Glossary

Internet predators who create fake online identities to lure people into emotional or romantic relationships for personal or financial gain.

A marking that indicates that the data has special requirements in addition to those indicated by its classification. This term covers codewords, source codewords, releasability indicators and special-handling caveats.

Content delivery network

Certificates (digital certificates) are electronic documents used in public key cryptography to establish the validity of a public key and establish trust in its owner. Certificates may be self-signed, however, this offers limited trust and should not be used for public services. Trusted Certificate Authorities (CAs) should issue and digitally sign certificates. Protocols use and verify these certificates to secure communications including web browsing, e-commerce, government services, secure messaging and email.

An artefact of Common Criteria evaluations that outlines the outcomes of a product’s evaluation.

A document that describes the management of changes to the configuration of systems.

The highest-ranking executive in a company, whose primary responsibilities include making major corporate decisions, managing the overall operations and resources of a company, acting as the main point of communication between the board of directors and corporate operations, and being the public face of the company.

A senior executive who is responsible for coordinating communication between security and business functions as well as overseeing the application of controls and associated security risk management processes.

Cyber Hygiene Improvement Program

The categorisation of systems according to the expected impact if it was to be compromised.

Data that would cause limited through to exceptionally grave damage to Australia’s national interests, the Australian Government generally or to an individual Commonwealth entity if compromised (i.e. data assessed as OFFICIAL: Sensitive, PROTECTED, SECRET or TOP SECRET).

Groups of low-paid workers whose job is to click on links, surf around targeted websites, perhaps sign up for newsletters in order to exaggerate the popularity of the website. It is very hard for an automated filter to analyse this simulated traffic and detect that is it invalid as it has exactly the same profile as a legitimate visitor.

Using a compromised computer to click ads on a website without the user’s awareness, with the intention of generating revenue for the website or draining resources from the advertiser.

A form of false advertisement which uses links that are designed to attract attention and entice users to follow that link and read, view or listen to the linked content, with a defining characteristic of being deceptive, typically sensationalised or misleading.

A network of remote servers hosted on the internet and used to store, manage, and process data in place of local servers or personal computers.

A service model that enables network access to a shared pool of computing resources such as data storage, servers, software applications and services.

A company that offers some component of cloud computing to other businesses or individuals, typically infrastructure-as-a-service (laaS), platform-as-a-service (PasS) or software-as-a-service (SaaS).

Content Management System

Commercial National Security Algorithm

Program instructions

Making an unsolicited visit or phone call to someone, often in an attempt to sell goods or services.

A set of organisational and technical attributes and processes that employs human, physical and information resources to solve problems and accomplish missions.

A subset of IT equipment which contains cryptographic components.

An international standard for product evaluations.

An international agreement which facilitates the mutual recognition of Common Criteria evaluations by certificate-producing schemes.

The transfer of data and information from one location to another.

The controls applied to protect telecommunications from unauthorised interception and exploitation, as well as ensure the authenticity of such telecommunications.

The disclosure of information to unauthorised persons, or a violation of the security policy of a system in which unauthorised intentional or unintentional disclosure, modification, destruction or loss of an object may have occurred.

A programmable electronic device designed to accept data, perform prescribed mathematical and logical operations at high speed, and display the results of these operations.

Accounts used to identify computers that belong to a domain, also known as machine accounts. Computer accounts provide a means for authenticating and auditing computer access to networks and domain resources.

Two or more interconnected devices that can exchange data.

A tube, duct or pipe used to protect cables.

The assurance that data is disclosed only to authorised entities.

The use of network address translation to allow a port on a node inside a network to be accessed from outside the network. Alternatively, using a Secure Shell server to forward a Transmission Control Protocol connection to an arbitrary port on the local host.

Specific configuration and usage guidance for products evaluated through the ASD Cryptographic Evaluation Program or the High Assurance Evaluation Program.

A filter that examines content to assess conformance against a security policy.

A computer security standard introduced to prevent cross-site scripting, clickjacking and other code injection attacks resulting from the execution of malicious content in a trusted web page.

A document that describes the plan for the continuous monitoring and assurance in the effectiveness of controls for a system.

The administrative interface that allows for the management and orchestration of a system’s infrastructure and applications.

A small text file that is transmitted by a website and stored in a user's web browser that is then used to identify the user and prepare customised web pages. A cookie can also be used to track a user’s activity while browsing the internet.

The improper or unlawful theft of trade secrets or other knowledge proprietary to a competitor for the purpose of achieving a competitive advantage in the marketplace.

A type of cybercrime that involves stealing a victim's proof of identity. Once credential theft has been successful, the attacker will have the same account privileges as the victim. Stealing credentials is the first stage in a credential-based attack.

Physical facilities, supply chains, information technologies and communication networks which if destroyed, degraded or rendered unavailable for an extended period would significantly impact on the social or economic wellbeing of the nation, or affect a nation’s ability to conduct national defence and ensure national security.

A server that provides critical network or security services. For example, a Microsoft Active Directory Domain Services domain controller or an authentication server.

A system comprising security-enforcing functions tailored to mitigate the specific security risks of accessing or transferring information between security domains. 

A type of digital currency which uses encryption techniques to regulate the generation of units of currency and verify the transfer of funds, operating independently of a central bank. The cryptography is designed for security and anti-counterfeiting measures.

An algorithm used to perform cryptographic functions such as encryption, integrity, authentication, digital signatures or key establishment.

A generic term for Commercial Grade Cryptographic Equipment and High Assurance Cryptographic Equipment.

An algorithm (the hash function) which takes as input a string of any length (the message) and generates a fixed length string (the message digest or fingerprint) as output. The algorithm is designed to make it computationally infeasible to find any input which maps to a given digest, or to find two different messages that map to the same digest.

The set of hardware, software and firmware that implements approved cryptographic functions (including key generation) that are contained within the cryptographic boundary of the module.

An agreed standard for secure communication between two or more entities to provide confidentiality, integrity, authentication and non-repudiation of data.

Software designed to perform cryptographic functions.

A related set of hardware, software and supporting infrastructure used for cryptographic communication, processing or storage and the administrative framework in which it operates. Cryptographic systems may be based upon traditional cryptography, post-quantum cryptography or a combination of both.

A quantum computer that is capable of successfully executing attacks against traditional cryptographic systems.

The practice and study of techniques for securing communications in which plaintext data is converted through a cipher into ciphertext, from which the original data cannot be recovered without the cryptographic key.

A process in which transactions for various forms of cryptocurrency are verified and added to the blockchain digital ledger.

A person that an organisation has dealings with, typically via the consumption of goods or services. A customer does not necessarily need to purchase goods or services from the organisation.

A form of bullying or harassment using electronic means. It is when someone bullies or harasses others on the internet and in other digital spaces, particularly on social media sites.

Defensive activity designed to protect information and systems against offensive cyber operations.

Malicious activity designed to covertly collect information from a target's computer systems for intelligence purposes without causing damage to those systems. It can be conducted by state or non-state entities, and can also include theft for commercial advantage.

The CIMA provides Australian governments with guidance on how they will collaborate in response to, and reduce the harm associated with, national cyber incidents.

Offensive and defensive activities designed to achieve effects in or through cyberspace.

The ability to adapt to disruptions caused by cybersecurity incidents while maintaining continuous business operations. This includes the ability to detect, manage and recover from cybersecurity incidents.

The safe and responsible use of information and communication technologies.

The use of the internet or other electronic means to stalk or harass an individual, group or organisation.

The design, manufacture, delivery, deployment, support and decommissioning of applications, equipment and services that are utilised within an organisation's ICT environment.

The use of computer technology to disrupt the activities of a state or organisation, especially the deliberate disruption, manipulation or destruction of information systems for strategic, political or military purposes.

A computer code that is used, or designed to be used, with the aim of causing physical, functional or mental harm to structures, systems or people. Cyber weapon is a contentious term among the international policy and legal communities, and there is an absence of agreement surrounding its connotations and implications. Avoid using ‘cyber weapon’ and use more generic terms such as 'destructive tools' or 'exploits' when describing the capabilities used by malicious actors.

A deliberate act through cyberspace to manipulate, disrupt, deny, degrade or destroy computers or networks, or the information resident on them, with the effect of seriously compromising national security, stability or economic prosperity. Note: there are multiple global definitions of what constitutes a cyberattack.

Crimes directed at computers, such as illegally modifying electronic data or seeking a ransom to unlock a computer affected by malicious software. It also includes crimes where computers facilitate an existing offence, such as online fraud or online child sex offences.

Measures used to protect the confidentiality, integrity and availability of information technology (IT) and operational technology (OT) systems.

An organisation’s cybersecurity strategy; system-specific cybersecurity documentation; and any supporting diagrams, plans, policies, processes, procedures and registers.

An occurrence of a system, service or network state indicating a possible breach of security policy, failure of safeguards or a previously unknown situation that may be relevant to security.

An unwanted or unexpected cybersecurity event, or a series of such events, that has either compromised business operations or has a significant probability of compromising business operations.

A cybersecurity expert with the skills to rapidly address cybersecurity incidents within an organisation. In the role of a first responder, they use a host of tools to find the root cause of a cybersecurity incident, limit the damage and significantly reduce the likelihood of it occurring again.

A document that describes the plan for responding to cybersecurity incidents.

The environment formed by physical and non-physical components to store, modify, and exchange data using computer networks.

Any circumstance or event with the potential to harm systems.