ASD-Approved Cryptographic Algorithm


ASD-Approved Cryptographic Protocol


Australian Bureau of Statistics


Australasian Certification Authority

Academic Centres of Cyber Security Excellence (ACCSE)

The ACCSE program is part of Australia's $230 million Cyber Security Strategy launched by the Prime Minister on 21 April 2016.


Australian Competition and Consumer Commission

Access control

The process of granting or denying requests for access to systems, applications and information. It can also refer to the process of granting or denying requests for access to facilities.

Access Cross Domain Solution

A system permitting access to multiple security domains from a single client device.

Account harvesting

The illegal practice of collecting email accounts from information in the public domain or by using software to search for email addresses stored locally on a computer. Account harvesting may be used for spamming.


Academic Centres of Cyber Security Excellence


ASD Cryptographic Evaluation


Australian Communication Exchange Limited


Australian Criminal Intelligence Commission


Australian Communications and Media Authority


Australian Cybercrime Online Reporting Network (replaced by ReportCyber)


Adobe Acrobat is software used to view, create, edit and manage PDF files


Australian Communications Security Instruction

Active defence

The principle of proactively implementing a spectrum of security measures to strengthen a network or system to make it more robust against attack. Active defence is separate from offensive cyber operations, as well as passive defence or network hardening.

Note that some references to active defence focus on the employment of limited offensive action and counterattacks – commonly referred to as ‘hacking back’. The term active defence is not synonymous with ‘hacking back’, so these terms should not be used interchangeably.

Ad blockers

Software that prevents advertisements from appearing with the content the user is intentionally viewing. People block ads for a variety of reasons. For example, many of them find marketing ads annoying and even stressful.


Australian Data and Digital Council


Adobe Inc, previously known as Adobe Systems Inc, is an American multinational computer software company headquartered in San José, California.

Adobe Flash Player

Computer software for using content created with Adobe Flash, including viewing multimedia content, executing rich internet applications, and streaming audio and video.

Adobe Reader

A free program created and distributed by Adobe Inc used to open PDF documents. PDFs can be a wide variety of files, such as images, text documents, forms, books, or any combination of these. They are cross-platform, meaning each PDF will look the same on a Windows computer as it will on a Mac.

Advanced persistent threat (APT)

A set of malicious cyber activity with common characteristics, often orchestrated by a person or group targeting specific entities over an extended period. An APT usually targets either private organisations, states or both for business or political motives.


An opinion recommending a course of action to be taken given the circumstances relating to a single moment or decision.


A type of ACSC publication that provides timely information and advice about current security issues, vulnerabilities, and exploits.


A program that displays advertisements that can be installed legitimately as a part of another application or service, or illegitimately without the consent of the system user.


Advanced Encryption Standard


Australian Federal Police

After market devices

A secondary market of an industry, concerned with the manufacturing, remanufacturing, distribution, retailing, and installation of all parts, equipment, and accessories, after the sale of the device by the original equipment manufacturer to the consumer.


Australian Government Access Only

Aggregation (of data)

Compilations of information that, once together, may require a higher level of protection than their separate component parts.


Authentication Header

Air gap

A network security measure employed on one or more computers to ensure that the network is physically isolated from any other network. This makes the isolated network secure, as it does not connect to unsecured networks such as the public internet or an unsecured local area network.


AirPort Express, AirPort Extreme (Wi-Fi) and AirPort Time Capsule (Wi-Fi HDD).


Australasian Information Security Evaluation Facility


Australasian Information Security Evaluation Program


An ACSC publication intended to provide timely notification concerning threats or activity with the potential to impact individuals, businesses, organisations, government, devices, peripherals, networks or infrastructure.


Amazon.com Inc is an American multinational technology company based in Seattle, focusing on e-commerce, cloud computing, digital streaming and artificial intelligence.

Amazon Web Services (AWS)

A comprehensive, evolving cloud computing platform provided by Amazon that includes a mixture of infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) and packaged software-as-a-service (SaaS) offerings.


A mobile operating system developed by Google. It is used by several smartphones and tablets. The Android operating system is based on the Linux kernel.


American National Standards Institute


Software that is designed to detect, stop and remove viruses and other kinds of malicious software.


Access Point




Apple Inc. is an electronics and software company based in California, USA. Originally known as Apple Computer.

Apple ID

An authentication method used by Apple for iPhone, iPad, Mac and other Apple devices and services. Apple ID accounts contain user personal information and settings. When an Apple ID is used to log into an Apple device, the device will automatically use the settings associated with the Apple ID.

Apple Support

Help and support service provided by Apple.


A software program or group of software programs designed for end users. Examples of an application include a word processor, a spreadsheet, an accounting application, a web browser, an email client, a media player, a file viewer, an aeronautical flight simulator, a console game or a photo editor. The collective noun application software refers to all applications collectively. This contrasts with system software, which is mainly involved with running the computer.

Application control

An approach in which only an explicitly defined set of trusted applications are allowed to run on systems.


Australian Prudential Regulation Authority


Advanced Persistent Threat


A place where an accumulation of computer files is stored. It could be disk storage, a flash drive, a backup disk drive, an online backup service, an indexing internet page, etc.

Artificial intelligence (AI)

The simulation of intelligence processes by machines, especially computer systems. These processes include learning (the acquisition of information and rules for using the information), reasoning (using the rules to reach approximate or definite conclusions), and self-correction. Particular applications of AI include threat identification, expert systems, speech recognition and machine vision.


Australian Signals Directorate

ASD Cryptographic Evaluation

An Australian Signals Directorate (ASD) program that analyses products to determine whether their security architecture and cryptographic algorithms have been implemented correctly and are strong enough for the product's intended use.


Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)


Australian Securities and Investments Commission


Australian Security Intelligence Organisation


Anything of value, such as ICT equipment, software or information.


Advanced Technology Attachment


Australian Taxation Office

Attack surface

The amount of ICT equipment and software used in a system. The greater the attack surface the greater the chances of a malicious actor finding an exploitable vulnerability.


The process of assessing the source, perpetrator or sponsor of malicious activity. Statements of attribution often use probabilistic language and indicate the level of confidence in the assessment.

Audit log

A chronological record of system activities including records of system access and operations performed.

Audit trail

A chronological record that reconstructs the sequence of activities surrounding, or leading to, a specific operation, procedure or event.


Australian Eyes Only

Australian Bureau of Statistics (ABS)

The independent Australian Government statistical agency that provides key statistics on a wide range of economic, population, environmental and social issues, to assist and encourage informed decision-making, research and discussion within governments and the community.

Australian Communication Exchange Limited (ACEL)

A charity whose purpose is to provide communication assistance for the deaf and hearing-impaired community.

Australian Communications and Media Authority (ACMA)

An Australian Government statutory authority within the federal Communications portfolio.

Australian Competition and Consumer Commission (ACCC)

An Australian Government statutory authority mandated to protect consumer rights, business rights and obligations, perform industry regulation and price monitoring and prevent illegal anti-competitive behaviour.

Australian Criminal Intelligence Commission (ACIC)

An Australian Government law enforcement agency that has specialist investigative capabilities and delivers and maintains national information-sharing systems.

Australian Cybercrime Online Reporting Network (ACORN)

Replaced by ReportCyber

Australian Eyes Only (AUSTEO) information

Information not to be passed to or accessed by foreign nationals.

Australian Federal Police (AFP)

The enforcer of Commonwealth criminal law, the AFP combats complex, transnational, serious and organised crime impacting Australia's national security and protects Commonwealth interests from criminal activity in Australia and overseas.

Australian Government Access Only (AGAO) information

Information not to be passed to or accessed by foreign nationals, with the exception of those foreign nationals seconded to Australian government agencies.

Australian Information Security Evaluation Facility (AISEF)

A program that evaluates products in order to protect systems and data against cyber threats. These evaluation activities are certified by the Australian Certification Authority.

Australian Information Security Evaluation Program (AISEP)

A program under which evaluations are performed by impartial bodies against the Common Criteria. The results of these evaluations are then certified by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), which is the Australian Certification Authority responsible for the overall operation of the program.

Australian Internet Security Initiative

A program run by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) that helps to reduce malicious software (malware) infections and service vulnerabilities occurring on Australian internet protocol address ranges. It operates as a public-private partnership where Australian internet providers voluntarily work with the ASD's ACSC to help protect their customers from cyber security threats.

Australian Prudential Regulation Authority (APRA)

An Australian Government statutory authority that is the prudential regulator of the Australian financial services industry.

Australian Security Intelligence Organisation (ASIO)

Australia's national security agency responsible for the protection of the country and its citizens from espionage, sabotage, acts of foreign interference, politically-motivated violence, attacks on the Australian defence system, and terrorism.

Australian Signals Directorate (ASD)

An Australian Government statutory agency responsible for foreign signals intelligence, cyber warfare and information security.

Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)

The Australian Government's lead for cyber security. The ASD's ACSC is part of the Australian Signals Directorate.

Australian Taxation Office (ATO)

The principal revenue collection agency of the Australian Government. Its role is to effectively manage and shape the tax and superannuation systems that support and fund services for Australians.


Verifying the identity of a user, process or device as a prerequisite to allowing access to resources in a system.

Authentication header

A protocol used in Internet Protocol Security (IPsec) that provides data integrity and data origin authenticity but not confidentiality.

Authorising officer

An executive with the authority to formally accept the security risks associated with the operation of a system and to authorise it to operate.


The assurance that systems and information are accessible and useable by authorised entities when required.


Amazon Web Services