ACRONYM

IoAs

refers to the series of behaviors that a cybercriminal exhibits prior to executing a cyberattack.

Updated

Jan 06, 2026

Stands for

Indicators of attack

Senses

Sense 1Indicators of attack

refers to the series of behaviors that a cybercriminal exhibits prior to executing a cyberattack. Indicators of attack are not so much a static description of the attacker, but a dynamic profile of how an attacker interacts with your technologies and users.

refers to the series of behaviors that a cybercriminal exhibits prior to executing a cyberattack.

Indicators of attack are not so much a static description of the attacker, but a dynamic profile of how an attacker interacts with your technologies and users.

NICCS (CISA) Cybersecurity Vocabulary

Bibliography

NICCS (CISA) Cybersecurity Vocabulary
Accessed Jan 06, 2026Quoted
NICCS glossary export (CSV)
https://niccs.cisa.gov/rest/vocab/export-csv
NICCS is a CISA (DHS) program. Individual glossary entries include a "From" attribution (e.g., CNSSI 4009, NIST SPs, NICE Framework). Treat "From" values as upstream provenance and verify before quoting large portions of text.
Source: NICCS (CISA) Cybersecurity Vocabulary (niccs.cisa.gov).