Skip to main content



Secure/Multipurpose Internet Mail Extension


Safari is a web browser developed by Apple, and is the default browser of the operating systems used in its product lines such as OS X for the Mac and MacBook computers and IOS for the iPhone and iPad mobiles devices.

Safer Internet Day

Worldwide event led by the Office of the eSafety Commissioner - ACSC is a partner.


Samsung Electronics is a South Korean multinational electronics company. Samsung electronics produces LCD and LED panels, mobile phones, memory chips, NAND flash, Solid state drives, televisions, digital cinemas screen, and laptops.


A virtual space in which new, untrusted or untested software or coding can be run safely without risking harm to the hosting computer.


A motor vehicle licensed to transport passengers in return for payment of a fare and typically fitted with a taximeter.


Supervisory Control and Data Acquisition


A scam is a fraudulent scheme performed by a dishonest or deceitful individual, group, or company, in an attempt to obtain money or something else of value.

Scam emails

A scam email is the intentional deception made for personal gain or to damage another individual through email.


A person who commits fraud or participates in a dishonest scheme.


ACCC Program


Security Construction and Equipment Committee

Script (malware)

A type of malware written using a scripting language. Common forms of scripting language include JavaScript, HTML, Visual Basic Script, PowerShell, Perl, Python and Shell Scripting.

Script kiddie

A derisive term used to describe an unskilled individual that uses existing computer scripts or programs to hack computers, networks or websites, lacking the expertise to write their own.

Search Engine Optimisation

Search Engine Optimisation is the process of increasing the quality of website traffic by increasing the visibility of a website or a web page to users of a web search engine.

Secondary targeting

A secondary target market is the people who are the second most likely to purchase your products and services.

Seconded foreign national

A representative of a foreign government on exchange or long-term posting.


An area that has been authorised to process, store or communicate SECRET information. Such areas are not necessarily tied to a specific level of Security Zone.

Secure shell

A network protocol that can be used to securely log into, execute commands on, and transfer files between remote workstations and servers.

Secure Sockets Layer

Secure Sockets Layer is a networking protocol designed for securing connections between web clients and web servers over an insecure network, such as the internet.

Secure/Multipurpose Internet Mail Extension

A protocol which allows the encryption and signing of email messages.

Secured space

An area certified to the physical security requirements for a Zone 2 to Zone 5 area, as defined in the Attorney-General’s Department (AGD)’s Protective Security Policy Framework (PSPF), Entity facilities policy, to allow for the processing or storage of sensitive or classified information.

Security assessment

An activity undertaken to assess security controls for a system and its environment to determine if they have been implemented correctly and are operating as intended.

Security association

A collection of connection-specific parameters containing information about a one-way connection in IPsec that is required for each protocol used.

Security association lifetime

The duration security association information is valid for.

Security association lifetime

The duration security association information is valid for.

Security breach

A security breach is an act that leads to damage of a system or unauthorised access to the system.

Security Configuration Guide

Small Business Guide Security Configuration Guide

Security Construction and Equipment Committee

An Australian Government interdepartmental committee responsible for the evaluation and endorsement of security equipment and services. The committee is chaired by the Australian Security Intelligence Organisation.

Security domain

A system or collection of systems operating under a consistent security policy that defines the classification, releasability and special handling caveats for information processed within the domain.

Security flaws

A weakness in a system that gives a threat agent the opportunity to mount an attack.

Security hardening

The process of securing a system by reducing its surface of vulnerability.

Security posture

The level of security risk to which a system is exposed. A system with a strong security posture is exposed to a low level of security risk while a system with a weak security posture is exposed to a high level of security risk.

Security risk

Any event that could result in the compromise, loss of integrity or unavailability of information or resources, or deliberate harm to people measured in terms of its likelihood and consequences.

Security risk appetite

Statements that communicate the expectations of an organisation’s senior management about the organisation’s security risk tolerance. These criteria help an organisation identify security risks and prepare appropriate treatments and provide a benchmark against which the success of mitigations can be measured.

Security risk management

The process of identifying, assessing and taking steps to reduce security risks to an acceptable level.

Security target

An artefact of Common Criteria evaluations that specifies conformance claims, threats and assumptions, security objectives, and security requirements for an evaluated product.

Security tips

Information on how to be secure online.

Security updates

Updates to the security on your system.

Security vulnerability

A weakness in a system’s security requirements, design, implementation or operation that could be accidentally triggered or intentionally exploited and result in a violation of the system’s security policy.


Security Equipment Guide


Self-healing describes any device or system that has the ability to perceive that it is not operating correctly and to make the necessary adjustments to restore itself to normal operation.

Selling online

The act or process of selling goods, products or services online via an internet or mobile app, auction site, online classified advertisement, online store, social networking, social media or web shop.

Sender Policy Framework

Sender Policy Framework is an email authentication method designed to detect forging sender addresses during the delivery of the email.


Search Engine Optimisation


A computer that provides services to users or other systems. For example, a file server, email server or database server.

Service providers

A company which allows its subscribers access to the internet.

Service Set Identifier

The Service Set Identifier (SSID) is the name given to identify a particular Wi-Fi network. The SSID is broadcast by the wireless access point (wireless router) and can be detected by other wireless-enabled devices in range of the wireless access point. In some cases, SSIDs are hidden, making them invisible to Wi-Fi clients.


Sextortion refers to a form of blackmail in which sexual information or images are used to extort sexual favours from the victim.


Secure Hashing Algorithm 1


Secure Hashing Algorithm 2

Shared government facility

A facility where the facility and personnel are cleared at different levels.

Shared non-government facility

A facility where the facility is shared by government organisations and non-government organisations.


The program that gives your commands to your computer's operating system.

Short Message Service

Short message service is a text messaging service component of most telephone, internet, and mobile device systems. It uses standardized communication protocols to enable mobile devices to exchange short text messages.


A distinct pattern in network traffic that can be identified to a specific tool or exploit. Signatures are used by security software to determine if a file has been previously determined to be malicious or not.


Session Initiation Protocol


The theft of credit card information using card readers, or skimmers, to record and store victims' data.


Skype is a telecommunications application that specialises in providing video chat and voice calls between computers, tablets, mobile devices, the Xbox One console, and smartwatches over the internet.


Stateless Address Autoconfiguration

Small Business Guide

Is a guide for small businesses on cyber security.

Small Medium Enterprise

A Small to Medium Enterprise is a legally independent company with no more than 500 employees.

Smart appliances

Smart appliances are appliances that are able to stay connected to the internet via Wi-Fi or other protocol such as the Zigbee specification and can be accessed and controlled remotely from any internet accessible computer or mobile device.

Smart devices

A smart device is an electronic device, generally connected to other devices or networks via different wireless protocols such as Bluetooth, Zigbee, NFC, Wi-Fi, LiFi, 3G, etc., that can operate to some extent interactively and autonomously.

Smart vehicles

Vehicles equipped with system driven forms of artificial intelligence.


A smartphone is a handheld electronic device that provides connection to a cellular network. Smartphone allow people to make phone calls, send text messages, and access the internet.


Subject Matter Expert, Small Medium Enterprise


Short Message Service

SMS Scam

A SMS scam is a fraudulent text message sent by a deceitful or dishonest person in order to obtain money or something else of value.


Simple Network Management Protocol


Snort is a free open source network intrusion detection system and intrusion prevention system created in 1998 by Martin Roesch, founder and former CTO of Sourcefire. Snort is now developed by Cisco, which purchased Sourcefire in 2013.

Social engineering

The methods used to manipulate people into carrying out specific actions, or divulging information.

Social media

Websites and applications that enable users to create and share content or to participate in social networking.

Social media scams

An act of deception and fraud committed through social media websites or applications.


Standard Operating Environment


An application that allows a workstation to act as a phone using a built-in or externally-connected microphone and speaker.


Software is a collection of data or instructions that tell the computer how to work.

Software component

An element of a system including, but not limited to, a database, operating system, network or web application.

Software update

Software update is a free download for an application, operating system, or software suite that provides fixes for features that aren't working as intended or adds minor software enhancements and compatibility.

Software vulnerabilities

Software vulnerabilities involve bugs in software. Bugs are coding errors that cause the system to make an unwanted action.

Solid state drive

Non-volatile media that uses flash memory media to retain its information when power is removed and, unlike non-volatile magnetic media, contains no moving parts.


Special Publication


Unsolicited electronic messages, especially containing advertising, indiscriminately transmitted to a large number of people.

Spear phishing

A form of phishing that is targeted at a specific person or group.


Sender Policy Framework

Split tunnelling

Functionality that allows personnel to access both public network infrastructure and a Virtual Private Network (VPN) connection at the same time, such as an organisation’s system and the internet.

Splunk Inc.

Splunk Inc. is an American public multinational corporation, that produces software for searching, monitoring, and analysing machine generated big data via web-style interface.


A type of attack where a message is made to look like it comes from a trusted source. For example, an email that looks like it comes from a legitimate business, but is actually trying to spread malware.

Spot the scam

An event to teach people how to navigate around the internet and be able to differentiate legitimate websites and individuals from scammers.


A program that collects information on the user’s activities without their consent. Spyware may be installed on a system illegitimately, or as a part of other software without the user’s knowledge.


Structured Query Language

SQL injection

Exploitation of a vulnerability in a database application that does not properly validate or encode user input, allowing the manipulation, exfiltration or deletion of data.


Solid State Drive


Secure Shell


Service Set Identifier


Secure Sockets Layer

Standard Operating Environment

A standardised build of an operating system and associated software that can be used for servers, workstations, laptops and mobile devices.

Standard Operating Procedure

Instructions for following a defined set of activities in a specific manner. For example, an approved data transfer process.

Standard user

A user who can, with their normal privileges, make only limited changes to a system and generally cannot bypass security measures.

State-sponsored actor

A non-state actor that conducts activity on behalf of a state, for example a contracted hacker or company.

Staying safe

Protecting yourself from any danger.

Step-by-Step Guide

Guides developed by the Australian Cyber Security Centre to help individuals stay secure online.


A depiction of an event through people, place, and plot and brings emotional context into the portrayal of what happened.

Strong passwords

Term used to describe a password that is an effective password that would be difficult to break.

Structured Query Language

A special-purpose programming language designed for managing data held in a relational database management system.


A sub-contractor is an individual or a business that signs a contract to perform part or all of the obligations of another's contract.

Subject Matter Expert

A Subject-matter Expert or domain expert is a person who is an authority in a particular area or topic.

Submarine cables

A submarine cable is a cable laid on the sea bed between land-based stations to carry telecommunication signals across stretches of ocean and sea.

Supervisory Control and Data Acquisition

Supervisory control and data acquisition is a control system architecture comprising computers, networked data communications and graphical user interfaces for high level process supervisory management, whiles also comprising other peripheral devices like programmable logic controllers and discrete proportional-integral-derivative controllers to interface with process plant or machinery.

Supply chain

Supply chain is a system of organisations, people, activities, information, and resources involved in supplying a product or service to a consumer.


Describes the act of browsing the internet by going from one web page to another web page using hyperlinks in an internet browser.


An online survey is a questionnaire that the target audience can complete over the internet. Online surveys are usually created as web forms with a database to store the answers and statistical software to provide analytics.

Suspicious email

An email that is potentially malicious.

Suspicious message

A message that is potentially malicious.

Suspicious video

A video that is potentially malicious.


A leading software company in internet security technology.


A related set of hardware and software used for the processing, storage or communication of information and the governance framework in which it operates.

System administration

System administration refers to the management of one or more hardware and software systems.

System classification

The classification of a system is the highest classification of information which the system is authorised to store, process or communicate.

System of National Significance

Critical infrastructure / Essential Service

System owner

The executive responsible for a system.

System security plan

A document that describes a system and its associated security controls.