Skip to content
SynAc
Browse

Terms

Alphabetical index of published term entries. Use the letter rail to jump.

  1. tabletop exerciseUpdated Jan 06, 2026

    A discussion based exercise where personnel meet in a classroom setting or breakout groups and are presented with a scenario to validate the content of plans, procedures, policies, cooperative agreements or other information for managing an incident.

  2. tailored trustworthy spaceUpdated Jan 06, 2026

    A cyberspace environment that provides a user with confidence in its security, using automated mechanisms to ascertain security conditions and adjust the level of security based on the user's context and in the face of an evolving range of threats.

  3. targetsUpdated Jan 06, 2026

    In the NICE Framework, cybersecurity work where a person: Applies current knowledge of one or more regions, countries, non state entities, and/or technologies.

  4. technology research and developmentUpdated Jan 06, 2026

    In the NICE Framework, cybersecurity work where a person: Conducts technology assessment and integration processes; provides and supports a prototype capability and/or evaluates its utility.

  5. test and evaluationUpdated Jan 06, 2026

    In the NICE Framework, cybersecurity work where a person: Develops and conducts tests of systems to evaluate compliance with specifications and requirements by applying principles and methods for cost effective planning, evaluating, verifying, and validating of technical, functional, and performance characteristics (including interoperability) of systems or elements of systems incorporating information technology.

  6. Theft of Operational InformationUpdated Jan 06, 2026

    Adversaries may steal operational information on a production environment as a direct mission outcome for personal gain or to inform future operations. This information may include design documents, schedules, rotational data, or similar artifacts that provide insight on operations. In the Bowman Dam incident, adversaries probed systems for operational data. (Citation: Mark Thompson March 2016) (Citation: Danny Yadron December 2015)

  7. threatUpdated Jan 06, 2026

    A circumstance or event that has or indicates the potential to exploit vulnerabilities and to adversely impact (create adverse consequences for) organizational operations, organizational assets (including information and information systems), individuals, other organizations, or society.

  8. threat agentUpdated Jan 06, 2026

    An individual, group, organization, or government that conducts or has the intent to conduct detrimental activities.

  9. threat analysisUpdated Jan 06, 2026

    The detailed evaluation of the characteristics of individual threats.

  10. threat assessmentUpdated Jan 06, 2026

    The product or process of identifying or evaluating entities, actions, or occurrences, whether natural or man made, that have or indicate the potential to harm life, information, operations, and/or property.

  11. threatscapeUpdated Jan 06, 2026

    the spectrum of possible cybersecurity threats

  12. ThreatwareUpdated Jan 06, 2026

    a general term encompassing all types of malicious software on computers and electronic devices

  13. ticketUpdated Jan 06, 2026

    In access control, data that authenticates the identity of a client or a service and, together with a temporary encryption key (a session key), forms a credential.

  14. TimestompingUpdated Jan 06, 2026

    a technique used in cybersecurity and digital forensics, where attackers modify the timestamps of files and directories on a computer system to hide their actions or impede investigations

  15. traffic light protocolUpdated Jan 06, 2026

    A set of designations employing four colors (RED, AMBER, GREEN, and WHITE) used to ensure that sensitive information is shared with the correct audience.

  16. Transient Cyber AssetUpdated Jan 06, 2026

    Adversaries may target devices that are transient across ICS networks and external networks. Normally, transient assets are brought into an environment by authorized personnel and do not remain in that environment on a permanent basis. (Citation: North American Electric Reliability Corporation June 2021) Transient assets are commonly needed to support management functions and may be more common in systems where a remotely managed asset is not feasible, external connections for remote access do not exist, or 3rd party contractor/vendor access is required.

  17. Transmitted Data ManipulationUpdated Jan 06, 2026

    Adversaries may alter data en route to storage or other systems in order to manipulate external outcomes or hide activity. By manipulating transmitted data, adversaries may attempt to affect a business process, organizational understanding, or decision making.

  18. TrojanUpdated Jan 06, 2026

    a type of malware that conceals its true content to fool a user into thinking it's a harmless file

  19. trojan horseUpdated Jan 06, 2026

    A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.

  20. TrojanizeUpdated Jan 06, 2026

    To convert into a Trojan

  21. TyposquattingUpdated Jan 06, 2026

    a form of cybersquatting (sitting on sites under someone else's brand or copyright) that targets Internet users who incorrectly type a website address into their web browser