A
Absolute Advantage - The ability of a country, individual, company or region to produce a good or service at a lower cost per unit than the cost at which any other entity produces that good or service.
Access Control – The process of granting or denying specific requests to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities (e.g., federal buildings, military establishments, border crossing entrances).
Access Control Mechanism – Security safeguards (i.e., hardware and software features, physical controls, operating procedures, management procedures, and various combinations of these) designed to detect and deny unauthorized access and permit authorized access to an information system.
Accountability – The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action.
Active Security Testing – Security testing that involves direct interaction with a target, such as sending packets to a target.
Advanced Persistent Threats (APT) – An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives by using multiple attack vectors (e.g., cyber, physical, and deception). These objectives typically include establishing and extending footholds within the information technology infrastructure of the targeted organizations for purposes of exfiltrating information, undermining or impeding critical aspects of a mission, program, or organization; or positioning itself to carry out these objectives in the future. The advanced persistent threat: (i) pursues its objectives repeatedly over an extended period of time; (ii) adapts to defenders’ efforts to resist it; and (iii) is determined to maintain the level of interaction needed to execute its objectives.
Adversary – Individual, group, organization, or government that conducts or has the intent to conduct detrimental activities.
Adverse Selection - The tendency of those in dangerous jobs or high risk lifestyles to get life insurance.
Allocation efficiency – This occurs when there is an optimal distribution of goods and services, taking into account consumer’s preferences, i.e., at an output level where the price equals the Marginal Cost (MC) of production. This is because the price that consumer’s are willing to pay is equivalent to the marginal utility that they get. Therefore the optimal distribution is achieved when the marginal utility of the good equals the marginal cost.
Anomaly-Based Detection – The process of comparing definitions of what activity is considered normal against observed events to identify significant deviations.
Anti-spoof – Countermeasures taken to prevent the unauthorized use of legitimate Identification & Authentication (I&A) data, however it was obtained, to mimic a subject different from the attacker.
Asset – A major application, general support system, high impact program, physical plant, mission critical system, personnel, equipment, or a logically related group of systems.
Asymmetric information – If a buyer and seller enter into a transaction with different information about the value of that which is being exchanged, then an information asymmetry exists. Classic examples of asymmetric information situations include the owner of car knowing more about the true value of the car than a buyer, the seller of a life insurance contract knowing less than the buyer about the true likelihood of a claim, or a stock market dealer knowing less than a firm's management about the value of the firm's stock. The asymmetry simply refers to the information on the two sides of the deal not being symmetric.
Attack –Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.
Audit – Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies, or procedures.
Authentication – Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system
Autonomous System (AS) – One or more routers under a single administration operating the same routing policy.
Availability – Ensuring timely and reliable access to and use of information
Awareness – Activities which seek to focus an individual’s attention on an (information security) issue or set of issues.
B
Barriers to entry - The existence of high start-up costs or other obstacles that prevent new competitors from easily entering an industry or area of business.
Behavioural economics - A branch of economics that concentrates on explaining the economic decisions people make in practice, especially when these conflict with what conventional economic theory predicts they will do.
Bertrand competition – A simple strategic situation where each of the firms in an industry makes its decision about price and output assuming that the other firms do not change their prices from their current level. In contrast, Cournot competition arises where the firm decides price and output assuming the other firms' output levels are fixed.
Blacklist – A list of discrete entities, such as hosts or applications, that have been previously determined to be associated with malicious activity
Blacklisting – The process of the system invalidating a user ID based on the user’s inappropriate actions. A blacklisted user ID cannot be used to log on to the system, even with the correct authenticator. Blacklisting and lifting of a blacklisting are both security-relevant events. Blacklisting also applies to blocks placed against IP addresses to prevent inappropriate or unauthorized use of Internet resources.
Bounded rationality – This is the theory that there is only so much information that humans can be aware of. Therefore, when making decisions they base them on a limited choice. They are rational given limited choice and awareness of alternatives but they rarely maximize total utility because people don’t want to take time to fully consider all options. Bounded rationality leads to the use of 'rules of thumb' that reduce computation and information acquisition costs. It also leads to decision makers not making decisions continuously, but instead making new decisions only when existing decisions have become sufficiently sub-optimal
C
Certification – Comprehensive evaluation of the technical and nontechnical security safeguards of an information system to support the accreditation process that establishes the extent to which a particular design and implementation meets a set of specified security requirements.
Cipher – Any cryptographic system in which arbitrary symbols or groups of symbols, represent units of plain text, or in which units of plain text are rearranged, or both.
Closed Economy - An economy in which no activity is conducted with outside economies. A closed economy is self-sufficient, meaning that no imports are brought in and no exports are sent out.
Common Vulnerabilities and Exposures (CVE) – A dictionary of common names for publicly known information system vulnerabilities.
Common Vulnerability Scoring System (CVSS) – An SCAP specification for communicating the characteristics of vulnerabilities and measuring their relative severity.
Comparative Advantage - The ability of a firm or individual to produce goods and/or services at a lower opportunity cost than other firms or individuals.
Competitive markets – markets in which a large numbers of producers compete with each other to satisfy the wants and needs of a large number of consumers. In a competitive market no single producer, or group of producers, and no single consumer, or group of consumers, can dictate how the market operates. Nor can they individually determine the price of goods and services, and how much will be exchanged.
Compromise – Disclosure of information to unauthorized persons, or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred
Computer Abuse – Intentional or reckless misuse, alteration, disruption, or destruction of information processing resources.
Computer Security Incident Response Team (CSIRT) – A capability set up for the purpose of assisting in responding to computer security-related incidents.
Concentration - The tendency of a market to be dominated by a few big firms.
Confidentiality – Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.
Consumer surplus – An economic measure of consumer satisfaction, which is calculated by analyzing the difference between what consumers are willing to pay for a good or service relative to its market price. A consumer surplus occurs when the consumer is willing to pay more for a given product than the current market price.
Contracting costs – costs of writing and maintaining a contract between parties. They include the costs of each party verifying that the other is meeting the terms of the contract and the cost of arbitration and enforcement if there is a dispute over whether terms are being met.
Cookie – A piece of state information supplied by a Web server to a browser, in a response for a requested resource, for the browser to store temporarily and return to the server on any subsequent visits or requests.
Countermeasures – Actions, devices, procedures, techniques, or other measures that reduce the vulnerability of an information system. Synonymous with security controls and safeguards
Critical Infrastructure – System and assets, whether physical or virtual, so vital to a country that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.
Cyber Attack – An attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information.
Cybersecurity – The ability to protect or defend the use of cyberspace from cyber attacks.
D
Data – A subset of information in an electronic format that allows it to be retrieved or transmitted.
Data Integrity – The property that data has not been altered in an unauthorized manner. Data integrity covers data in storage, during processing, and while in transit.
Data Loss – The exposure of proprietary, sensitive, or classified information through either data theft or data leakage.
Deadweight loss – The costs to society created by market inefficiency.
Demand curve – It is the amount demanded at each price. It slopes downward when price is drawn on the y axis and quantity demanded is on the x axis.
Demilitarized Zone (DMZ) – An interface on a routing firewall that is similar to the interfaces found on the firewall’s protected side. Traffic moving between the DMZ and other interfaces on the protected side of the firewall still goes through the firewall and can have firewall protection policies applied.
Denial of Service (DoS) – The prevention of authorized access to resources or the delaying of time-critical operations.
Distributed Denial of Service (DDoS) - A Denial of Service technique that uses numerous hosts to perform the attack.
Dominant firm - A firm with the ability to set PRICES in its market
E
Economic efficiency – economic state in which every resource is optimally allocated to serve each person in the best way while minimizing waste and inefficiency. When an economy is economically efficient, any changes made to assist one person would harm another. In terms of production, goods are produced at their lowest possible cost, as are the variable inputs of production.
Economic profit – The difference between the revenue received from the sale of an output and the opportunity cost of the inputs used.
Economies Of Scale - The cost advantage that arises with increased output of a product. Economies of scale arise because of the inverse relationship between the quantity produced and per-unit fixed costs; i.e. the greater the quantity of a good produced, the lower the per-unit fixed cost because these costs are shared over a larger number of goods.
Egress Filtering – Filtering of outgoing network traffic.
Elasticity - A measure of the responsiveness of one variable to changes in another.
Equilibrium - When supply and demand are in balance. At the equilibrium price, the quantity that buyers are willing to buy exactly matches the quantity that sellers are willing to sell.
Exploit Code – A program that allows attackers to automatically break into a system.
Externalities – A consequence of an economic activity that is experienced by unrelated third parties. An externality can be either positive or negative.
F
False Positive – An alert that incorrectly indicates that malicious activity is occurring.
Firewall – A hardware/software capability that limits access between networks and/or systems in accordance with a specific security policy
Fixed cost – A cost that does not change with an increase or decrease in the amount of goods or services produced.
Free riding - Getting the benefit of a good or service without paying for it, not necessarily illegally. This may be possible because certain types of goods and services are actually hard to charge for--a firework display, for instance. Another way to look at this may be that the good or service has a positive externality. However, there can sometimes be a free-rider problem, if the number of people willing to pay for the good or service is not enough to cover the cost of providing it.
G
Game theory - technique for analysing how people, firms and governments should behave in strategic situations (in which they must interact with each other), and in deciding what to do must take into account what others are likely to do and how others might respond to what they do.
Gross domestic product (GDP) - a measure of economic activity in a country. It is calculated by adding the total value of a country's annual output of goods and services. GDP = private consumption + investment + public spending + the change in inventories + (exports - imports).
Government failure - When a government fails to intervene in a market economy to correct inefficient allocation of resources.
H
Hacker – Unauthorized user who attempts to or gains access to an information system.
Honeypot – A system (e.g., a Web server) or system resource (e.g., a file on a server) that is designed to be attractive to potential crackers and intruders and has no authorized users other than its administrators.
Hyperbolic Discounting - way of accounting in a model for the difference in the preferences an agent has over consumption now versus consumption in the future.
I
Identity – A set of attributes that uniquely describe a person within a given context.
Indicators - Variables which reflect the performance of an economy.
Incident – A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.
Indifference curve - A curve which shows all the different combination of two goods where a consumer is indifferent. In other words, the combination of two goods that give the same level of utility.
Inelastic – situation in which the supply and demand for a good or service are unaffected when the price of that good or service changes. Elasticity and inelasticity of demand refer to how much demand stretches when something else changes.
Inside Threat – An entity with authorized access that has the potential to harm an information system through destruction, disclosure, modification of data, and/or denial of service.
Intellectual Property – Useful artistic, technical, and/or industrial information, knowledge or ideas that convey ownership and control of tangible or virtual usage and/or representation.
Integrity – Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity.
Intervention - Any form of government interference with market mechanisms. Intervention is the act of intervening in a market to try to influence the market outcome.
Intrusion – Unauthorized act of bypassing the security mechanisms of a system.
Intrusion Detection Systems (IDS) – Hardware or software product that gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attacks from outside the organizations) and misuse (attacks from within the organizations.)
J
Jamming – An attack in which a device is used to emit electromagnetic energy on a wireless network’s frequency to make it unusable.
Joint demand - Goods which are used together i.e. complements are in joint demand.
L
Level of Protection – Extent to which protective measures, techniques, and procedures must be applied to information systems and networks based on risk, threat, vulnerability, system interconnectivity considerations, and information assurance needs.
Limit pricing - When a firm sets price just low enough to discourage possible new entrants.
Lobbying - When organisations try to persuade decision makers, usually politicians, that their product or organisation should be supported.
Lock-in – economic phenomenon that results when consumers or commercial users of a product or service are faced with high costs of switching (“switching costs”) to an alternative technology.
Long run - Period of time when all factor inputs, including capital, can be changed.
M
Macroeconomics -The study of the whole economy.
Macroeconomic policies - Policies designed to influence the level of employment, the price level, economic growth and the balance of payments.
Malicious Code – Software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system.
Malware – A program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system or of otherwise annoying or disrupting the victim.
Mandatory Modification – Change to a computer security end-item that is required to be completed and reported by a specified date.
Marginal utility - The satisfaction gained from the consumption of one extra unit of a good.
Marginal value – value to a consumer of the last unit of consumption. In an industry demand curve it is the value of the good to the consumer who bought the good but receives the lowest value from consumption. That is, the value to the consumer of the first unit that would no longer be purchased if the price rose.
Market equilibrium – The state in which market supply and demand balance each other and, as a result, prices become stable.
Market failure - occurs when a market left to itself does not allocate resources efficiently.
Market concentration -The extent to which the sale of a product is dominated by the largest firms in the industry.
Market power – A company's ability to manipulate price by influencing an item's supply, demand or both. A company with market power would be able to affect price to its benefit
Metrics – Tools designed to facilitate decision-making and improve performance and accountability through collection, analysis, and reporting of relevant performance-related data.
Monopoly – A situation in which a single company or group owns all or nearly all of the market for a given type of product or service. By definition, monopoly is characterized by an absence of competition, which often results in high prices and inferior products.
Moral hazard – behaviour when agents do not bear the full cost of their actions and are thus more likely to take such actions.
N
Negative externalities - Impacts on 'outsiders' that are disadvantageous to them and for which they receive no compensation. The externalities are occurring where the actions of firms and individuals have an effect on people other than themselves.
Net present value (NPV) – The difference between the present value of cash inflows and the present value of cash outflows
O
Oligopolies - Markets dominated by a few sellers who account for a large proportion of output.
Open economy - An economy which engages in international trade.
Opportunity cost - The decision to produce or consume a product involves giving up another product. The real cost of an action is the next best alternative forgone.
Optimum allocation - Occurs when it is not possible to redistribute goods to increase the welfare of any one consumer without reducing the welfare of some other consumer.
Outliers - In a set of data, a value so far removed from other values in the distribution that its presence cannot be attributed to the random combination of chance causes.
P
Pareto optimal - A situation in which economic welfare is maximised. In other words when no one can be made better off without someone else being made worse off, following a reorganisation of production or distribution.
Patch – An update to an operating system, application, or other software issued specifically to correct particular problems with the software.
Penetration Testing – A test methodology in which assessors, using all available documentation (e.g., system design, source code, manuals) and working under specific constraints, attempt to circumvent the security features of an information system.
Perfect competition - An industry made up of a large number of small firms, each selling homogeneous (identical) products to a large number of buyers.
Phishing – Tricking individuals into disclosing sensitive personal information through deceptive computer-based means.
Point of Sale (POS) terminal - An in-store computer terminal that transfers information between participating banks and retail stores.
Port Scanning – Using a program to remotely determine which ports on a system are open (e.g., whether systems allow connections through those ports).
Positive externalities - Impacts on 'outsiders' that are advantageous to them and for which they do not have to pay.
Price discrimination – occurs when a company charges different customers different prices for the same goods or services.
Price elasticity - A measure of the responsiveness of demand to a change in price.
Private good - A private good is one which is both rival and excludable. One person's consumption will mean that the good is not available for another person to consume it.
Producer surplus – total revenue less the total variable costs. The sum of the surplus of each producer is the market producer surplus.
Profiling – Measuring the characteristics of expected activity or entity so that it can be identified.
Prospect theory - A theory of 'irrational' economic behaviour.
Proxy – A proxy is an application that “breaks” the connection between client and server.
Public goods - Things that can be consumed by everybody in a society, or nobody at all.
R
Remediation – The act of correcting a vulnerability or eliminating a threat. Three possible types of remediation are installing a patch, adjusting configuration settings, or uninstalling a software application.
Reservation price - The minimum price at which an individual is willing to offer a good or service.
Returns to scale - The relationship between changes in the quantity of factors of production and the resulting change in output.
Revenue - The money received from the sale of output
Rootkit – A set of tools used by an attacker after gaining root-level access to a host to conceal the attacker’s activities on the host and permit the attacker to maintain root-level access to the host through covert means
S
Sandboxing – A method of isolating application modules into distinct fault domains enforced by software. The technique allows untrusted programs written in an unsafe language, such as C, to be executed safely within the single virtual address space of an application.
Sensitivity – A measure of the importance assigned to information by its owner, for the purpose of denoting its need for protection.
Skimming – The unauthorized use of a reader to read tags without the authorization or knowledge of the tag’s owner or the individual in possession of the tag.
Signals - Any sign or indication of something. Key economic indicators act as pointers to where an economy is heading.
Social costs -The total costs of an economic activity on both the individual and the spillover effects on third parties
Social Engineering –A general term for attackers trying to trick people into revealing sensitive information or performing certain actions that appear to be benign but are actually malicious
Spam – The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages.
Spoofing – “IP spoofing” refers to sending a network packet that appears to come from a source other than its actual source.
Supply Chain – A system of organizations, people, activities, information, and resources, possibly international in scope, that provides products or services to consumers
Supply curve – amount supplied at each price. It slopes upward when price is drawn on the y axis and quantity demanded is on the x axis.
Substitute – A product or service that satisfies the need of a consumer that another product or service fulfills.
T
Tampering – An intentional event resulting in modification of a system, its intended behavior, or data.
Technical efficiency - When a firm produces a given quantity of output with the minimum number of inputs.
Threat – Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Threat Assessment – Process of formally evaluating the degree of threat to an information system or enterprise and describing the nature of the threat.
Total utility - The amount of satisfaction obtained by consuming units of a good.
Total costs - The amount spent on producing a given level of output. The total costs are calculated by total fixed costs plus total variable costs.
Traffic Analysis – A form of passive attack in which an intruder observes information about calls (although not necessarily the contents of the messages) and makes inferences, e.g., from the source and destination numbers, or frequency and length of the messages.
Transaction costs – The cost of exchanging the ownership of a consumer good, capital good, financial claim etc.
U
Underproduction - When production is below the socially optimum level..
Unit cost - Average cost i.e. total cost divided by output.
Utility - Way of measuring pleasure or happiness and how it relates to the decisions that people make. Utility measures the benefits (or drawbacks) from consuming a good or service or from working.
V
Variable cost – costs that are a function of the level of production. For instance, labor, parts, electricity, bank loans etc.
Vulnerability – Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.
Z
Zero sum game - A zero sum game occurs when any gain made by one player is exactly balanced by losses to other players.
Zombie – A program that is installed on a system to cause it to attack other systems.