and (ii) intentional discrimination via proxy variables (e.g literacy tests for voting eligibility)."
  • Definition: An event which causes unplanned interruption in operations or functions for an unacceptable length of time.
  • Definition: A denial of service technique that uses numerous systems to perform the attack simultaneously. Related Term(s): denial of service, botnet
  • "Optimizing the predictive accuracy for a whole class of distributions instead of just a single target distribution."
  • "Diversity refers to anything that sets one individual apart from another, including the full spectrum of human demographic differences as well as the different ideas, backgrounds, and opinions people bring."
  • Fed. R. Civ. P. 34(a) defines a document as “including writings, drawings, graphs, charts, photographs, phonorecords, and other data compilations.” In the electronic discovery world, a document also refers to a collection of pages representing an electronic file. E-mails, attachments,(...)
  • "Collection of documents on a given subject; written or pictorial information describing, defining, specifying, reporting, or certifying activities, requirements, procedures, or results."
  • "Distinct scope, within which common characteristics are exhibited, common rules observed, and over which a distribution transparency is preserved."
  • "Domain expertise implies knowledge and understanding of the essential aspects of a specific field of inquiry."
  • "Differences between the source and target domain data"
  • An external hardware devices with some memory inside it.
  • "The practice in which tech workers use their own product consistently to see how well it works and where improvements can be made."
  • A duplicate is an accurate digital reproduction of all data objects contained on the original physical item.
  • Definition: The automated, on-the-fly changes of an information system's characteristics to thwart actions of an adversary.
  • "The process in which one or more paths are defined and may be utilized based on the conditions present at the time of execution."
  • A top most e-mail message store is the location in which an e-mail system stores its data. For instance, an Outlook PST (personal storage folder) is a type of top most file that is created when a user’s Microsoft Outlook mail account is set up. Additional Outlook PST files for that user can(...)
  • "An attack in which an attacker listens passively to the authentication protocol to capture information that can be used in a subsequent active attack to masquerade as the claimant."
  • "a problem or situation, especially in computer programming, that only happens at the highest or lowest end of a range of possible values or in extreme situations:"
  • Definition: In the NICE Framework, cybersecurity work where a person: Conducts training of personnel within pertinent subject domain; develop, plan, coordinate, deliver, and/or evaluate training courses, methods, and techniques as appropriate.
  • "The concept of effective challenge is used to improve AI implementation at large financial services organizations in the US. An interpretation of an effective challenge is that, when building AI systems, one of the best ways to guarantee good results is to actively challenge and review each(...)
  • The discovery of electronic documents and data including e-mail, Web pages, word processing files, computer databases, and virtually anything that is stored on a computer. Technically, documents and data are “electronic” if they exist in a medium that can only be read through the use of(...)
  • Commonly referred to as “e-mail”, an electronic mail message is a document created or received via an electronic mail system, including brief notes, formal or substantive narrative documents, and any attachments, such as word processing and other electronic documents, which may be transmitted(...)
  • Information recorded in a form that requires a computer or other machine to process it and that otherwise satisfies the definition of a record. 
  • Definition: Any mark in electronic form associated with an electronic document, applied with the intent to sign the document.Related Term(s): digital signature
  • "An embedding is a representation of a topological object, manifold, graph, field, etc. in a certain space in such a way that its connectivity or algebraic properties are preserved. For example, a field embedding preserves the algebraic structure of plus and times, an embedding of a(...)
  • ""
  • "The use of a data processing system to imitate another data processing system, so that the imitating system accepts the same data, executes the same programs, and achieves the same results as the imitated system."
  • Definition: To convert plaintext to ciphertext by means of a cryptographic system.Synonym(s): encode, encrypt
  • Definition: To convert plaintext to ciphertext by means of a code.Synonym(s): encipher, encrypt
  • Definition: The generic term encompassing encipher and encode.Synonym(s): encipher, encode
  • Definition: The process of transforming plaintext into ciphertext. Converting data into a form that cannot be easily understood by unauthorized people.Synonym(s): encode, encrypt, encipher
  • A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.
  • "An activity, task, or output that describes or defines the conclusion of a process."
  • "n. 3a: a designer or builder of engines; b: a person who is trained in or follows as a profession a branch of engineering; c: a person who carries through an enterprise by skillful or artful contrivance; 4: a person who runs or supervises an engine or an apparatus. v. 1: to lay out,(...)
  • "a machine learning paradigm where multiple models (often called “weak learners”) are trained to solve the same problem and combined to get better results. The main hypothesis is that when weak models are correctly combined we can obtain more accurate and/or robust models."
  • Definition: A comprehensive approach to risk management that engages people, processes, and systems across an organization to improve the quality of decision making for managing risks that may hinder an organization’s ability to achieve its objectives.Related Term(s): risk management,(...)
  • "Anything affecting a subject system or affected by a subject system through interactions with it, or anything sharing an interpretation of interactions with a subject system"
  • "(Equalized odds). We say that a predictor bY satisfies equalized odds with respect to protected attribute A and outcome Y, if bY and A are independent conditional on Y."
  • "(Equal opportunity). We say that a binary predictor bY satisfies equal opportunity with respect to A and Y if Pr{bY = 1 | A = 0; Y = 1} = Pr{bY = 1 | A = 1; Y = 1}."
  • "The difference between the observed value of an index and its “true” value. Errors maybe random or systematic. Random errors are generally referred to as “errors”. Systematic errors are called “biases”."
  • "the way in which uncertainties in the variables affect the uncertainty in the calculated results."
  • A common way of networking PCs to create a LAN. 
  • "definition 1a: "a set of moral principles : a theory or system of moral values"; definition 1b: "the principles of conduct governing an individual or a group"; definition 1c: "a consciousness of moral importance"; definition 1d: "a guiding philosophy"; definition 2: "a set of moral issues or(...)
  • "An approach to technology ethics and a key component of responsible innovation that aims to integrate ethics in the design and development stage of the technology. Sometimes formulated as "embedding values in design." Similar terms are "value-sensitive design" and "ethically aligned design.""
  • "(1) systematic determination of the extent to which an entity meets its specified criteria; (2) action that assesses the value of something"
  • "In Evasion Attacks, the adversary solves a constrained optimization problem to find a small input perturbation that causes a large change in the loss function and results in output misclassification."
  • Definition: An observable occurrence in an information system or network. Sometimes provides an indication that an incident is occurring or at least raises the suspicion that an incident may be occurring.Related Term(s): incident
  • "Ex-nomination is the harm of eliminating social identity by almost ignoring its existence. This term comes from Barthes where he coined it to describe what the bourgeoisie do to hide their name and identity by not referring to themselves as such to naturalize bourgeois ideology. This can show(...)
  • "definition 1: "one that serves as a pattern to be imitated or not to be imitated"; definition 3: "one that is representative of all of a group or type"; definition 4: "a parallel or closely similar case especially when serving as a precedent or model"; definition 5: "an instance (such as a(...)
  • "An event that occurs during the performance of the process that causes a diversion from the normal flow of the process. Exceptions are generated by an unanticipated event within a process due to an undefined or unknown input, undefined or unexpected outcome, or unforeseen sequencing of a task(...)
  • "To carry out a plan, a task command, or another instruction"
  • "one that exercises administrative or managerial control"
  • Definition: The unauthorized transfer of information from an information system.Related Term(s): data breach
  • "a series of observations conducted under controlled conditions to study a relationship with the purpose of drawing causal inferences about that relationship. An experiment involves the manipulation of an independent variable, the measurement of a dependent variable, and the exposure of(...)
  • "A form of AI that attempts to replicate a human's expertise in an area, such as medical diagnosis. It combines a knowledge base with a set of hand-coded rules for applying that knowledge. Machine-learning techniques are increasingly replacing hand coding."
  • "The accumulation of specialized knowledge is often called expertise. Passive expertise is a type of knowledge-based specialization that arises from experiences in life and one's position in a society or culture. Formal expertise is the result of a self-selection of a domain of knowledge that(...)
  • "The ability to provide a human interpretable explanation for a machine learning prediction and produce insights about the causes of decisions, potentially to line up with human reasoning."
  • "XAI seeks to make AI more understandable and interpretable, and therefore trustworthy. One of the complaints about artificial intelligence is the lack of transparency in how it operates. Many algorithm developers don’t reveal the data that go into applications or how various factors are(...)
  • "Functionality for providing details on or causes for fairness metric results."
  • "Systems deliver accompanying evidence or reason(s) for all outputs."
  • Definition: A technique to breach the security of a network or information system in violation of security policy.
  • Definition: In the NICE Framework, cybersecurity work where a person: Analyzes collected information to identify vulnerabilities and potential for exploitation.
  • "Exploratory Data Analysis (EDA) is an approach/philosophy for data analysis that employs a variety of techniques (mostly graphical) to 1. maximize insight into a data set; 2. uncover underlying structure; 3. extract important variables; 4. detect outliers and anomalies; 5. test underlying(...)
  • Definition: The condition of being unprotected, thereby allowing access to information or access to capabilities that an attacker can use to enter a system or network.
  • "A study has external validity to the degree that its results can be extended (generalized) beyond the limited research setting and sample in which they were obtained"
  • An Internet based access method to a corporate intranet site by limited or total access through a security firewall. This type of access is typically utilized in cases of joint venture and vendor client relationships. 
  • "A technology for identifying specific people based on pictures or videos. It operates by analyzing features such as the structure of the face, the distance between the eyes, and the angles between a person’s eyes, nose, and mouth. It is controversial because of worries about privacy invasion,(...)
  • Definition: The inability of a system or component to perform its required functions within specified performance requirements.
  • "promoting the false perception that a machine learning model respects some ethical values"
  • ""“cultural assumptions” regarding “the regulation of [human] life effected by stated and unstated rules of interaction,” rules that most interactants see as “generally applicable” and “reasonable.” (We have to get the full definition from the book..."
  • "A quantification of unwanted bias in training data or models."
  • "An example in which the predictive model mistakenly classifies an item as in the negative class."
  • "An example in which the model mistakenly classifies an item as in the positive class"
  • A family range describes the range of documents from the first Bates production number assigned to the first page of the top most parent document through the last Bates production number assigned to the last page of the last child document. 
  • A family relationship is formed among two or more documents that have a connection or relatedness because of some factor. 
  • "The ability of a system or component to continue normal operation despite the presence of hardware or software faults"
  • "A label whose value corresponds to an outcome that provides an advantage to the recipient. The opposite is an unfavorable label."
  • "An attribute containing information for predicting the label."
  • "a more general method in which one tries to develop a transformation of the input space onto the lowdimensional subspace that preserves most of the relevant information"
  • "how important the feature was for the classification performance of the model; a measure of the individual contribution of the corresponding feature for a particular classifier, regardless of the shape (e.g., linear or nonlinear relationship) or direction of the feature effect"
  • "Unlike joint distribution shift detection, which cannot localize which features caused the shift, we define a new hypothesis test for each feature individually. Naïvely, the simplest test would be to check if the marginal distributions have changed for each feature (as explored by [25]);(...)
  • "a learning model which addresses the problem of data governance and privacy by training algorithms collaboratively without transferring the data to another location."
  • "describes the process of leveraging the output of an AI system and corresponding end-user actions in order to retrain and improve models over time. The AI-generated output (predictions or recommendations) are compared against the final decision (for example, to perform work or not) and(...)
  • Where the operating system stores information about a disk's structure. The FAT is a road map, which allows a computer to save information on the disk, locate and retrieve it. Different operating systems have more or less sophisticated FAT 4 capabilities and therefore are more or less(...)
  • A tag of three or four letters, preceded by a period, which identifies a data file's format or the application used to create the file. File extensions can streamline the process of locating data. For example, if one is looking for incriminating pictures stored on a computer, one might begin(...)
  • When several or many computers are networked together in a LAN situation, one computer may be utilized as a storage location for files for the group. File servers may be employed to store e-mail, financial data, word processing information or to back-up the network.
  • One of the key benefits of a network is the ability to share files stored on the server among several users.
  • Groups of information collectively placed under a name and stored on the computer. Files are organized in various directories and subdirectories. 
  • Definition: A hardware/software device or a software program that limits network traffic according to a set of rules of what access is and is not allowed or authorized.
  • A set of related programs that protect the resources of a private network from users from other networks.
  • "Computer programs and data stored in hardware - typically in read-only memory (ROM) or programmable read-only memory (PROM) - such that the programs and data cannot be dynamically written or modified during execution of the programs."
  • "Fitting is the process of verifying whether the data item value is in the previously specified interval."
  • Once the standard and now an increasingly rare storage medium consisting of a thin magnetic film disk housed in a protective sleeve. 
  • "Estimate or prediction of conditions and events in the project's future based on information and knowledge available at the time of the forecast. The information is based on the project's past performance and expected future performance, and includes information that could impact the project(...)
  • The internal structure of a file, which defines the way it is stored and used. Specific applications may define unique formats for their data (i.e., “MS Word document file format”). Many files may only be viewed or printed using their originating application or an application designed to work(...)
  • "a rule of thumb under which [federal enforcement agencies] will generally consider a selection rate for any race, sex, or ethnic group which is less than four-fifths (4/5ths) or eighty percent (80%) of the selection rate for the group with the highest selection rate as a substantially(...)
  • Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.
  • "Monitoring the behavior of populations of users in order to estimate, detect, or avoid undesirable behavior."
  • An Internet protocol that enables you to transfer files between computers on the Internet. 
  • "Accomplishes its assigned mission, within a defined scope, without human intervention while adapting to operational and environmental conditions"
  • "Generative Adversarial Networks, or GANs for short, are an approach to generative modeling using deep learning methods, such as convolutional neural networks. Generative modeling is an unsupervised learning task in machine learning that involves automatically discovering and learning the(...)
  • "[a kind of artificial intelligence] capable of generating new content such as code, images, music, text, simulations, 3D objects, videos, and so on. It is considered an important part of AI research and development, as it has the potential to revolutionize many industries, including(...)
  • A computer compression format for pictures. 
  • A gigabyte is a measure of computer data storage capacity and is a billion (1,000,000,000) bytes.
  • "[An approach that] [t]ries to understand the model as a whole."
  • "The actions to ensure stakeholder needs, conditions, and options are evaluated to determine balanced, agreed-upon enterprise objectives; setting direction through prioritization and decision-making; and monitoring performance and ompliance against agreed-upon directions and objectives. AI(...)
  • "Diagram that represents the variation of a variable in comparison with that of one or more other variables. Diagram or other representation consisting of a finite set of nodes and internode connections called edges or arcs."
  • "A specialized chip capable of highly parallel processing. GPUs are well-suited for running machine learning and deep learning algorithms. GPUs were first developed for efficient parallel processing of arrays of values used in computer graphics. Modern-day GPUs are designed to be optimized for(...)
  • "A GUI is a type of computer human interface on a computer. It solves the blank screen problem that confronted early computer users. These early users sat down in front of a computer and faced a blank screen, with only a prompt. The computer gave the user no indication what the user was to do(...)
  • "information provided by direct observation as opposed to information provided by inference"
  • "The goal of groups defined by protected attributes receiving similar treatments or outcomes."
  • A set of screen presentations and metaphors that utilize graphic elements such as icons in an attempt to make an operating system easier to use. 
  • Definition: An unauthorized user who attempts to or gains access to an information system.
  • "generated content that is nonsensical or unfaithful to the provided source content[; ...] there are two main types of hallucinations, namely intrinsic hallucination and extrinsic hallucination. [An intrinsic hallucination is a] generated output that contradicts the source content; [an(...)
  • The primary storage unit on PCs and servers, consisting of one or more magnetic media platters on which digital data can be written and erased magnetically. Hearsay evidence; Hearsay can be defined as "a statement , other than one made by the declarant while testifying at the trial or hearing(...)
  • "Physical equipment used to process, store, or transmit computer programs or data"
  • "An undesired outcome [whose] cost exceeds some threshold[; ...] the key points in the definition of safety are that: costs have to be sufficiently high in some human sense for events to be harmful, and that safety involves reducing both the probability of expected harms and the possibility of(...)
  • "Harmful bias can be either conscious or unconscious. Unconscious, also known as implicit bias, involves associations outside conscious awareness that lead to a negative evaluation of a person on the basis of characteristics such as race, gender, sexual orientation, or physical ability.3,14(...)
  • "unfairly assigned opportunities or resources due to algorithmic intervention[; ...] when a system [distributes] or withholds certain groups an opportunity or a resource. [They are] immediate, easily quantifiable, discrete, and transactional."
  • "a skew that produces a type of harm[; ...] further classifie[d] into harms of allocation and harms of representation."
  • "algorithmically filtered depictions that are discriminatory. [They are] long term, difficult to formalize, diffuse, and cultural."
  • Definition: A numeric value resulting from applying a mathematical algorithm against a set of data such as a file. Synonym(s): cryptographic hash value Related Term(s): hashing
  • Definition: A process of applying a mathematical algorithm against a set of data to produce a numeric value (a 'hash value') that represents the data. Extended Definition: Mapping a bit string of arbitrary length to a fixed length bit string to produce the hash value.Related Term(s): hash value
  • Definition: A natural or man-made source or cause of harm or difficulty.Related Term(s): threat
  •  The tag-based ASCII language used to create pages on the Web. 
  • "the art of identifying and naming activities using [a]rtificial [i]ntelligence (AI) from the gathered activity raw data by utilizing various sources (so-called devices)."
  • "The type of human-robot-interaction that that refers to situations during which human interactions are needed at the level of detail of task plans, i.e., during the execution of a task"
  • "A C-suite business discipline that develops enterprise human capital strategies and ensures the human capital portfolio is effectively managed. Human capital management provides decision support by combining business and workforce intelligence to the development of enterprise human capital(...)
  • "Human-cognitive biases relate to how an individual or group perceives AI system information to make a decision or fill in missing information, or how humans think about purposes and functions of an AI system. Human biases are omnipresent in decision-making processes across the AI lifecycle(...)
  • "methods and approaches for designing and architecting user interfaces and the interactions between humans and computer (or information) technology."
  • "Detection, correlation, and pattern recognition generated through machine-based observation of human operation of software systems capturing successful or unsuccessful operations to enable the creation of a useful predictive analytics capability."
  • "anything done to an individual to learn how it will affect [that person]."
  • "An AI system that requires human interaction."
  • "The ability of humans and AI systems to work together to undertake complex, evolving tasks in a variety of environments with seamless handoff both ways between human and AI team members. Areas of effort include developing effective policies for controlling human and machine initiatives,(...)
  • "The need for human interaction in a normally fully autonomous behavior due to some extenuating circumstances."
  • "a living individual about whom an investigator (whether professional or student) conducting research: (i) Obtains information or biospecimens through intervention or interaction with the individual, and uses, studies, or analyzes the information or biospecimens; or (ii) Obtains, uses,(...)
  • "methods and approaches for testing and optimizing all human-related considerations from a “whole-system” or “system-of-systems” level."
  • "Artificial intelligence systems use data we generate in our daily lives and as such are a mirror of our interests, weaknesses, and differences. Artificial intelligence, like any other technology, is not value-neutral. Understanding the values behind the technology and deciding on how we want(...)
  • "the parameters that are used to either configure a ML model (e.g., the penalty parameter C in a support vector machine, and the learning rate to train a neural network) or to specify the algorithm used to minimize the loss function (e.g., the activation function and optimizer types in a(...)
  • "A term used generally to refer to testing significance when specific alternatives to the null hypothesis are considered."
  • Definition: A man-made threat achieved through exploitation of the information and communications technology (ICT) system’s supply chain, including acquisition processes.Related Term(s): supply chain, threat
  • Definition: The methods and processes used to manage subjects and their authentication and authorizations to access specific objects.  Synonym(s): consequence
  • "the force of impression of one thing on another : a significant or major effect"
  • "a risk management tool that seeks to ensure an organization has sufficiently considered a system's relative benefits and costs before implementation. In the context of AI, an impact assessment helps to answer a simple question: alongside this system’s intended use, for whom could it fail?"
  • "A malicious individual is able to impersonate a legitimate data subject to the data controller. The adversary forges a valid access request and goes through the identity verification enforced by the data controller. The data controller sends to the adversary the data of a legitimate data(...)
  • "Techniques that modify the algorithms in order to mitigate bias during model training. Model training processes could incorporate changes to the objective (cost) function or impose a new optimization constraint."
  • "A bias mitigation algorithm that is applied to a model during its training."
  • "carrying out some experiment by means of a computer simulation"
  • Inactive records are those Records related to closed, completed, or concluded activities. Inactive Records are no longer routinely referenced, but must be retained in order to fulfill reporting requirements or for purposes of audit or analysis. Inactive records generally reside in a long-term(...)
  • Definition: An occurrence that actually or potentially results in adverse consequences to (adverse effects on) (poses a threat to) an information system or the information that the system processes, stores, or transmits and that may require a response action to mitigate the(...)
  • Definition: The management and coordination of activities associated with an actual or potential occurrence of an event that may result in adverse consequences to information or information systems.
  • Definition: In the Workforce framework, cybersecurity work where a person: Responds to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats; uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of(...)
  • Definition: A set of predetermined and documented procedures to detect and respond to a cyber incident.
  • "a cultural and environmental feeling of belonging and sense of uniqueness. It represents the extent to which employees feel valued, respected, encouraged to fully participate, and able to be their authentic selves."
  • "Of software quality assurance (SQA), situation in which SQA is free from technical, managerial, and financial influences, intentional or unintentional"
  • Definition: An occurrence or sign that an incident may have occurred or may be in progress.Related Term(s): precursor
  • "The goal of similar individuals receiving similar treatments or outcomes."
  • Definition: An information system used to control industrial processes such as manufacturing, product handling, production, and distribution or to control infrastructure assets.Related Term(s): Supervisory Control and Data Acquisition, Operations Technology
  • "The stage of ML in which a model is applied to a task. For example, a classifier model produces the classification of a test sample."
  • Definition: Any information technology, equipment, or interconnected system or subsystem of equipment that processes, transmits, receives, or interchanges data or information.Related Term(s): information technology
  • Definition: The measures that protect and defend information and information systems by ensuring their availability, integrity, and confidentiality.Related Term(s): information security
  • Definition: In the NICE Framework, cybersecurity work where a person: Oversees, evaluates, and supports the documentation, validation, and accreditation processes necessary to assure that new IT systems meet the organization's information assurance and security requirements; ensures(...)
  • "One of the three components of a model. This component delivers assumptions and data to the model."
  • "preservation of confidentiality, integrity and availability of information; in addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be involved."
  • Definition: An aggregate of directives, regulations, rules, and practices that prescribe how an organization manages, protects, and distributes information.Related Term(s): security policy
  • Definition: An exchange of data, information, and/or knowledge to manage risks or respond to incidents.
  • Definition: The ability of an information system to: 1) continue to operate under adverse conditions or stress, even if in a degraded or debilitated state, while maintaining essential operational capabilities; and  2) recover effectively in a timely manner.Related Term(s): resilience
  • Definition: In the NICE Framework, cybersecurity work where a person: Oversees the information assurance program of an information system in or outside the network environment; may include procurement duties (e.g., Information Systems Security Officer).
  • Definition: Any equipment or interconnected system or subsystem of equipment that processes, transmits, receives, or interchanges data or information.Related Term(s): information and communication(s) technology
  • "Data received from an external source"
  • "Those who are within [an] organisation may have authorised access to vast amounts of sensitive company records that are essential for maintaining competitiveness and market position, and knowledge of information services and procedures that are crucial for daily operations. . . .[and] should(...)
  • Definition: One or more individuals with the access and/or inside knowledge of a company, organization, or enterprise that would allow them to exploit the vulnerabilities of that entity's security, systems, services, products, or facilities with the intent to cause harm.Related Term: outsider(...)
  • "Discrete, bounded thing with an intrinsic, immutable, and unique identity. Individual occurrence of a type"
  • "A numerical value that multiplies the contribution of a data point in a model."
  • Instant Messaging is a form of electronic communication which involves immediate correspondence between two or more users who are all online simultaneously. 
  • Definition: The structured approach that enables an enterprise or organization to share risk information and risk analysis and to synchronize independent yet complementary risk management strategies to unify efforts across the enterprise.Related Term(s): risk management, enterprise risk management
  • Definition: The property whereby information, an information system, or a component of a system has not been modified or destroyed in an unauthorized manner.Related Term(s): availability, confidentiality, data integrity, system integrity
  • "A preconfigured software instance that combines business rules, experience- based context determination logic, and decision criteria to initiate and execute multiple interrelated human and automated processes in a dynamic context. The goal is to complete the execution of a combination of(...)
  • Definition: A state of mind or desire to achieve an objective.Related Term(s): capability
  • "Action that takes place with the participation of the environment of the object."
  • "The ability of your research design to adequately test your hypotheses"
  • The interconnecting global public network made by connecting smaller shared public networks. The most well-known Internet is the Internet, the worldwide network of networks which use the TCP/IP protocol to facilitate information exchange. 
  • Definition: The ability of two or more systems or components to exchange information and to use the information that has been exchanged.
  • "The ability to understand the value and accuracy of system output. Interpretability refers to the extent to which a cause and effect can be observed within �a system or to which what is going to happen given a change in input or algorithmic parameters can be predicted."
  • "An interpretable machine learning model obeys a domain-specific set of constraints to allow it (or its predictions, or the data) to be more easily understood by humans. These constraints can differ dramatically depending on the domain."
  • "the property that intervention is possible concerning all ongoing or planned privacy relevant data processing[; ...] the data subjects themselves should be able to intervene with regards to the processing of their own data ... [to ensure] that data subjects have the ability to control how(...)
  • A network of interconnecting smaller private networks that are isolated from the public Internet. 
  • Definition: An unauthorized act of bypassing the security mechanisms of a network or information system.Synonym(s): penetration
  • Definition: The process and methods for analyzing information from networks and information systems to determine if a security breach or security violation has occurred.
  • Definition: a NICE Framework category consisting of specialty areas responsible for the investigation of cyber events and/or crimes of IT systems, networks, and digital evidence
  • Definition: A systematic and formal inquiry into a qualified threat or incident using digital forensics and perhaps other traditional criminal inquiry techniques to determine the events that transpired and to collect evidence.
  • A string of four numbers separated by periods used to represent a computer on the Internet. 
  • Usually refers to the people who make computers and computer systems run. 
  • A business that delivers access to the Internet.
  • An image compression standard for photographs. 
  • Definition: The numerical value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification. Related Term(s): private key, public key, secret key, symmetric key
  • Definition: Two mathematically related keys having the property that one key can be used to encrypt a message that can only be decrypted using the other key.Related Term(s): private key, public key
  • Definition: A publicly or privately controlled asset necessary to sustain continuity of government and/or economic operations, or an asset that is of great historical significance.Related Term(s): critical infrastructure
  • Definition: Software or hardware that tracks keystrokes and keyboard events, usually surreptitiously / secretly, to monitor actions by the user of an information system.Related Term(s): spyware
  • A search for documents containing one or more words that are specified by a user. 
  • "a form of safety mechanism used to completely shut off a device in case of an emergency situation where it cannot be shut off using the normal process or if immediate shut off is required."
  • One thousand bytes of data is 1K of data.
  • "The sum of all information derived from diagnostic, descriptive, predictive, and prescriptive analytics embedded in or available to or from a cognitive computing system."
  • Definition: In the NICE Framework, cybersecurity work where a person: Manages and administers processes and tools that enable the organization to identify, document, and access intellectual capital and information content.
  • "A value corresponding to an outcome."
  • "Under label shift, the label distribution p(y) might change but the class-conditional distributions p(x|y) do not. ... We work with the label shift assumption, i.e., ps(x|y) = pt(x|y)"
  • Usually refers to a network of computers in a single building or other discrete location.
  • "A language model is an approximative description that captures patterns and regularities present in natural language and is used for making assumptions on previously unseen language fragments."
  • "a class of language models that use deep-learning algorithms and are trained on extremely large textual datasets that can be multiple terabytes in size. LLMs can be classed into two types: generative or discriminatory. Generative LLMs are models that output text, such as the answer to a(...)
  • "A procedure in artificial intelligence by which an artificial intelligence program improves its performance by gaining knowledge."
  • "The principle that a security architecture should be designed so that each entity is granted the minimum system resources and authorizations that the entity needs to perform its function."
  • Legacy Data is information in the development of which an organization may have invested significant resources and which has retained its importance, but which has been created or stored by the use of software and/or hardware that has been rendered outmoded or obsolete.
  • Definition: In the NICE Framework, cybersecurity work where a person: Provides legally sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain; advocates legal and policy changes and makes a case on behalf of client via a(...)
  • A legal hold is a communication issued as a result of current or anticipated litigation, audit, government investigation or other such matter that suspends the normal disposition or processing of records. The specific communication to business or IT organizations may also be called a “hold,”(...)
  • "the process of grouping together the different inflected forms of a word so they can be analyzed as a single item."
  • "[a supervised learning algorithm that uses] a simple formula to find a best-fit line through a set of data points."
  • "Mainly focus on explanation of individual data instances. Generates one explanation map g per data x in X."
  • "Creation of a national or specific regional version of a product."
  • "(logistic equation) The continuous version of the logistic model is described by the differential equation (dN)/(dt)=(rN(K-N))/K, (1) where r is the Malthusian parameter (rate of maximum population growth) and K is the so-called carrying capacity (i.e., the maximum sustainable population).(...)
  • "A general approach for determining models from data."
  • Definition: A field concerned with designing and developing artificial intelligence algorithms for automated knowledge discovery and innovation by information systems.
  • "Machine detection and interpretation of relevant and meaningful events and conditions that impact operation of the computer system itself or other dependent mechanisms or processes essential to the purpose of the system."
  • Definition: A type of malicious code that attaches itself to documents and uses the macro programming capabilities of the document’s application to execute, replicate, and spread or propagate itself.Related Term(s): virus
  • A computer network design where large (main frame) computers maintain and process data and send information to users' terminals. In a classic mainframe set up, no processing occurs at the desktop, which is merely a means of viewing information contained in and processed on the main frame(...)
  • "See bad actor."
  • Definition: A small application program that is automatically downloaded and executed and that performs an unauthorized function on an information system.Related Term(s): malicious code
  • Definition: Program code intended to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system. Extended Definition: Includes software, firmware, and scripts.Related Term(s): malicious logic
  • Definition: Hardware, firmware, or software that is intentionally included or inserted in a system to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system.Related Term(s): malicious code
  • Definition: Software that compromises the operation of a system by performing an unauthorized function or process.Synonym(s): malicious code, malicious applet, malicious logic
  • "Refers to the significance of a matter in relation to a set of financial or performance information. If a matter is material to the set of information, then it is likely to be of significance to a user of that information"
  • "presum[ing] that (A) quantitative models of reality are always more accurate than other models; (B) the quantitative measurements that can be made most easily must be the most relevant; and (C) factors other than those currently being used in quantitative metrics must either not exist or not(...)
  • "ability to assess an attribute of an entity against a metric (note 1: "measurable" is the adjective form of "measurability")"
  • "(Quantitative) (1) act or process of assigning a number or category to an entity to describe an attribute of that entity; (2) assignment of numbers to objects in a systematic way to represent properties of the object; (3) use of a metric to assign a value (e.g., a number or category) from a(...)
  • "generic description of a logical organization of operations used in a measurement"
  • "The initial confirmatory factory analysis (CFA) model that underlies the structural model [that] tests the adequacy (as indexed by model fit) of the specified relations whereby indicators are linked to their underlying construct."
  • A million bytes of data is a megabyte, or simply a meg. 
  • "given a machine learning model and a record, determining whether the record was used as part of the model's training dataset or not."
  • Memory cards, sometimes referred to as Flash Memory Cards, are removable solid-state storage devices employing flash memory technology. Some popular types of flash memory cards for use in digital cameras are: CompactFlash (CF), SmartMedia (SM), Memory Stick (MS), MultiMediaCard (MMC) Secure(...)
  • Metadata is information about a particular data set which may describe, for example, how, when, and by whom it was received, created, accessed, and/or modified and how it is formatted. Some metadata, such as file dates and sizes, can easily be seen by users; other metadata can be hidden or(...)
  • "defined measurement method and measurement scale"
  • Migrated Data is information that has been moved from one database or format to another, usually as a result of a change from one hardware or software technology to another. 
  • "(Part of the ICO framework for auditing AI) AI systems generally require large amounts of data. However, organisations must comply with the minimisation principle under data protection law if using personal data. This means ensuring that any personal data is adequate, relevant and limited to(...)
  • Used in computer forensic investigations and some electronic discovery investigations, a mirror image is a bit-by-bit copy of a computer hard drive that ensures the operating system is not altered during the forensic examination. May also be referred to as “disc mirroring,” or as a “forensic(...)
  • Management information systems.
  • Definition: The application of one or more measures to reduce the likelihood of an unwanted occurrence and/or lessen its consequences.
  • "In mixed methods, the researcher collects and analyzes both qualitative and quantitative data rigorously in response to research questions and hypotheses; integrates the two forms of data and their results; organizes these procedures into specific research designs that provide the logic and(...)
  • "MLOps (machine learning operations) stands for the collection of techniques and tools for the deployment of ML models in production."
  • "A function that takes features as input and predicts labels as output."
  • "Model assertions are arbitrary functions over a model’s input and output that indicate when errors may be occurring"
  • "short documents accompanying trained machine learning models that provide benchmarked evaluation in a variety of conditions, such as across different cultural, demographic, or phenotypic groups (e.g., race, geographic location, sex, Fitzpatrick skin type) and intersectional groups (e.g., age(...)
  • "Model debugging aims to diagnose a model’s failures."
  • "Model decay depicts that the performance of the model is degrading over time"
  • "An area of research that aims to enable fast, data-efficient updates to a pre-trained base model’s behavior for only a small region of the domain, without damaging model performance on other inputs of interest"
  • "Adversaries maliciously exploiting the query interface to steal the model. More precisely, in a model extraction attack, a good approximation of a sensitive or proprietary model held by the server is extracted (i.e. learned) by a dishonest user who interacts with the server only via the query(...)
  • "Model Governance is the name for the overall internal framework of a firm or organization that controls the processes for Model Development, Model Validation and Model Usage, assign responsibilities and roles etc."
  • "in the context of Risk Management, [...] a database/[management information system] developed for the purpose of aggregating quantitative model related information that is in use by a firm or organization."
  • "Judgmental or qualitative adjustments to model inputs or outputs to compensate for model, data, or other known limitations. A model overlay is a type of override."
  • "model risk management encompasses governance and control mechanisms such as board and senior management oversight, policies and procedures, controls and compliance, and an appropriate incentive and organizational structure"
  • "A group of models that work together."
  • "the phase in the data science development lifecycle where practitioners try to fit the best combination of weights and bias to a machine learning algorithm to minimize a loss function over the prediction range"
  • "the set of processes and activities intended to verify that models are performing as expected."
  • A piece of hardware that lets a computer talk to another computer over a phone line. 
  • "Examination of the status of the activities of a supplier and of their results by the acquirer or a third party."
  • "The capacity for moral action, reasoning, judgment, and decision making, as opposed to merely having moral consequences."
  • "The moral standing of an entity in the sense of how that entity should be treated."
  • The process of making off-line data available for on-line processing. For example, placing a magnetic tape in a drive and setting up the software to recognize or read that tape. The terms “load” and “loading” are often used in conjunction with, or synonymously with, “mount” and “mounting” (as(...)
  • Definition: The presentation of a dynamic attack surface, increasing an adversary's work factor necessary to probe, attack, or maintain presence in a cyber target.
  • "The naive Bayes classifier is a Bayesian learning method that has been found to be useful in many practical applications. It is called "naive" because it incorporates the simplifying assumption that attribute values are conditionally independent, given the classification of the instance. The(...)
  • Electronic documents have an associated file structure defined by the original creating application. This file structure is referred to as the “native format” of the document. Because viewing or searching documents in the native format may require the original application (i.e., viewing a(...)
  • "A computer's attempt to “understand” spoken or written language. It must parse vocabulary, grammar, and intent, and allow for variation in language use. The process often involves machine learning."
  • Document nesting occurs when one document is inserted within another document (i.e., an attachment is nested within an email; graphics files are nested within a Microsoft Word document).
  • Definition: The ability of a network to: (1) provide continuous operation (i.e., highly resistant to disruption and able to operate in a degraded mode if damaged); (2) recover effectively if failure does occur; and (3) scale to meet rapid or unpredictable demands.
  • Definition: In the NICE Framework, cybersecurity work where a person: Installs, configures, tests, operates, maintains, and manages networks and their firewalls, including hardware (e.g., hubs, bridges, switches, multiplexers, routers, cables, proxy servers, and protective distributor(...)
  • The hardware and software combinations that allow the exchange of data and sharing of resources. Two common ways PCs are networked are peer-to- peer and client-server.
  • "Neural networks Also known as artificial neural network, neural net, deep neural net; a computer system inspired by living brains."
  • Definition: NIST Special Publication 800-181 revision 1, the Workforce Framework for Cybersecurity (NICE Framework), provides a set of building blocks for describing the tasks, knowledge, and skills that are needed to perform cybersecurity work performed by individuals and teams.
  • Any device connected to network. PCs, servers, and printers are all nodes on the network. Non-Printing Information The non-printing information carried by most data files is another excellent source of information. A common example is the date and time stamp an OS may put on a file. Some(...)
  • Definition: Provides the capability to determine whether a given individual took a particular action such as creating information, sending a message, approving information, and receiving a message.Related Term(s): integrity, authenticity
  • "the practice of treating people, companies, countries, etc. in the same way as others in order to be fair:"
  • "The intended flow of a process originating from a start event, continuing through all defined activities, and concluding successfully to its defined end event."
  • "Conceptual procedure in database design that removes redundancy in a complex database by establishing dependencies and relationships between database entities. Normalization reduces storage requirements and avoids database inconsistencies."
  • Definition: A passive information system-related entity containing or receiving information.Related Term(s): subject, access, access control
  • "data supporting the existence or verity of something (note: can be obtained through observation, measurement, test, or other means)."
  • "a piece of information received online from users, sensors, or other knowledge sources"
  • Optical character recognition is a technology which takes data from a paper document and turns it editable text data. The document is first scanned. Then OCR software searches the document for letters, numbers, and other characters.
  • "[when] data published for one task are used for another[; ...] off-label usage could lead to biased, overly optimistic results of machine-learning algorithms. The underlying cause is that public data are processed with hidden processing pipelines that alter the data features."
  • The storage of electronic data outside the network in daily use (i.e., on backup tapes) that is only accessible through the off-line storage system, not the network. 
  • Not connected (to a network). 
  • "implies ... a static dataset that [one] know[s] from the start and the parameters of [one's] machine learning algorithm are adjusted to the whole dataset at once often loading the whole dataset into memory or in batches."
  • The storage of electronic data as fully accessible information in daily use on the network or elsewhere. 
  • Connected (to a network).
  • "fitting [one's] model incrementally as the data flows in (streaming data)."
  • "A set of concepts and categories in a subject area or knowledge domain that shows their properties and the relationships among them to enable interoperability among disparate elements and systems and specify interfaces to independent, knowledge-based services for the purpose of enabling(...)
  • "[to receive] the output of [an] algorithm (the classification decision) [and to not] have any concrete sense of how or why a particular classification has been arrived at from inputs."
  • Definition: A NICE Framework category consisting of specialty areas responsible for providing the support, administration, and maintenance necessary to ensure effective and efficient IT system performance and security.
  • System software that controls the workings of the computer (e.g., Windows, Unix, Linux). The OS handles essential, but often invisible, tasks such as maintaining files. 
  • Definition: An action-based exercise where personnel rehearse reactions to an incident scenario, drawing on their understanding of plans and procedures, roles, and responsibilities.
  • "Putting AI systems or related concepts into use so they can be measured."
  • Definition: The hardware and software systems used to operate industrial control devices.Related Term(s): Industrial Control System
  • "A role assumed by the person performing remote control or teleoperation, semi-autonomous operations, or other human-in-the-loop types of operations"
  • "an individual makes an active affirmative indication of choice via a user interface signaling a desire to share their information with third parties."
  • "an individual makes an active affirmative indication of choice via a user interface signaling a desire not to share their information with third parties."
  • Physical items and those data objects, which are associated with thoseitems at the time of seizure.
  • "something that follows as a result or consequence"
  • "An outlier is a data point that is far from other points."
  • "Data transmitted to an external destination"
  • Definition: A person or group of persons external to an organization who are not authorized to access its assets and pose a potential risk to the organization and its assets.Related Term(s): inside( r) threat
  • "In statistics and machine learning, overfitting occurs when a model tries to predict a trend in data that is too noisy. Overfitting is the result of an overly complex model with too many parameters. A model that is overfitted is inaccurate because the trend does not reflect the reality of the(...)
  • Definition: A NICE Framework category consisting of specialty areas providing leadership, management, direction, and/or development and advocacy so that all individuals and the organization may effectively conduct cybersecurity work.
  • "a folder with all the code and metadata needed to train and serve a machine learning model."
  • Paper discovery refers to the discovery of writings on paper that can be read without the aid of some devices. 
  • "A learning model that summarizes data with a set of parameters of fixed size (independent of the number of training examples)"
  • Parent-child relationships is a term used in e-discovery to describe a chain of documents that stems from a single e-mail or storage folder. These types of relationships are primarily encountered when a party is faced with a discovery request for e-mail. A “child” (i.e., an attachment) is(...)
  • "A process that may contain one or more sub-processes, activities, and tasks."
  • "Bit(s) used to determine whether a block of data has been altered. Rationale: Term has been replaced by the term “parity bit”."
  • "A computer system, data, input, business rule, human intervention, and other contributor to the flow of a process."
  • "engag[ing] multiple stakeholders in deliberative processes in order to achieve consensus."
  • Definition: An actual assault perpetrated by an intentional threat source that attempts to learn or make use of information from a system, but does not attempt to alter the system, its resources, its data, or its operations.Related Term(s): active attack
  • "A passive learning agent has a fixed policy that determines its behavior. An active learning agent gets to decide what actions to take."
  • Definition: A string of characters (letters, numbers, and other symbols) used to authenticate an identity or to verify access authorization.
  • Personal computer.
  • Handheld digital organizers.
  • An Adobe technology for formatting documents so that they can be viewed and printed using the Adobe Acrobat reader.  Peer-to-peer networks physically connect each computer in the network to every other computer in the network. Files are stored on the hard drives of the individual PCs with(...)
  • Definition: A colloquial term for penetration test or penetration testing.Synonym(s): penetration testing
  • Definition: An evaluation methodology whereby assessors search for vulnerabilities and attempt to circumvent the security features of a network and/or information system.
  • "‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location(...)
  • Definition: The information that permits the identity of an individual to be directly or indirectly inferred.
  • A petabyte is a measure of computer data storage capacity and is one thousand million million (1,000,000,000,000,000) bytes. 
  • Definition: A digital form of social engineering to deceive individuals into providing sensitive information.
  • Definition: Unencrypted information.Related Term(s): ciphertext
  • The least formatted and therefore most portable form of text for computerized documents. 
  • A pointer is an index entry in the directory of a disk (or other storage medium) that identifies the space on the disc in which an electronic document or piece of electronic data resides, thereby preventing that space from being overwritten by other data. In most cases, when an electronic(...)
  • "The general principles by which a government is guided in its management of public affairs, or the legislature in its measures. This term, as applied to a law, ordinance, or rule of law, denotes its general purpose or tendency considered as directed to the POLICY"
  • "Awareness and discussion of ones’ social and institutional position with regards to research, particularly of power imbalances, and limitations the researcher may have because of differences in lived experience."
  • "also known as the reverse engineering approach[;] tries to reconstruct explanations for decisions made by a black-box[;] . . . can be further divided into global and local methods. Global explanations concern understanding the overall logic and behavior of a black-box model, while local(...)
  • "Typically performed with the help of a holdout dataset (data not used in the training of the model). Here, the learned model is treated as a black box and its predictions are altered by a function during the post-processing phase. The function is deduced from the performance of the black box(...)
  • "A bias mitigation algorithm that is applied to predicted labels."
  • "speaks to the magnitude of the relationship [between two variables] and whether or not that magnitude is important."
  • "A bias mitigation algorithm that is applied to training data."
  • "A metric for classification models. Precision identifies the frequency with which a model was correct when classifying the positive class."
  • Definition: An observable occurrence or sign that an attacker may be preparing to cause an incident.Related Term(s): indicator
  • "Forecasting quantitative or qualitative outputs through function approximation, applied on input data or measurements."
  • "The organization of analyses of structured and unstructured data for inference and correlation that provides a useful predictive capability to new circumstances or data."
  • "Insights, reporting, and information answering the question, "What is likely to happen?" Predictive analytics support high confidence foretelling of future event(s)."
  • Definition: The activities to build, sustain, and improve readiness capabilities to prevent, protect against, respond to, and recover from natural or manmade incidents.
  • "Transforming the data so that the underlying discrimination is mitigated. This method can be used if a modeling pipeline is allowed to modify the training data."
  • "Insights, reporting, and information answering the question, “What should I do about it?" Prescriptive analytics determines information that provides high confidence actions necessary to recover from an event or fulfill a need."
  • See Legal Hold. 
  •  Prima Facie evidence that is sufficient to raise a presumption of fact or to establish the fact in question unless rebutted. 
  • Definition: The ability of individuals to understand and exercise control over how information about themselves may be used by others.
  • "Embedding privacy measures and privacy enhancing technologies directly into the design of information technologies and systems."
  • "A coherent system of ICT (Information and Communications Technology) measures that protects privacy by eliminating or reducing personal data or by preventing unnecessary and/or undesired processing of personal data, all without losing the functionality of the information system."
  • Definition: A cryptographic key that must be kept confidential and is used to enable the operation of an asymmetric (public key) cryptographic algorithm. Related Term(s): public key, asymmetric cryptography
  • A network that is connected to the Internet but is isolated from the Internet.
  • "A value of a protected attribute indicating a group that has historically been at systematic advantage."
  •  Evidence that is sufficiently useful to prove something important in a trial. However, probative value of proposed evidence must be weighed by the trial judge against prejudicing in the minds of jurors toward the opposing party or criminal defendant. 
  • "Information item that presents an ordered series of steps to perform a process, activity, or task."
  • "A sequence or flow of activities in an organization with the objective of carrying out work, which may include a set of activities, events, tasks, and decisions in a sequenced flow that adhere to finite execution semantics. Process levels will generally follow structure at the capability(...)
  • "The defined representation of the overall progression of how a process is intended to be performed, including all exceptions."
  • "‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by(...)
  • "the combination of software and hardware on which the Application runs."
  • "‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller."
  • "a specialized product management professional whose job is to manage the planning, development, launch, and success of products/solutions powered by AI, machine learning, and deep learning technologies."
  • "[person who is] focused on providing direction and prioritization for the cross-functional AI team, ensuring everyone remains focused on the overall vision and road map. This role is responsible for unifying individuals with diverse skills and backgrounds toward a common goal."
  • "how fast a product can be delivered to the market"
  • "[turning the best performing model] into an actual "data product," ready to be used in live services."
  • "‘Profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation,(...)
  • Definition: A NICE Framework category consisting of specialty areas responsible for the identification, analysis, and mitigation of threats to internal IT systems or networks.
  • "An attribute that partitions a population into groups whose outcomes should have parity. Examples include race, gender, caste, and religion. Protected attributes are not universal, but are application specific."
  • "[a feature] that may not be used as the basis for decisions [and] could be chosen because of legal mandates or because of organizational values. Some common protected [classes] include race, religion, national origin, gender, marital status, age, and socioeconomic status."
  • "A prototype is an original model constructed to include all the technical characteristics and performances of the new product."
  • "The granting of access rights and executional privilege to an agent (human or machine) within an application(s) or system(s)."
  • "A variable that can stand in for another, usually not directly observable or measurable, variable."
  • "a particularly pernicious subset of disparate impact. Like all forms of disparate impact, it involves a facially neutral practice that disproportionately harms members of a protected class. But a practice producing a disparate impact only amounts to proxy discrimination when a second(...)
  • "‘Pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and(...)
  • "a system of theories, assumptions, and methods erroneously regarded as scientific"
  • The place where Outlook stores its data (when Outlook is used without Microsoft® Exchange Server). A PST file is created when a mail account is set up. Additional PST files can be created for backing up and archiving Outlook folders, messages, forms and files. The file extension given to PST(...)
  • Definition: A cryptographic key that may be widely published and is used to enable the operation of an asymmetric (public key) cryptographic algorithm. Extended Definition: The public part of an asymmetric key pair that is uniquely associated with an entity and that may be made(...)
  • Definition: A branch of cryptography in which a cryptographic system or algorithms use two uniquely linked keys: a public key and a private key (a key pair).Synonym(s): asymmetric cryptography, public key encryption
  • Synonym(s): public key cryptography
  • Definition: A framework consisting of standards and services to enable secure, encrypted communication and authentication over potentially insecure networks such as the Internet.
  • A network that is part of the public Internet. 
  • "The totality of features and characteristics of a product or service that bear on its ability to satisfy stated or implied needs."
  • To search or ask. In the context of online computing, this often refers to the process of requesting information in a search engine, index directory, or database. 
  • "A socio-political process by which groups are ascribed a racial identity, whether or not members of the group self-identify as such"
  • Random Access Memory is the short-term memory that provides working space into which application programs can be loaded and executed and for the computer to work with data within. Information stored in RAM typically is lost when the device is turned off. 
  • "a type of machine learning that sorts data in a relevant order[; often used by companies] to optimize search and recommendations."
  • Evidence afforded by the production of physical objects for inspection or other examination by the court. 
  • "Response functions created by linear regression algorithms are probably the most popular, accountable, and transparent class of machine learning models. These models will be referred to here as linear and monotonic. They are transparent because changing any given input feature (or sometimes a(...)
  • "A metric for classification models; identifies the frequency with which a model correctly classifies the true positive items."
  • "the automatic discovery of regularities in data through the use of computer algorithms and with the use of these regularities to take actions such as classifying the data into different categories."
  • "A software tool and techniques that provide suggestion based on the customer's taste to discover new appropriate thing for them by filtering personalized information based on the user's preferences from a large volume of information"
  • Information, regardless of medium or format that has value to an organization. Collectively the term is used to describe both documents and electronically stored information.
  • A records custodian is an individual responsible for the physical storage and protection of records throughout their retention period. In the context of electronic records, custodianship may not be a direct part of the records management function in all organizations. 
  • The time period from when a record is created until it is disposed. 
  •  See Legal Hold.
  •  Records Management is the planning, controlling, directing, organizing, training, promoting and other managerial activities involving the lifecycle of information, including creation, Records Retention Period, Retention Period: The length of time a given records series must be kept,(...)
  • A plan for the management of records, listing types of records and how long they should be kept; the purpose is to provide continuing authority to dispose of or transfer records to historical archives. 
  • Definition: The activities after an incident or event to restore essential services and operations in the short and medium term and fully restore all capabilities in the longer term.
  • "An individual’s right to have personal data about them corrected or amended by a business or other organization if it is inaccurate."
  • "the creation and maintenance of technology practices that further entrench discriminatory practices against already marginalized groups."
  • Definition: A group authorized and organized to emulate a potential adversary’s attack or exploitation capabilities against an enterprise’s cybersecurity posture. Related Term(s): Blue Team, White Team
  • "A group of people authorized and organized to emulate a potential adversary’s attack or exploitation capabilities against an enterprise’s security posture. The Red Team’s objective is to improve enterprise cybersecurity by demonstrating the impacts of successful attacks and by demonstrating(...)
  • Definition: An exercise, reflecting real-world conditions, that is conducted as a simulated attempt by an adversary to attack or exploit vulnerabilities in an enterprise's information systems.Related Term(s): cyber exercise
  • Definition: Additional or alternative systems, sub-systems, assets, or processes that maintain a degree of overall functionality in case of loss or failure of another system, sub-system, asset, or process.
  • "A class which is intended to describe structure and behavior of object identifiers. Its instances, called references, are passed by-value and indirectly represent objects by substituting for some primitive reference."
  • "A form of critical thinking that prompts us to consider the ‘whys’ and ‘hows’ of research, critically questioning the utility, ethics, and value of what, whom, and how we study"
  • "Regression is a process of predicting the value to a yes or no label provided it falls on a continuous spectrum of input values, subcategory of supervised learning."
  • "A type of machine learning in which the algorithm learns by acting toward an abstract goal, such as “earn a high video game score” or “manage a factory efficiently.” During training, each effort is evaluated based on its contribution toward the goal."
  • "Reliability refers to the closeness of the initial estimated value(s) to the subsequent estimated values."
  • "The process of treating data by cleaning, organizing, and migrating it to a safe and secure environment for optimized usage is called data remediation. Generally [understood] as a process involving deleting unnecessary or unused data. However, the actual process . . . is very detailed and(...)
  • Digital media such as floppy disks, CDs, DVDs, cartridges, tapes or removable media cards (small-sized data storage media typically found in cameras, PDAs or music players) that store data and can be easily removed. 
  • Repository for Electronic Records is a direct access device on which the electronic records and associated metadata are stored. Sometimes called a “records store,” “online repository” or “records archive.”
  • ""
  • "Closeness of the agreement between the results of measurements of the same measurand carried out under changed conditions of measurement."
  • "something essential to the existence or occurrence of something else : CONDITION"
  • "Residuals are differences between the one-step-predicted output from the model and the measured output from the validation data set. Thus, residuals represent the portion of the validation data not explained by the model."
  • "a powerful [statistical] tool to detect the problems associated with the violation of the ANOVA [analysis of variance] assumptions."
  • Also called "recoverable files." Residual Data (sometimes referred to as “Ambient Data”) refers to data that is not active on a computer system. Residual data includes (1) data found on media free space; (2) data found in file slack space; and (3) data within files that has functionally been(...)
  • Definition: The ability to adapt to changing conditions and prepare for, withstand, and rapidly recover from disruption.
  • Definition: The activities that address the short-term, direct effects of an incident and may also support short-term recovery.Related Term(s): recovery
  • "An AI system that aligns development and behavior to goals and values. This includes developing and fielding AI technology in a manner that is consistent with democratic values."
  • To transfer data from a backup medium (such as tapes) to an on-line system, often for the purpose of recovery from a problem, failure, or disaster. Restoration of archival media is the transfer of data from an archival store to an on-line system for the purposes of processing (such as query,(...)
  • "The consequential outcome of completing a process."
  • "refers to the amount of information that is stored long-term, and can be measured in volume (the size of the total collected logs in bytes) and time (the number of months or years that logs are stored for)."
  • Definition: The potential for an unwanted or adverse outcome resulting from an incident, event, or occurrence, as determined by the likelihood that a particular threat will exploit a particular vulnerability, with the associated consequences.
  • Definition: The systematic examination of the components and characteristics of risk.Related Term(s): risk assessment, risk
  • Definition: The product or process which collects information and assigns values to risks for the purpose of informing priorities, developing or comparing courses of action, and informing decision making.Related Term(s): risk analysis, risk
  • Definition: A structured approach to managing risks to data and information by which an organization selects and applies appropriate security controls in compliance with policy and commensurate with the sensitivity and value of the data.
  • "mechanisms at the design, implementation, and evaluation stages [that can be taken] into consideration when developing responsible AI for organizations that includes security risks (cyber intrusion risks, privacy risks, and open source software risk), economic risks (e.g., job displacement(...)
  • Definition: The process of identifying, analyzing, assessing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken. Includes: 1) conducting a risk assessment; 2) implementing(...)
  • "when evaluating the desired level of explainability[, h]igh-risk models are worthy of deeper consideration: models with an elevated level of risk and/or models which are related to decisions about individuals (especially decisions which can be impactful), to privacy, to potential(...)
  • "Risk tolerance refers to the organization’s or AI actor’s ... readiness to bear the risk in order to achieve its objectives. Risk tolerance can be influenced by legal or regulatory requirements."
  • "The computer application that makes available to a human operator a suite of predefined activity choreography to complete the execution of processes, activities, transactions, and tasks in one or more unrelated software systems to deliver a result or service in the course of human-initiated(...)
  • "A preconfigured software instance that uses business rules and predefined activity choreography to complete the autonomous execution of a combination of processes, activities, transactions, and tasks in one or more unrelated software systems to deliver a result or service with human exception(...)
  • "An AI system that is resilient in real-world settings, such as an object-recognition application that is robust to significant changes in lighting. The phrase also refers to resilience when it comes to adversarial attacks on AI components."
  • "ability of a system to maintain its level of performance under a variety of circumstances"
  • "of an estimator of a parameter[; ...] the square-root of the mean squared error (MSE) of the estimator. In symbols, if X is an estimator of the parameter t, then RMSE(X) = ( E( (X−t)2 ) )½. The RMSE of an estimator is a measure of the expected error of the estimator. The units of RMSE are the(...)
  • Definition: A set of software tools with administrator-level access privileges installed on an information system and designed to hide the presence of the tools, maintain the access privileges, and conceal the activities conducted by the tools.
  • "the transformation of a number expressed in a particular base to a number with fewer digits."
  • A piece of hardware that routes data from a local area network (LAN) to a phone line. 
  • "describes a single entity or observation and the columns describe properties about that entity or observation. The more rows you have, the more examples from the problem domain that you have."
  • "property of a system such that it does not, under defined conditions, lead to a state in which human life, health, property, or the environment is endangered; [safety involves reducing both the probability of expected harms and the possibility of unexpected harms]."
  • Sampling usually (but not always) refers to the process of statistically testing a data set for the likelihood of relevant information. It can be a useful technique in addressing a number of issues relating to litigation, including decisions as to which repositories of data should be(...)
  •  A network or series of networks that are not connected to other networks. 
  • "The ability to increase or decrease the computational resources required to execute a varying volume of tasks, processes, or services."
  • Scanning is the process of converting a hard copy paper document into a digital image for use in a computer system. After a document has been scanned, it can be reviewed using field and full-text searching, instant document retrieval, and a complete range of electronic document review options. 
  • "A continuous value output from a classifier. Applying a threshold to a score results in a predicted label."
  • "Screen-out discrimination occurs when “a disability prevents a job applicant or employee from meeting—or lowers their performance on—a selection criterion, and the applicant or employee loses a job opportunity as a result.”"
  • Definition: A cryptographic key that is used for both encryption and decryption, enabling the operation of a symmetric key cryptography scheme. Extended Definition: Also, a cryptographic algorithm that uses a single key (i.e., a secret key) for both encryption of plaintext and decryption(...)
  • Definition: A NICE Framework category consisting of specialty areas concerned with conceptualizing, designing, and building secure IT systems, with responsibility for some aspect of the systems' development.
  • "resistance to intentional, unauthorized act(s) designed to cause harm or damage to a system"
  • Definition: The use of information technology in place of manual processes for cyber incident response and management.
  • Definition: A rule or set of rules that govern the acceptable use of an organization's information and services to a level of acceptable risk and the means for protecting the organization's information assets.
  • Definition: In the NICE Framework, cybersecurity work where a person: Manages information security (e.g., information security) implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, policy enforcement,(...)
  • "The process of identifying homogeneous subgroups within a data table."
  • "Decision-makers are more likely to follow advice (human or algorithmic-based) that matches stereotypical views of the decision subjects."
  • "A computing platform imbued with sufficient knowledge and analytic capability to make useful conclusions about its inputs, its own processing, and the use of its output so that it is capable of self- judgment and improvement consistent with its purpose."
  • "Ability of a system to adequately take measurement information from sensors, validate the data, and communicate the processes and results to other devices"
  • "A computing system able to perceive that it is not operating correctly and, without human intervention, make the necessary adjustments to restore itself to normalcy."
  • "A strategic schema or framework of metadata labels applied to all data, data groups, data fields, data types, or data content used to introduce new or raw data into a corpus or data fabric to give machine learning algorithms direction for investigating known or potential relationships between(...)
  • "a specific set of "special categories" that must be treated with extra security[, including] information about: [r]acial or ethnic origin; [p]olitical opinions; [r]eligious or philosophical beliefs; [t]rade union membership; [g]enetic data; [d]ata related to a person's sex life or sexual(...)
  • "A “what-if” type of analysis to determine the sensitivity of the outcomes to changes in parameters. If a small change in a parameter results in relatively large changes in the outcomes, the outcomes are said to be sensitive to that parameter."
  • "The conversion of typically analog or human sensory perception (e.g., vision, speech) to a digital format useful for machine-to-human interaction or machine processing of traditionally analog sensory information [e.g., optical character recognition (OCR)]."
  • Any computer on a network that contains data or applications shared by users of the network on their client PCs. 
  • "A collection of coordinated processes that takes one or more kinds of input, performs a value-added transformation, and creates an output that fulfills the needs of a customer [or shareholder]."
  • "Techniques that separate the process of feature extraction from learning itself."
  • Software distributed free on a trial basis with the understanding that the user will pay if the software is used beyond the trial period. 
  • A sibling is a document that shares a common parent with the document in question (e.g. two attachments that share the same parent email or are sibling documents in the same Zip file). 
  • "a framework for interpreting data from experiments in which accuracy is measured."
  • Definition: A recognizable, distinguishing pattern. Types of signatures: attack signature, digital signature, electronic signature.
  • Definition: In cybersecurity, comprehending the current status and security posture with respect to availability, confidentiality, and integrity of networks, systems, users, and data, as well as projecting future states of these.
  • A form of residual data, slack space is the amount of on-disk file space from the end of the logical record information to the end of the physical disk record. It is unused space in a disk cluster. Slack space can contain information soft-deleted from the record, information from prior(...)
  • Plastic, credit card sized cards with an embedded integrated electronic chip.
  • "Something proposed as a solution to a problem, but which is of little real or practical value; speech or action which is superficially attractive or convincing but of no real substance or effectiveness."
  • "how humans interact with technology within the broader societal context"
  • Coded instructions (programs) that make a computer do useful work. 
  • Definition: The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software functions in the intended manner.
  • Definition: In the NICE Framework, cybersecurity work where a person: Develops and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs following software assurance best practices.
  • "Activity in which a system or component is executed under specified conditions, the results are observed or recorded, and an evaluation is made of some aspect of the system or component."
  • Definition: The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages.
  • "refers to a matrix of numbers that includes many zeros or values that will not significantly impact a calculation."
  • "A document that specifies, in a complete, precise, verifiable manner, the requirements, design, behavior, or other characteristics of a system or component and often the procedures for determining whether these provisions have been satisfied."
  • Spoliation is the destruction of records which may be relevant to ongoing or anticipated litigation, government investigation or audit. Courts differ in their interpretation of the level of intent required before sanctions may be warranted. 
  • Definition: Faking the sending address of a transmission to gain illegal [unauthorized] entry into a secure system.Extended Definition: The deliberate inducement of a user or resource to take incorrect action. Note: Impersonating, masquerading, piggybacking, and mimicking are forms of spoofing.
  • Definition: Software that is secretly or surreptitiously installed into an information system without the knowledge of the system user or owner.Related Term(s): keylogger
  • "Individual or organization having a right, share, claim, or interest in a system or in its possession of characteristics that meet their needs and expectations. An individual, group, or organization who may affect, be affected by, or perceive itself to be affected by a decision, activity, or(...)
  • A personal computer that is not connected to any other computer or network, except possibly through a modem. 
  • "The most widely used measure of dispersion of a frequency distribution introduced by K. Pearson (1893). It is equal to the positive square root of the variance. The standard deviation should not be confused with the root mean square deviation."
  • "An activity, task, or input that describes or defines the beginning of a process."
  • "A systematic tendency for estimates or measurements to be above or below their true values. Statistical biases arise from systematic as opposed to random error. Statistical bias can occur in the absence of prejudice, partiality, or discriminatory intent."
  • "The independence between the protected attribute and the outcome of the decision rule"
  • "When the probability of obtaining a statistic of a given size due strictly to random sampling error, or chance, is less than the selected alpha level [or the probability of a type I error]; also represents a rejection of the null hypothesis."
  • "Numerical data relating to an aggregate of individuals; the science of collecting, analysing and interpreting such data"
  • "Definition 3b (figurative): A preconceived and oversimplified idea of the characteristics which typify a person, situation, etc.; an attitude based on such a preconception. Also, a person who appears to conform closely to the idea of a type."
  • "The adjective “stochastic” implies the presence of a random variable; e.g. stochastic variation is variation in which at least one of the elements is a variate and a stochastic process is one wherein the system incorporates an element of randomness as opposed to a deterministic system."
  • "The successful execution of a service, process, or transaction performed entirely through traditional application platforms with predefined interfaces (i.e., application programming interfaces [APIs])."
  • Definition: In the NICE Framework, cybersecurity work where a person: Applies knowledge of priorities to define an entity.
  • "a fallacious argument which irrelevantly attacks a position that appears similar to, but is actually different from, an opponent's position, and concludes that the opponent's real position has thereby been refuted."
  • "Type of performance efficiency testing conducted to evaluate a test item's behavior under conditions of loading above anticipated or specified capacity requirements, or of resource availability below minimum specified requirements"
  • "AI that is capable of solving almost all tasks that humans can solve"
  • "Data that has a predefined data model or is organized in a predefined way."
  • "A subordinate process that can be included within a parent process. It can be present and/or repeated within other parent processes."
  • Definition: An individual, process, or device causing information to flow among objects or a change to the system state.Related Term(s): object, access, access control
  • "A type of machine learning in which the algorithm compares its outputs with the correct outputs during training. In unsupervised learning, the algorithm merely looks for patterns in a set of data."
  • Definition: A generic name for a computerized system that is capable of gathering and processing data and applying operational controls to geographically dispersed assets over long distances. Related Term(s): Industrial Control System
  • Definition: A system of organizations, people, activities, information and resources, for creating and moving products including product components and/or services from suppliers through to their customers.Related Term(s): supply chain risk management
  • Definition: The process of identifying, analyzing, and assessing supply chain risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken.Related Term(s): supply chain
  • "A supervised machine learning model for data classification and regression analysis. One of the most used classifiers in machine learning. It optimizes the width of the gap between the points of separate categories in feature space."
  • "an outcome of establishing information infrastructures as the basis for administration, prodduction, marketing, entertainment and law enforcement[, involving] garnering personal data for a variety of purposes in a quest for greater efficiency, convenience or safety. Its ethics and politics(...)
  • Definition: A branch of cryptography in which a cryptographic system or algorithms use the same secret key (a shared secret key).
  • Definition: A cryptographic key that is used to perform both the cryptographic operation and its inverse, for example to encrypt plaintext and decrypt ciphertext, or create a message authentication code and to verify the code.Related Term(s): secret key
  • "combination of interacting elements organized to achieve one or more stated purposes"
  • Definition: In the NICE Framework, cybersecurity work where a person: Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability; also manages accounts, firewalls, and patches; responsible for(...)
  • The person in charge of keeping a network working. 
  • Definition: The attribute of an information system when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.Related Term(s): integrity, data integrity
  • "set of systems and system elements that interact to provide a unique capability that none of the constituent systems can accomplish on its own (note: can be necessary to facilitate interaction of the constituent systems in the system of systems)"
  • Usually the largest part of a PC, the system unit is a box that contains the major components including disk drives and the ports for connecting the keyboard, mouse, printer and other devices. 
  • "Systemic biases result from procedures and practices of particular institutions that operate in ways which result in certain social groups being advantaged or favored and others being disadvantaged or devalued. This need not be the result of any conscious prejudice or discrimination but(...)
  • Definition: In the NICE Framework, cybersecurity work where a person: Works on the development phases of the systems development lifecycle.
  • Definition: In the NICE Framework, cybersecurity work where a person: Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions; provides guidance to customers about applicability of information systems to meet business needs.
  • Definition: In the NICE Framework, cybersecurity work where a person: Conducts the integration/testing, operations, and maintenance of systems security.
  • Definition: In the NICE Framework, cybersecurity work where a person: Develops system concepts and works on the capabilities phases of the systems development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into system and security designs and processes.
  • Definition: A discussion-based exercise where personnel meet in a classroom setting or breakout groups and are presented with a scenario to validate the content of plans, procedures, policies, cooperative agreements or other information for managing an incident.
  • Definition: A cyberspace environment that provides a user with confidence in its security, using automated mechanisms to ascertain security conditions and adjust the level of security based on the user's context and in the face of an evolving range of threats.
  • "the process of finding and acquiring skilled human labor for organizational needs and to meet any labor requirement."
  • A long strip of magnetic coated plastic used to record computer data.
  • "a method for solving a problem that an AI algorithm parses its training data to find. Once an algorithm finds its target function, that function can be used to predict results (predictive analysis). The function can then be used to find output data related to inputs for real problems where,(...)
  • Definition: In the NICE Framework, cybersecurity work where a person: Applies current knowledge of one or more regions, countries, non-state entities, and/or technologies.
  • "The performance of a discrete activity with a defined start, stop, and outcome that cannot be broken down to a finer level of detail."
  • "Taxonomy refers to classification according to presumed natural relationships among types and their subtypes."
  • "the practice of slapping a trendy, new label on legacy solutions."
  • "Security controls (i.e., safeguards or countermeasures) for an information system that are primarily implemented and executed by the information system through mechanisms contained in the hardware, software, or firmware components of the system."
  • "See technochauvinism."
  • "The belief that technology is always the solution"
  • Definition: In the NICE Framework, cybersecurity work where a person: Conducts technology assessment and integration processes; provides and supports a prototype capability and/or evaluates its utility.
  • A terabyte is a measure of computer data storage capacity and is one thousand billion (1,000,000,000,000) bytes. 
  • "Technical operation to determine one or more characteristics of or to evaluate the performance of a given product, material, equipment, organism, physical phenomenon, process or service according to a specified procedure."
  • Definition: In the NICE Framework, cybersecurity work where a person: Develops and conducts tests of systems to evaluate compliance with specifications and requirements by applying principles and methods for cost-effective planning, evaluating, verifying, and validating of technical,(...)
  • "A framework for assessing, incorporating methods and metrics to determine that a technology or system satisfactorily meets its design specifications and requirements, and that it is sufficient for its intended use."
  • "an entity that is involved in some way in an interaction that is primarily between two other entities. [Please see note, especially regarding NIST CSRC terms that we might incorporate into this definition.]"
  • Definition: A circumstance or event that has or indicates the potential to exploit vulnerabilities and to adversely impact (create adverse consequences for) organizational operations, organizational assets (including information and information systems), individuals, other organizations, or(...)
  • "See bad actor."
  • Definition: An individual, group, organization, or government that conducts or has the intent to conduct detrimental activities. Related Term(s): adversary, attacker
  • Definition: In the NICE Framework, cybersecurity work where a person: Identifies and assesses the capabilities and activities of cyber criminals or foreign intelligence entities; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities.
  • Definition: The product or process of identifying or evaluating entities, actions, or occurrences, whether natural or man-made, that have or indicate the potential to harm life, information, operations, and/or property.Related Term(s): threat analysis
  • "Most financial institutions follow a three-lines-of-defense model, which separates front line groups, which are generally accountable for business risks (the First Line), from other risk oversight and independent challenge groups (the Second Line) and assurance (the Third Line)"
  • Definition: In access control, data that authenticates the identity of a client or a service and, together with a temporary encryption key (a session key), forms a credential.
  • One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension. 
  • "Ability to trace the history, application or location of an entity by means of recorded identification. ["Chain of custody" is a related term.] Alternatively, traceability is a property of the result of a measurement or the value of a standard whereby it can be related with a stated(...)
  • Definition: A set of designations employing four colors (RED, AMBER, GREEN, and WHITE) used to ensure that sensitive information is shared with the correct audience.
  • "A dataset from which a model is learned."
  • "Enactment of a process represented by a set of coordinated activities carried out by multiple systems and/or participants in accordance with defined relationships. This coordination leads to an intentional, consistent, and verifiable result across all participants."
  • "A technique in machine learning in which an algorithm learns to perform one task, such as recognizing cars, and builds on that knowledge when learning a different but related task, such as recognizing cats."
  • "A procedure that modifies a dataset."
  • A collection of protocols that define the basic workings of the features of the Internet. 
  • " open, comprehensive, accessible, clear and understandable presentation of information; property of a system or process to imply openness and accountability"
  • Definition: A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.
  • A malicious computer program that is disguised as or hidden within another program
  • "outcome where the model correctly predicts the negative class."
  • "an outcome where the model correctly predicts the positive class."
  • "the system status in the mind of human beings based on their perception of and experience with the system; concerns the attitude that a person or technology will help achieve specific goals in a situation characterized by uncertainty and vulnerability."
  • "The degree to which an information system (including the information technology components that are used to build the system) can be expected to preserve the confidentiality, integrity, and availability of the information being processed, stored, or transmitted by the system across the full(...)
  • "Characteristics of trustworthy AI systems include: valid and reliable, safe, secure and resilient, accountable and transparent, explainable and interpretable, privacy-enhanced, and fair with harmful bias managed."
  • "The null hypothesis H0 is rejected, even though it is [true]"
  • "The null hypothesis H0 is accepted, even though it is [false]"
  • Definition: Any access that violates the stated security policy.
  • "Result of not having accurate or sufficient knowledge of a situation; state, even partial, of deficiency of information related to understanding or knowledge of an event, its consequence, or likelihood"
  • "Underfitting occurs when a statistical model cannot adequately capture the underlying structure of the data."
  • "inadequately represented. (See note.)"
  • "impossibility of providing an explanation for certain decisions made by an intelligent system which is both 100% accurate and comprehensible."
  • "Data that does not have a predefined data model or is not organized in a predefined way"
  • "Algorithms, which take a set of data consisting only of inputs and then they attempt to cluster the data objects based on the similarities or dissimilarities in them."
  • The Uniform Resource Locator is commonly known as the address for a website such as www.janusassociates.com. 
  • "extent to which a system product or service can be used by specified users to achieve specified goals with effectiveness, efficiency and satisfaction in a specified context of use (note 1: The “specified” users, goals and context of use refer to the particular combination of users, goals and(...)
  • "refers to evaluating a product or service by testing it with representative users. Typically, during a test, participants will try to complete typical tasks while observers watch, listen and takes notes. The goal is to identify any usability problems, collect qualitative and quantitative data(...)
  • "individual or group that interacts with a system or benefits from a system during its utilization"
  • "the practice of the following principles, the active involvement of users for a clear understanding of user and task requirements, iterative design and evaluation, and a multi-disciplinary approach"
  • "Confirmation by examination and provision of objective evidence that the particular requirements for a specific intended use are fulfilled."
  • "a theoretically grounded approach to the design of technology that accounts for human values in a principled and systematic manner throughout the design process."
  • "A variable is a characteristic of a unit being observed that may assume more than one of a set of values to which a numerical measure or a category from a classification can be assigned."
  • "Represents the statistical significance of each variable in the data in terms of its affect on the model."
  • "The variance is the mean square deviation of the variable around the average value. It reflects the dispersion of the empirical values around its mean."
  • "can be checked for correctness by a person or tool"
  • Definition: A computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer.Related Term(s): macro virus
  • A piece of malicious programming code designed to create an unexpected and, for the victim, usually undesirable event. 
  • A vlog is a Weblog that uses video as its primary medium for distributing content. Vlog posts are usually accompanied by text, image, and other metadata to provide a context or overview for the video. 
  • A virtually private network that is constructed by using public wires to connect nodes.
  • Definition: A characteristic or specific weakness that renders an organization or asset (such as information or an information system) open to exploitation by a given threat or susceptible to a given hazard. Extended Definition: Characteristic of location or security posture or of design,(...)
  • Definition: In the NICE Framework, cybersecurity work where a person: Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation(...)
  • "a marketing effort designed to imply that a company's brands and products involve artificial intelligence technologies, even though the connection may be tenuous or non-existent."
  • Definition: A shortcoming or imperfection in software code, design, architecture, or deployment that, under proper conditions, could become a vulnerability or contribute to the introduction of vulnerabilities.Related Term(s): vulnerability
  • A collection of Uniform Resource Indicators (URIs, including URLs (Uniform Resource Locators)) in the control of one administrative entity. May include different types of URIs (i.e., file transfer protocol sites, telnet sites, as well as World Wide Web sites). 
  • Definition: A group responsible for refereeing an engagement between a Red Team of mock attackers and a Blue Team of actual defenders of information systems.Related Term(s): Blue Team, Red Team
  • "a popular framework to represent text data as vectors which has been used in many machine learning and natural language processing tasks. . . . A word embedding, trained on word co-occurrence in text corpora, represents each word (or common phrase) w as a d-dimensional word vector w~ 2 Rd. It(...)
  • A software program used for preparing documents 
  • Definition: An estimate of the effort or time needed by a potential adversary, with specified expertise and resources, to overcome a protective measure.
  • The WWW is made up of all of the computers on the Internet which use HTML-capable software (Netscape, Explorer, etc.) to exchange data. Data exchange on the WWW is characterized by easy-to-use graphical interfaces, hypertext links, images, and sound. Today the WWW has become synonymous with(...)
  • Definition: A self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself.
  • A malicious software program capable of moving from computer to computer over a network without being carried by another program. 
  • An open standard for compression and decompression used widely for PC download archives. ZIP is used on Windows-based programs such as WinZip and Drag and Zip. The file extension given to ZIP files is .zip.