ETSI: Difference between revisions

From Cyber Public
No edit summary
(Added Terms and Abbreviations)
Line 7: Line 7:
=== TC CYBER Roadmap ===
=== TC CYBER Roadmap ===
TC CYBER work is split across 9 key areas: understanding the cybersecurity ecosystem, IoT security and privacy, cybersecurity for critical national infrastructures, protection of personal data and communication, enterprise and individual cybersecurity, cybersecurity tools, support to EU legislation, forensics, and quantum-safe cryptography. You can find out more about each area on the [[Roadmap|Roadmap page]].
TC CYBER work is split across 9 key areas: understanding the cybersecurity ecosystem, IoT security and privacy, cybersecurity for critical national infrastructures, protection of personal data and communication, enterprise and individual cybersecurity, cybersecurity tools, support to EU legislation, forensics, and quantum-safe cryptography. You can find out more about each area on the [[Roadmap|Roadmap page]].
= 3. Definition of terms, symbols and abbreviations =
== 3.1       Terms ==
For the purposes of the present document, the following terms apply:
'''centre of excellence:''' educational or research & development organization recognized as a leader in accomplishing its cyber security mission
'''cyber environment:''' users, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks [i.1]
'''cyber security (or cybersecurity):''' collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user's assets
NOTE:      Organization and user's assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user's assets against relevant security risks in the cyber environment. The general security objectives comprise the following:
§  Availability.
§  Integrity, which may include authenticity and non-repudiation.
§  Confidentiality [i.1].
'''cybersecurity:''' preservation of confidentiality, integrity and availability of information in the Cyberspace [i.2]
'''cyberspace:''' complex environment resulting from the interaction of people, software and services on the Internet by means of technology devices and networks connected to it, which does not exist in any physical form [i.2]
'''heritage site:''' place (such as a building or complex) that is listed by a recognized accrediting body as a place where significant cyber security innovations occurred
'''historical collection:''' place, both real and virtual, dedicated to the structured gathering and availability of cyber security materials of historical significance; frequently denominated as a museum
'''information exchange mechanism:''' real or virtual activity established for providing continuing structured exchange of cyber security information content
'''reference library:''' collection of available published material useful for consultation for cyber security purposes
NOTE:      The present document also includes significant dedicated publications in this category.
'''techniques, technical standards and operational practices forum:''' any continuing body established for the purposes of reaching agreement on techniques, technical standards or operational practices for enhancing cyber security
== 3.3. Abbreviations ==
For the purposes of the present document, the following abbreviations apply:
NOTE:      Not all abbreviations are used in the present document. Some are included purposely to provide a unique global reference set of cyber security abbreviations.
3GPP                    3<sup>rd</sup> Generation Partnership Project
A*STAR              Agency for Science, Technology and Research (Singapore)
ABW                    Agencja Bezpieczenstwa Wewnetrznego (Poland)
AC                        Authentication Code (TCG)
ACDC                  Advanced Cyber Defence Centre
ACE-CSR            Academic Centres of Excellence in Cyber Security Research (UK)
ACI                       Austrian Critical Infrastructure (Austria)
ACI                       Österreichische kritische Infrastruktur (Austria)
ACMA                 Australian Communications and Media Authority (Australia)
ACSS                   Austrian Cyber Security Strategy (Austria)
ADCC                  Algemene Directie Crisiscentrum (Belgium)
ADIV                   Algemene Dienst Inlichting en Veiligheid (Belgium)
AEPD                   Spanish Data Protection Agency (Spain)
AFNOR                Association Française de Normalisation (France)
AFP                      Australian Federal Police (Australia)
AGCOM              Autorità per le Garanzie nelle Comunicazioni (Italy)
AGIMO                Australian Government Information Management Office (Australia)
AIK                      Attestation Identity Key (TCG)
AIOTI                   Alliance of IoT Innovation
AISI                      Australian Internet Security Initiative (Australia)
AMSS                  Anti-Malware Support Services Working Group (IEEE)
ANS                     Autorité Nationale de Sécurité (Belgium)
ANSAC                ASEAN Network Security Action Council
ANSES                 Ambient Network Secure Eco System (Singapore)
ANSSI                  Agence Nationale de la Sécurité des Systèmes d'Information (France)
ANSSI                  Agence Nationale de la Sécurité des Systèmes d'Information (Luxembourg)
APCERT              Asia Pacific Computer Emergency Response Team (Japan)
APCIP                  Austrian Programme for Critical Infrastructure Protection (Austria)
APCIP                  Österreichisches Programm zum Schutz kritischer Infrastruktur (Austria)
APT                      Advanced Persistent Threat
ARCSI                  Association des Réservistes du Chiffre et de la Sécurité de l'Information (France)
ARF                      Assessment Results Format or Asset Reporting Format
ARIB                    Association of Radio Industries and Businesses (Japan)
ASD                     Australian Signals Directorate (Australia)
ASEAN CERT    Association of Southeast Asian Nations CERT
ASIO                    Australian Security Intelligence Organisation (Australia)
A-SIT                   Secure Information Technology Centre - Austria (Austria)
A-SIT                   Zentrum für sichere Informationstechnologie - Austria (Austria)
ASS                      Austrian Security Strategy (Austria)
ATIS                     Alliance for Telecommunications Industry Solutions
ATT&CK™        Adversarial Tactics Techniques and Common Knowledge (MITRE)
BBK                     Bundesamt für Bevölkerungsschutz und Katastrophenhilfe (Germany)
BBK                     Biuro Badan Kryminalistycznych (Poland)
BCM                    Business Continuity Management (Germany)
BCSS                    Banque Carrefour de la Sécurité Sociale (Belgium)
Belac                    Organisme belge d'accréditation (Belgium)
Belac                    Belgische accredidatie-instelling (Belgium)
Belnet                  Belgian national research network (Belgium)
BelNIS                 Belgian Network Information Security (Belgium)
BEREC                Euroopan sähköisen viestinnän sääntelyviranomaisten yhteistyöelin (Finland)
BEREC                Body of European Regulators for Electronic Communications (Norway)
BfV                      Bundesamt für Verfassungsschutz (Germany)
BLOB                   Binary Large OBject (TCG)
BIPT                     Belgisch Instituut voor Postdiensten en Telecommunicatie (Belgium)
BIS                       Department for Business, Innovation and Skills (UK)
BMI                      Bundesministerium des Innern (Germany)
BORE                   Break Once Run Everywhere (TCG)
BSI                       Bundesamt für Sicherheit in der Informationstechnik (Germany)
BSI                       British Standards Institute (UK)
BYOD                  Bring Your Own Device
C3                         Computer Competence Certificate (Egypt)
C3                         Cybersecurity Competence Center (Luxembourg)
CA                        Certification Authority
CA/B                    Certificate of Authority/Browser Forum
CACAO               Collaborative Automated Course of Action Operations (OASIS)
CAE                     Centers of Academic Excellence (UK)
CAK                     Communications Authority of Kenya (Kenya)
CAN                     Computer Network Attack (Italy)
CAPEC                Common Attack Pattern Enumeration and Classification
CASES                 Cyberworld Awareness and Security Enhancement Services (Luxembourg)
CBM                    Confidence Building Measures
CBPL                   Commissie voor de Bescherming van de Persoonlijke Leverssfeer (Belgium)
CCC                     Chaos Computer Club
CCDB                  Common Criteria Development Board
CCDCOE             NATO Cooperation Cyber Defence Center of Excellence
CCE                      Common Configuration Enumeration
CCIP                     Centre for Critical for Infrastructure Protection (New Zealand)
CCIRC                 Canadian Cyber Incident Response Centre (Canada)
CCN                     National Cryptologic Centre (Spain)
CCN-CERT         Spanish Government National Cryptologic Center - CSIRT (Spain)
CCRA                  Common Criteria Recognition Agreement
CCSA                   China Communications Standards Association
CCSB                   Centre pour Cyber Securité Belgique (Belgium)
CCSB                   Centrum voor Cyber Security Belgie (Belgium)
CD                        Cyber Defense
CDT                     Centres for Doctoral Training (UK)
CDU                     Cyber Defence Unit of the National Armed Forces (Latvia)
CEEE                   Common Event Expression Exchange
CEN                     Comité Européen de Normalisation
CENELEC           European Committee for Electrotechnical Standardization
CEPOL                 European police college
CERT                   Computer Emergency Response Team (Belgium)
CERT Poland      (Poland)
CERT.at               Computer Emergency Response Team - Austria (Austria)
CERT.GOV.PL   Governmental Computer Security Incident Response Team (Poland)
CERT.GOV.PL   Rzadowego Zespolu Reagowania na Incydenty Komputerowe (Poland)
CERT.LU             Grouping of all Luxembourg CERTs
CERT.LY             Information Technology Security Incident Response Institution (Latvia)
CERT-AU            CERT Australia (Australia)
CERT-EU            CERT Europe
CERT-FR             CERT France
CERT-in              National Level Computer Emergency Response Team (India)
CERT-LT             National Electronic Communications Network and Information Security Incidents Investigation Service (Lithuania)
CERT-PA            Computer Emergency Response Team of the Public Administration (Italy)
CERT-PA            CERT - Pubblica Amministrazione (Italy)
CERT-SA            CERT Saudi Arabia (Saudi Arabia)
CERT-SI              Computer Emergency Response Team for Security and Industry (Spain)
CERT-SPC          CERT Sistema Pubblico de Connettività (Italy)
CERT-UK            CERT United Kingdom
CERT-US            CERT United States
CESG                   Communications-Electronics Security Group (UK) (now NCSC)
CFRG                   Crypto Forum Research Group
CHOD                  Chief of Defence (Netherlands)
CI                          Critical Infrastructure
CIC                       Critical Infrastructure Council (Saudi Arabia)
CII                        Critical Information Infrastructures (Austria)
CII                        Kritische Informationsinfrastrukturen (Austria)
CIIP                      Critical Information Infrastructure Protection
CII-SA                  Critical Infocomm Infrastructure Security Assessment (Singapore)
CIO                       Chief Information Officer
CIP                       Critical Infrastructure Protection
CIPMA                 Critical Infrastructure Protection Modelling and Analysis (Australia)
CIRCL                  The Computer Incident Response Center Luxembourg
CIRT                    Computer Incident Response Team
CIS                       Center for Internet Security
CISA                    Civilian Intelligence Service (Switzerland)
CISA                    Cybersecurity and Infrastructure Security Agency (US)
CiSP                     Cyber-security Information Sharing Partnership (UK)
CISR                     Comitato interministeriale per la sicurezza della Repubblica (Italy)
CloudAuthZ        Cloud Authorization (OASIS)
CMK                    Certified Migration Key (TCG)
CMRS                  Comité Ministériel du Renseignement et de la Sécurité (Belgium)
CN                        subcommittee on Core Network (3GPP)
CNAIPIC             Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastructure Critiche (Italy)
CNC                     National Cyber Security Council (Spain)
CNCERT/CC       National Computer Network Emergency Response Technical Team/Coordination Center (China)
CND                     Computer Network Defence (Italy)
CNDP                   National Commission for Data Protection (Morocco)
CNE                     Computer Network Exploitation (Italy)
CNI                       National Intelligence Centre (Spain)
CNIP                    Critical National Infrastructure Protection Program (Jordan)
CNO                     Computer Network Operations (Italy)
CNO                     Computer Network Operations (Switzerland)
CNPIC                  National Centre for Critical Infrastructure Protection (Spain)
CNSS                   Committee on National Security Systems (USA)
COMCYBER      Commandement de cyberdéfense (France)
CONNECT          Directorate on Communications Networks, Content and Technology (EC)
COSC                   Consiliul Operativ de Securitate Cibernetica (Romania)
CPB                      Constitution Protection Bureau (Latvia)
CPE                      Common Platform Enumeration
CNPD                   Commission Nationale pour la Protection des Données (Luxembourg)
CPNI                    Centre for the Protection of National Infrastructure (UK)
CPS                      Cyber Physical System (Italy)
CPVP                   Commission de la Protection de la Vie Privée (Belgium)
CRP                      Cyberprzestrzen Rzeczypospolitej Polskiej (Poland)
CRTM                  Core Root of Trust for Measurement (TCG)
CSA                      Cloud Security Association
CSAF                   Common Security Advisory Framework (OASIS)
CSBM                  Confidence and Security Building Measures (Italy)
CSBN                   Cyber Security Beeld Nederland (Netherlands)
CSC                      Council on Cyber Security (now the Centre for Internet Security)
CSCG                   Cyber Security Coordination Group
CSCP                    Cyber Security Cooperation Program (Canada)
CSEC                   Communications Security Establishment Canada (Canada)
CSIAC                  Cyber Security and Information Systems Information Analysis Center (USA)
CSIRT                  Computer Security Incident Response Team (South Africa)
CSIRT.SK            National centre for computer security incidents.Slovakia (Slovakia)
CSIS                     Canadian Security Intelligence Service (Canada)
CSN                      National Security Council (Spain)
CSO                      Armed Forces Command Support Organisation (Switzerland)
CSOC                   Cyber Security Operations Centre (Australia)
CSOC                   National Cyberspace Security Operations Centre (Jordan)
CSOC                   National Cyber Security Operations Centre (Netherlands)
CSPC                    Cyber Security Policy and Coordination Committee (Australia)
CSSC                    Control System Security Centre (Japan)
CSSF                    Commission de Surveillance du Secteur Financier (Luxembourg)
CTI                       Cyber Threat Intelligence (OASIS)
CTWIN                Critical Infrastructure Warning Information Network (Lithuania)
CVE                     Common Vulnerabilities and Exposures
CVE-ID                CVE Identifier
CVRF                   Common Vulnerability Reporting Format
CVSS                   Common Vulnerability Scoring System
CWC                    Cyber Watch Centre (Singapore)
CWE                    Common Weakness Enumeration
CWRAF               Common Weakness Risk Analysis Framework
CWSS                  Common Weakness Scoring System
CYBER                Cybersecurity Technical Committee (ETSI)
CYBEX                Cybersecurity Information Exchange (ITU-T)
CybOX                Cyber Observable Expression
CYCO                  Cybercrime Coordination unit Switzerland (Switzerland)
CYIQL                 Cybersecurity Information Query Language
DAA                     Direct Anonymous Attestation (TCG)
DCE                     Dynamic root of trust for measurement Configuration Environment (TCG)
DCEC                   Defence Cyber Expertise Centre (Netherlands)
D-CRTM             Dynamic Core Root of Trust for Measurement (TCG)
DDoS                   Distributed Denial of Service
DDPS                   Federal Department of Defence, civil Protection and Sport (Switzerland)
DeitY                   Department of electronics & information technology (India)
DETEC                Federal Department of Environment, Transport, Energy and Communications (Switzerland)
DF                        Digital Forensics (Italy)
DGCC                  Direction Générale Centre de Crise (Belgium)
DGSE                   Direction Générale de la Sécurité Extérieure (France)
DHS                     Department of Homeland Security (USA)
DIGIT                   Directorate on Informatics (EC)
DIN                      Deutsches Institut für Normung
DISS                     Defence Intelligence and Security Service (Latvia)
DISS                     Defence Intelligence and Security Service (Netherlands)
DL                        Dynamic Launch (TCG)
DLME                  Dynamically Launched Measured Environment (TCG)
DNS                     Domain Name System
DoC                      Department of Communications (South Africa)
DOD                     Department Of Defence (Australia)
DoD&MV           Department of Defence and Military Veterans (South Africa)
DOJ&CD             Department Of Justice and Constitutional Development (South Africa)
DoS                      Denial of Service
dots                      DDoS open threat signaling (IETF)
DRDC                  Defence Research and Development Canada (DRDC)
DRSD                   Direction du Renseignement et de la Sécurité de la Défense (France)
D-RTM                Dynamic Root of Trust Measurement (TCG)
DSD                     [See ASD] (Australia)
DSG                     Federal Act on Data Protection (Switzerland)
DSI                       Data State Inspectorate (Latvia)
DSN                     National Security Department (Spain)
DSS-X                  Digital Signature Services eXtended (OASIS)
DST                      Department of Science and Technology (South Africa)
E2NA                   End-to-End Network Architectures (ETSI)
EAP                      Extensible Authentication Protocol
EAPC                   Euro-Atlantic Partnership Council (Switzerland)
EBIOS                  Expression of Needs and Identification of Security Objectives
EC                        European Commission
ECI                       European Critical Infrastructure
EI-ISAC               Elections Infrastructure Information Sharing and Analysis Center
ECRG                   Electronic Communications Reference Group (EC)
EMAD                 Chiefs of the Defence Staff (Spain)
ENFSI                  European Network of Forensic Institutes
ENISA                  European Network and Information Security Agency
EOC                     Electronic Operations Centre (Switzerland)
EPCIP                   European Programme for Critical Infrastructure Protection
ESA                      European Space Agency (Belgium)
ESI                        Electronic Signatures and Infrastructures (ETSI)
ESPCERTDEF    Computer Emergency Response Team in the field of the Ministry of Defence (Spain)
ESRIM                 European Security Research & Innovation forum
ETI                       Encrypted Traffic Inspection working group (IEEE)
ETSI                     European Telecommunication Standards Institute
EU                        European Union
EU CSS                EU CyberSecurity Strategy (EU)
Europol               European Police Office
EVCERT              Extended Validation Certificate
FASG                   GSM Association Fraud and Security Working Group
FCC                      Federal Communications Commission (USA)
FCCU                   Federal Computer Crime Unit (Belgium)
FCMC                  Financial and Capital Market Commission (Latvia)
FCP                      Federal Criminal Police (Switzerland)
FDEA                   Federal Department of Economic Affairs (Switzerland)
FDF                      Federal Department of Finance (Switzerland)
FDJP                    Federal Department of Justice and Police (Switzerland)
FDPIC                  Federal Data Protection and Information Commissioner (Switzerland)
Fedict                   FOD voor informatie-en communicatietechnologie (Belgium)
Fedoct                  SPF Technologie de l'Information et de la Communication (Belgium)
fedpol                  federal office of police (Switzerland)
FIA                       Federal Investigation Agency (Pakistan)
FIC                       Forum International de la Cybersécurité (Europe)
FICORA               Finnish COmmunications Regulatory Authority (Finland)
FIDO                    Fast IDentity Online
FIPS                      Federal Information Processing Standards (USA)
FIRST                   Forum of Incident Response and Security Teams
FIS                        Federal Intelligence Service (Switzerland)
FISMA                 Federal Information Security Management Act (USA)
FITO                     Federal IT Ordinance (Switzerland)
FITSU                  Federal IT Steering Unit (Switzerland)
FOCA                   Federal Office of Civil Aviation (Switzerland)
FOCP                   Federal Office for Civil Protection (Switzerland)
FOD                     Federal OverheiDsdienst (Belgium)
FOITT                  Federal Office of Information Technology, systems and Telecommunication (Switzerland)
FONES                 Federal Office for National Economic Supply (Switzerland)
FS-ISAC              Financial Services Information Sharing and Analysis Centre
GFCE                   Global Forum on Cyber Expertise
GCHQ                  Government Communications HeadQuarters (UK)
GISS                     General Intelligence and Security Service (Netherlands)
GovCERT            CERT gouvernemental du Grand-Duché de Luxembourg
GovCERT            Governmental Computer Emergency Response Team (Austria)
GovCERT            Staatliches Computer Emergency Response Team (Austria)
GovCERT            Government Computer Emergency Response Team (Switzerland)
GovCERT.au      Australian Government's Computer Emergency Readiness Team (Australia)
GROW                 Directorate on Internal Market, Industry, Entrepreneurship and SMEs (EC)
GSA                     Government Services Administration (USA)
GSMA                  GSM Association
GSS                      Government Security Secretariat (UK)
H2020                  Horizon 2020
HCPN                   Haut-Commissariat à la Protection Nationale (Luxembourg)
Healthnet CSIRT Healthsector CERT (Luxembourg)
HOME                 Directorate on Migration and Home Affairs (EC)
HR                        Directorate on Human Resources and Security (EC)
i2nsf                     interface to network security functions (IETF)
IA                         Information Assurance
IAAGs                  Infrastructure Assurance Advisory Groups (Australia)
IAB                       Internet Architecture Board
IAD                      Information Assurance Directorate (USA)
IANA                   Internet Assigned Numbers Authority
IBPT                     Institut Belge des services Postaux et des Télécommunications (Belgium)
ICANN                 Internet Corporation for Assigned Names and Numbers
ICASA                 Independent Communications Authority of SA (South Africa)
ICASI                   Industry Consortium for Advancement of Security on the Internet
ICE                       Infrastructure Critiche Europe (Italy)
ICE                       European Critical Infrastructure
INCIBE                Spanish National Cybersecurity Institute (Spain)
ICPO                    International Criminal Police Organization (Japan)
ICSG                    Industry Connections Security Group (IEEE)
ICT                       Information and Communication Technology
IDA                      Infocomm Development Authority of Singapore (Singapore)
IE                          Internet Explorer
IEEE                     Institute for Electrical and Electronic Engineers
IETF                     Internet Engineering Task Force
IGF-Bpf               Internet Governance Forum Best Practice Forum on Cybersecurity
ILNAS                  Institut Luxembourgeois de la Normalisation, de l'Accréditation, de la Sécurité et qualité des produits et services
ILP                        Initiating Logical Processor (TCG)
ILR                       Institut Luxembourgeois de Régulation
IMEI                     International Mobile station Equipment Identity
IMS                      IP Multimedia Subsystem (3GPP)
INRIA                  Institut national de recherche en sciences et technologies du numérique (France)
IODEF                  Incident Object Description Exchange Format
IP                          Internet Protocol
IPC                       International Police Cooperation (Switzerland)
ipsecme               IP security maintenance and extensions working group (IETF)
IRAP                    Information security Registered Assessors Program (Australia)
IRTF                     Internet Research Task Force
ISA                       Internal Security Agency (Poland)
ISA                       Federal Act on Measures to Safeguard Internal Security (Switzerland)
ISA                       Intelligence Service Act (Switzerland)
ISF                        Information Security Forum
ISFP                      Information Security and Facility Protection (Switzerland)
ISM                      Australian government Information and communications technology Security Manual (Australia)
ISMP                    Infocomm Security Master Plan (Singapore)
ISO                       International Organization for Standardization
IT                          Infrastrutture Critiche (Italy)
IT                          Information Technology
ITIDA                   Information Technology Industry Development Agency (Egypt)
ITU                       International Telecommunication Union
ITU-T                   International Telecommunication Union - Telecommunication Standardization sector
IWWN                 International Watch and Warning Network (Australia)
IXP                       Internet eXchange Point
J-CAT                  Cybercrime Action Task Force (Europol)
JASPER               Japan-ASEAN Security PartnERship (Japan)
JCPS                     Justice, Crime Prevention and Security cluster (South Africa)
JOA                      Joint Operating Arrangements of DSD, AFP and ASIO (Australia)
JOCERT              National Computer Emergency Response Team (Jordan)
JP CERT              Japan CERT (Japan)
JRC                      Directorate on Joint Research Centre (EC)
JSON                    JavaScript Object Notation
JUST                    Directorate on Justice and Consumers (EC)
JVN                      Japan Vulnerability Notes (Japan)
KCC                     Korea Communications Commission (Korea)
KIS                       Koordineringsutvalget for forebyggende Informasjonssikkerhet (Norway)
KITS                     Koordinierungsstelle IT-Sicherheit
kitten                   common authentication technology next generation working group (IETF)
KMIP                   Key Management Interoperability Protocol (OASIS)
KMU                    Kleine und Mittlere Unternehmen (Austria)
KRITIS                 Kritische Infrastrukturen (Germany)
KSZ                      Kruispuntbank van de Sociale Zekerheid (Belgium)
LECC                   Law Enforcement/CSIRT Cooperation (FIRST)
LI                          Lawful Interception
LIBGUIDE          reference library on cybersecurity (NATO)
lisp                       locator/ID separation protocol (IETF)
LÜKEX                Länderübergreifende Krisenmanagement Exercise (Germany)
MACCSA            Multinational Alliance for Collaborative Cyber Situational Awareness
MA-CERT           Morocco CERT (Morocco)
MCCD                 Joint Cyber Command (Spain)
MAEC                  Malware Attribute Enumeration and Characterization
MCI                      Ministry of Communications and Information (Singapore)
MCIT                   Ministry of Communications and Information Technology (Egypt)
MCIT                   Ministry of Communications and Information Technology (Saudi Arabia)
MCIV                   Ministerieel Comité voor Inlichting en Veiligheid (Belgium)
MD                       Ministry of Defence (Montenegro)
MELANI              Melde- und Analysestelle Informationssicherung (Switzerland)
MHA                    Ministry of Home Affairs (Singapore)
MI                         Ministry of the Interior (Montenegro)
MIIT                     Ministry of Industry and Information Technology (China)
MilCERT             Military Computer Emergency Response Team (Austria)
MilCERT             Militärisches Computer Emergency Response Team (Austria)
milCERT             Military Computer Emergency Response Team (Switzerland)
mile                      Managed incident lightweight exchange working group (IETF)
MINDEF              MINistry of DEFence (Singapore)
MIS                      Military Intelligence Service (Switzerland)
MISP                    Malware Information Sharing Platform & Threat Sharing (Luxembourg)
MIST                    Ministry for Information Society and Telecommunications (Montenegro)
MMDEF              Malware Metadata Exchange Format Working Group (IEEE)
MNiSW               Ministry of Science and Higher Education (Poland)
MNiSW               Ministerstwo Nauki i Szkolnictwa Wyzszego (Poland)
MOD                    Ministry Of Defence (Latvia)
MoE                     Ministry of Economics (Latvia)
MoEPRD             Ministry of Environmental Protection and Regional Development (Latvia)
MoES                   Ministry of Education and Science (Latvia)
MOF                     Ministry Of Finance (Singapore)
MoFA                  Ministry of Foreign Affairs (Latvia)
MoI                      Ministry of the Interior (Latvia)
MoJ                      Ministry of Justice (Latvia)
MOPAS               Ministry Of Public Administration and Security (Korea)
MoT                     Ministry of Transport (Latvia)
Mow                     Ministry of welfare (Latvia)
MP                        Member of Parliament
MS-ISAC             Multi-State Information Sharing and Analysis Center
MTS                     Methods for Testing and Specification (ETSI)
NAF                     National Armed Forces (Latvia)
NASK                  Research and Academic Computer Network (Poland)
NASK                  Naukowej i Akademickiej Sieci Komputerowej (Poland)
NATO                  North Atlantic Treaty Organization
NAVONVO         Nord-Atlantische Verdragsorganisatie (Belgium)
NBU                     Národný Bezpecnostný Úrad (Slovakia)
NCAC                  National Cybersecurity Advisory Council (South Africa)
NCCC                  National Cyber Coordination Centre (India)
NCCoE                National Cybersecurity Centre of Excellence (USA)
NCDC                  National Centre for Digital Certification (Saudi Arabia)
NCIA                    National Computing and Information Agency (Korea)
NCIIPC                National Critical Information Infrastructure Protection Centre (India)
NCP                      National Checklist Program
NCPF                   National Cybersecurity Policy Framework (South Africa)
NCSC                   National Cyber Security Centre (Korea)
NCSC                   National Cyber Security Centre (Lithuania)
NCSC                   Nationaal Cyber Security Centrum (Netherlands)
NCSC                   National Cyber Security Centre (New Zealand)
NCSC                   National Cyber Security Coordinating Centre (South Africa)
NCSC                   National Cyber Security Centre (U.K.)
NCSP                   National Cyber Security Programme (UK)
NCSRA                Nationale Cyber Security Research Agenda (Netherlands)
NCSS                   National Cybersecurity Strategie (Netherlands)
NCSS                   National Cyber Security Strategies
NCIRC                 NATO Communications and Information Agency
NEC                     National Encryption Centre (Jordan)
NEOC                  National Emergency Operations Centre (Switzerland)
NERC                   North American Electric Reliability Corporation
NES                      National Economic Supply (Switzerland)
NESAG                Network Equipment Security Assurance Group (3GPP)
NetSafe                Safer Internet Centre of Latvia Net-Safe Latvia (Latvia)
NFSA                   National Forensic Science Agency (Pakistan)
NFV                     Network Functions Virtualisation (ETSI)
NIACSA              National Information Assurance and Security Agency (Jordan)
NIACSS               National Information Assurance and Cyber Security Strategy (Jordan)
NICI                     National Information Security Authority (Slovakia)
NICT                    National institute of Information and Communications Technology (Japan)
NIS                       Network and Information Security (EU)
NIS                       National Intelligence Service (Korea)
NISC                    National Information Security Centre (Japan)
NISC                    National Infocomm Security Committee (Singapore)
NISE                     National Information Security Environment (Saudi Arabia)
NISE                     NISE Instructions (Saudi Arabia)
NISED                  NISE Directives (Saudi Arabia)
NISEMs               NISE Manuals (Saudi Arabia)
NISS                     National Information Security Strategy (Saudi Arabia)
NIST                     National Institute of Standards and Technology (USA)
NITC                    National Information Technology Centre (Jordan)
NorCERT            Norway CERT (Norway)
NorSIS                 Norsk senter for informasjonssikring (Norway)
NPA                     National Prosecuting Authority (South Africa)
NPSI                     Nationaler Plan zum Schutz der Informationsinfrastrukturen (Germany)
NRAF                   National IS Risk Assessment Function (Saudi Arabia)
NRF                      National Research Foundation (Singapore)
NSA                     National Security Authority (Czech)
NSA                     National Security Authority (Hungary)
NSA                     National Security Agency (Montenegro)
NSA                     National Security Authority (Slovakia)
NSA                     National Security Agency (USA)
NSC-CSC            National Security Council Cyber Security Committee (Spain)
NSCS                   National Security Coordination Secretariat (Singapore)
NSIS                     National Strategy for Information Security in the Slovak Republic (Slovakia)
NSM                     Nasjonal SikkerhetsMyndighet (Norway)
NSS                      National Security Strategy (Jordan)
NSSIS                   National Security Science and Innovation Strategy (Australia)
NTECH                Network Technologies (ETSI)
NTRA                  National Telecommunication Regulatory Authority (Egypt)
NV (Storage)      Non-Volatile (shielded location) (TCG)
NVD                     National Vulnerability Database (USA)
nvo3                     network virtualization overlays working group (IETF)
NZ-CERT            New Zealand Computer Emergency Response Team (New Zealand)
NZSIS                  New Zealand Security Intelligence Service (New Zealand)
OAG                     Office of the Attorney General (Switzerland)
OASIS                  Organization for the Advancement of Structured Information Standards
oauth                    web authorization protocol working group (IETF)
OCAD                  Coördinatieorgaan voor dreigingsanalyse (Belgium)
OCAM                 Organe de Coordination pour l'Analyse de la Menace (Belgium)
OCC                     Cybernetics Coordination Office (Spain)
OCP                      Operator Cyber security Plan
OCSIA                 Office of Cyber Security & Information Assurance (UK)
OFCOM               Federal Office of COMmunications (Switzerland)
OGCIO                 Office of the Government Chief Information Office (UK)
OIV                      Opérateur d'Importance Vitale (France)
OMB                    Office of Management and Budget (USA)
OMG                    Object Management Group
OpenC2               Open Command and Control (OASIS)
opsec                   operational security capabilities for IP network infrastructure working group (IETF)
OS                        Operating System
OSCE                   Organization for Security and Co-operation in Europe
ÖSCS                   Österreichische Strategie für Cyber Sicherheit (Austria)
ÖSS                      Österreichischen SicherheitsStrategie (Austria)
OSZE                   Organisation für Sicherheit und Zusammenarbeit in Europa (Germany)
OTAN                  Organisation du Traité de l'Atlantique Nord (Belgium)
OTS                      Ordinance on Telecommunication Services (Switzerland)
OVAL                  Open Vulnerability and Assessment Language
PBC                      pelnomocnika ds. bezpieczenstwa cyberprzestrzeni (Poland)
PC                         Personal Computer
PCA                      Privacy CA (TCG)
PCR                      Platform Configuration Register (TCG)
PCS                      Plenipotentiary for Cyberspace Security (Poland)
PDCA                   Plan-Do-Check-Act (Germany)
PHAROS             Platform for Harmonization, Analysis, Cross-check and Orientation of Reportings (France)
PISA                     Pakistan Information Security Association (Pakistan)
PKCS                   Public-Key Cryptography Standards
PKI                       Public Key Infrastructure
PMRM                 Privacy Management Reference Model (OASIS)
PPP                       Public Private Partnership (Austria)
PRACTICE          Proactive Response Against Cyber-attacks (Japan)
PrivEK                 Private Endorsement Key (TCG)
PSN                      Public Sector Network
PTA                      Police Tasks Act (Switzerland)
PubEK                 Public Endorsement Key (TCG)
RAN                     subcommittee on Radio Access Network (3GPP)
RCMP                  Royal Canadian Mounted Police (Canada)
Restena CSIRT   Research and education CERT (Luxembourg)
RGISSP                Research Group Information Society and Security Policy (Switzerland)
RGS                      Référentiel Général de Sécurité (France)
RID                       Real-time Inter-network Defense
RoT                      Root of Trust (component) (TCG)
RTD                     Directorate on Research and Innovation (EC)
RTM                     Root of Trust for Measurement (TCG)
RTR                      Root of Trust for Reporting (TCG)
RTS                      Root of Trust for Storage (TCG)
SA CISRS            Saudi Arabian Critical Security and Resilience Strategy (Saudi Arabia)
SA2                      Subcommittee on Architecture (3GPP)
SA3                      Subcommittee on Security (3GPP)
SA5                      Subcommittee on Telecom Management (3GPP)
sacm                     security automation and continuous monitoring working group (IETF)
SAGE                   Security Algorithms Group of Experts (ETSI)
SAI                       Securing Artificial Intelligence (ETSI)
SAML                  Security Services (OASIS)
SAMRISK           Samfunnssikkerhet og risiko (Norway)
SANS                   SysAdmin, Audit, Networking, and Security
SAPS                    South African Police Service (South Africa)
SAS                      Security Assurance Specification (3GPP)
SC27                    ISO/IEC JTC1 Committee on Security techniques
SC6                      ISO/IEC JTC1 Committee on Telecommunications and information exchange between systems
SC7                      ISO/IEC JTC1 Committee on Software and systems engineering
SCADA                Supervisory Control And Data Acquisition (Belgium)
SCAP                   Security Content Automation Protocol
SCP                      Smart Card Platform
SIG                       Special Interest Group
SE                         Secure Element
SECAM               Study on Security Assurance Methodology (3GPP)
SeP                       Security Police (Latvia)
SERI                     Senter for rettsinformatikk (Norway)
SES                       Secretariat of State for Security
SESIAD               Secretariat of State for the Information Society and the Digital Agenda (Spain)
SFOE                    Swiss Federal Office of Energy (Switzerland)
SG 2                     Study Group on Operational aspects (ITU-T)
SG11                    Study Group on Protocols and test specifications (ITU-T)
SG13                    Study Group on Future networks (ITU-T)
SG17                    Study Group on Security (ITU-T)
SGDSN                Secrétariat Général de la Défense et de la Sécurité Nationale (France)
SGRS                   Service Général du Renseignement et de la Sécurité (Belgium)
sidr                       secure inter-domain routing working group (IETF)
SIEM                    Security Information and Event Management
SIGINT-CYBER Joint General Intelligence and Security Service Unit (Netherlands)
SIIO                      State Internet Information Office (China)
SIM                      Subscriber Identity Module, including USIM and ISIM (ETSI, 3GPP)
SIS                        State Information Systems (Latvia)
SKKM                  Staatliches Krisen- und KatastrophenschutzManagement (Austria)
SLT                      Samordning av Lokale kriminalitetsforebyggende Tiltak (Norway)
SN                        Standard Norge (Norway)
SNSC                   Sistemul |National de Securitate Cibernetica (Romania)
SOC                      Security Operations Centre
SOME                  Cyber Incident Response Team (Turkey)
SOME                  Siber Olaylara Mildahale Ekipleri (Turkey)
SONIA                 Special Task Force on Information Assurance (Switzerland)
SOSMT                Slovak Standards Institute (Slovakia)
SP                         State Police (Latvia)
SPF                       Service Public Fédéral (Belgium)
SPIK                     Swiss Police IT Congress (Switzerland)
SPOC                   Single Point of Contact
SPTA                    Surveillance of Postal and Telecommunications traffic Act (Switzerland)
SRDA                   State Regional Development Agency (Latvia)
SRK                      Storage Root Key (TCG)
SSA                      State Security Agency (South Africa)
SSP                       Smart Secure Platform
stir                        secure telephone identity revisited working group (IETF)
STIX                     Structured Threat Information eXpression
TAC                     Threat Analysis Centre (Singapore)
TAXII                   Trusted Automated eXchange of Indicator Information
TBB                      Trusted Building Block (TCG)
TC                        Technical Committee
TCG                     Trusted Computing Group
TCP                      Transmission Control Protocol
tcpinc                   TCP increased security working group (IETF)
TEE                      Trusted Execution Environment
TISN                     Trusted Information Sharing Network for critical infrastructure protection (Australia)
TLP                      Traffic Light Protocol
TLS                      Transport Layer Security
tls                         transport layer security working group (IETF)
TMI                      Trusted Multi-tenant Infrastructure (TCG)
TNC                     Trusted Network Connect (TCG)
TPM                     Trusted Platform Module (TCG)
TPS                       Trusted Platform Support services (TCG)
trans                     public notary transparency (IETF)
Trust Elevation   electronic identity credential trust elevation methods (OASIS)
TSS                       TPM Software Stack -or- TCG Software Stack (TCG)
TSUBAME          International network traffic monitoring project (Japan)
TT CSIRT            Trinidad and Tobago CSIRT (Trinidad & Tobago)
TTA                      Telecommunications Technology Association (Korea)
TTC                      Telecommunication Technology Committee (Korea)
TTCSA                 Trinidad and Tobago Cyber Security Agency (Trinidad & Tobago)
TUVE                   turvallisuusverkkohanke (Finland)
UKE                     Office of Electronic Communications (Poland)
UKE                     Urzedem Komunikacji Elektronicznej (Poland)
UNSW                 University of New South Wales
UP KRITIS          Umsetzungsplan KRITIS (Germany)
URI                       Uniform Resource Identifier
USOM                  National Centre for Cyber Incident Response (Turkey)
USOM                  Ulusal Siber Olaylara Mildahale Merkezi (Turkey)
uta                        using TLS in applications (IETF)
UTM                    Unified Threat Management (Italy)
UVTA                  Ulko- ja turvallisuuspoliittinen ministerivaliokunta (Finland)
VAHTI                 Valtionhallinnon tietoturvallisuuden johtoryhmä (Finland)
VDRX                  Vulnerability Reporting and Data eXchange SIG (FIRST)
VDSG                  Ordinance to the Federal Act on Data Protection (Switzerland)
VSSE                    Veiligheid van de Staat, Sûreté de l'Etat (Belgium)
W3C                     World Wide Web Consortium
websec                 web security working group (IETF)
wpkops                web PKI OPS working group (IETF)
WS-SX                 Web Services Secure eXchange (OASIS)
XCCDF                eXtensible Configuration Checklist Description Format
XDI                      XRI Data Interchange (OASIS)
XML                    eXtensible Markup Language
XSPA                   Cross-Enterprise Security and Privacy Authorization (OASIS)
YTS                      Yhteiskunnan turvallisuusstrategiassa (Finland)
ZNIIS                   Центральный научно-исследовательский институт связи (Russia)

Revision as of 12:33, 5 June 2020

Welcome to TC CYBER Wiki

The TC CYBER Wiki contains public information related to the Technical Committee work.

Global Cyber Security Ecosystem

The Global Cyber Security Ecosystem page provides a structured overview of cyber security work occurring in multiple other technical forums worldwide. The overview includes global identification of Cyber Security Centres of Excellence, heritage sites, historical collections, and reference libraries. It is intended to be continuously updated to account for the dynamics of the sector.

TC CYBER Roadmap

TC CYBER work is split across 9 key areas: understanding the cybersecurity ecosystem, IoT security and privacy, cybersecurity for critical national infrastructures, protection of personal data and communication, enterprise and individual cybersecurity, cybersecurity tools, support to EU legislation, forensics, and quantum-safe cryptography. You can find out more about each area on the Roadmap page.

3. Definition of terms, symbols and abbreviations

3.1       Terms

For the purposes of the present document, the following terms apply:

centre of excellence: educational or research & development organization recognized as a leader in accomplishing its cyber security mission

cyber environment: users, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks [i.1]

cyber security (or cybersecurity): collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user's assets

NOTE:      Organization and user's assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user's assets against relevant security risks in the cyber environment. The general security objectives comprise the following:

§  Availability.

§  Integrity, which may include authenticity and non-repudiation.

§  Confidentiality [i.1].

cybersecurity: preservation of confidentiality, integrity and availability of information in the Cyberspace [i.2]

cyberspace: complex environment resulting from the interaction of people, software and services on the Internet by means of technology devices and networks connected to it, which does not exist in any physical form [i.2]

heritage site: place (such as a building or complex) that is listed by a recognized accrediting body as a place where significant cyber security innovations occurred

historical collection: place, both real and virtual, dedicated to the structured gathering and availability of cyber security materials of historical significance; frequently denominated as a museum

information exchange mechanism: real or virtual activity established for providing continuing structured exchange of cyber security information content

reference library: collection of available published material useful for consultation for cyber security purposes

NOTE:      The present document also includes significant dedicated publications in this category.

techniques, technical standards and operational practices forum: any continuing body established for the purposes of reaching agreement on techniques, technical standards or operational practices for enhancing cyber security

3.3. Abbreviations

For the purposes of the present document, the following abbreviations apply:

NOTE:      Not all abbreviations are used in the present document. Some are included purposely to provide a unique global reference set of cyber security abbreviations.

3GPP                    3rd Generation Partnership Project

A*STAR              Agency for Science, Technology and Research (Singapore)

ABW                    Agencja Bezpieczenstwa Wewnetrznego (Poland)

AC                        Authentication Code (TCG)

ACDC                  Advanced Cyber Defence Centre

ACE-CSR            Academic Centres of Excellence in Cyber Security Research (UK)

ACI                       Austrian Critical Infrastructure (Austria)

ACI                       Österreichische kritische Infrastruktur (Austria)

ACMA                 Australian Communications and Media Authority (Australia)

ACSS                   Austrian Cyber Security Strategy (Austria)

ADCC                  Algemene Directie Crisiscentrum (Belgium)

ADIV                   Algemene Dienst Inlichting en Veiligheid (Belgium)

AEPD                   Spanish Data Protection Agency (Spain)

AFNOR                Association Française de Normalisation (France)

AFP                      Australian Federal Police (Australia)

AGCOM              Autorità per le Garanzie nelle Comunicazioni (Italy)

AGIMO                Australian Government Information Management Office (Australia)

AIK                      Attestation Identity Key (TCG)

AIOTI                   Alliance of IoT Innovation

AISI                      Australian Internet Security Initiative (Australia)

AMSS                  Anti-Malware Support Services Working Group (IEEE)

ANS                     Autorité Nationale de Sécurité (Belgium)

ANSAC                ASEAN Network Security Action Council

ANSES                 Ambient Network Secure Eco System (Singapore)

ANSSI                  Agence Nationale de la Sécurité des Systèmes d'Information (France)

ANSSI                  Agence Nationale de la Sécurité des Systèmes d'Information (Luxembourg)

APCERT              Asia Pacific Computer Emergency Response Team (Japan)

APCIP                  Austrian Programme for Critical Infrastructure Protection (Austria)

APCIP                  Österreichisches Programm zum Schutz kritischer Infrastruktur (Austria)

APT                      Advanced Persistent Threat

ARCSI                  Association des Réservistes du Chiffre et de la Sécurité de l'Information (France)

ARF                      Assessment Results Format or Asset Reporting Format

ARIB                    Association of Radio Industries and Businesses (Japan)

ASD                     Australian Signals Directorate (Australia)

ASEAN CERT    Association of Southeast Asian Nations CERT

ASIO                    Australian Security Intelligence Organisation (Australia)

A-SIT                   Secure Information Technology Centre - Austria (Austria)

A-SIT                   Zentrum für sichere Informationstechnologie - Austria (Austria)

ASS                      Austrian Security Strategy (Austria)

ATIS                     Alliance for Telecommunications Industry Solutions

ATT&CK™        Adversarial Tactics Techniques and Common Knowledge (MITRE)

BBK                     Bundesamt für Bevölkerungsschutz und Katastrophenhilfe (Germany)

BBK                     Biuro Badan Kryminalistycznych (Poland)

BCM                    Business Continuity Management (Germany)

BCSS                    Banque Carrefour de la Sécurité Sociale (Belgium)

Belac                    Organisme belge d'accréditation (Belgium)

Belac                    Belgische accredidatie-instelling (Belgium)

Belnet                  Belgian national research network (Belgium)

BelNIS                 Belgian Network Information Security (Belgium)

BEREC                Euroopan sähköisen viestinnän sääntelyviranomaisten yhteistyöelin (Finland)

BEREC                Body of European Regulators for Electronic Communications (Norway)

BfV                      Bundesamt für Verfassungsschutz (Germany)

BLOB                   Binary Large OBject (TCG)

BIPT                     Belgisch Instituut voor Postdiensten en Telecommunicatie (Belgium)

BIS                       Department for Business, Innovation and Skills (UK)

BMI                      Bundesministerium des Innern (Germany)

BORE                   Break Once Run Everywhere (TCG)

BSI                       Bundesamt für Sicherheit in der Informationstechnik (Germany)

BSI                       British Standards Institute (UK)

BYOD                  Bring Your Own Device

C3                         Computer Competence Certificate (Egypt)

C3                         Cybersecurity Competence Center (Luxembourg)

CA                        Certification Authority

CA/B                    Certificate of Authority/Browser Forum

CACAO               Collaborative Automated Course of Action Operations (OASIS)

CAE                     Centers of Academic Excellence (UK)

CAK                     Communications Authority of Kenya (Kenya)

CAN                     Computer Network Attack (Italy)

CAPEC                Common Attack Pattern Enumeration and Classification

CASES                 Cyberworld Awareness and Security Enhancement Services (Luxembourg)

CBM                    Confidence Building Measures

CBPL                   Commissie voor de Bescherming van de Persoonlijke Leverssfeer (Belgium)

CCC                     Chaos Computer Club

CCDB                  Common Criteria Development Board

CCDCOE             NATO Cooperation Cyber Defence Center of Excellence

CCE                      Common Configuration Enumeration

CCIP                     Centre for Critical for Infrastructure Protection (New Zealand)

CCIRC                 Canadian Cyber Incident Response Centre (Canada)

CCN                     National Cryptologic Centre (Spain)

CCN-CERT         Spanish Government National Cryptologic Center - CSIRT (Spain)

CCRA                  Common Criteria Recognition Agreement

CCSA                   China Communications Standards Association

CCSB                   Centre pour Cyber Securité Belgique (Belgium)

CCSB                   Centrum voor Cyber Security Belgie (Belgium)

CD                        Cyber Defense

CDT                     Centres for Doctoral Training (UK)

CDU                     Cyber Defence Unit of the National Armed Forces (Latvia)

CEEE                   Common Event Expression Exchange

CEN                     Comité Européen de Normalisation

CENELEC           European Committee for Electrotechnical Standardization

CEPOL                 European police college

CERT                   Computer Emergency Response Team (Belgium)

CERT Poland      (Poland)

CERT.at               Computer Emergency Response Team - Austria (Austria)

CERT.GOV.PL   Governmental Computer Security Incident Response Team (Poland)

CERT.GOV.PL   Rzadowego Zespolu Reagowania na Incydenty Komputerowe (Poland)

CERT.LU             Grouping of all Luxembourg CERTs

CERT.LY             Information Technology Security Incident Response Institution (Latvia)

CERT-AU            CERT Australia (Australia)

CERT-EU            CERT Europe

CERT-FR             CERT France

CERT-in              National Level Computer Emergency Response Team (India)

CERT-LT             National Electronic Communications Network and Information Security Incidents Investigation Service (Lithuania)

CERT-PA            Computer Emergency Response Team of the Public Administration (Italy)

CERT-PA            CERT - Pubblica Amministrazione (Italy)

CERT-SA            CERT Saudi Arabia (Saudi Arabia)

CERT-SI              Computer Emergency Response Team for Security and Industry (Spain)

CERT-SPC          CERT Sistema Pubblico de Connettività (Italy)

CERT-UK            CERT United Kingdom

CERT-US            CERT United States

CESG                   Communications-Electronics Security Group (UK) (now NCSC)

CFRG                   Crypto Forum Research Group

CHOD                  Chief of Defence (Netherlands)

CI                          Critical Infrastructure

CIC                       Critical Infrastructure Council (Saudi Arabia)

CII                        Critical Information Infrastructures (Austria)

CII                        Kritische Informationsinfrastrukturen (Austria)

CIIP                      Critical Information Infrastructure Protection

CII-SA                  Critical Infocomm Infrastructure Security Assessment (Singapore)

CIO                       Chief Information Officer

CIP                       Critical Infrastructure Protection

CIPMA                 Critical Infrastructure Protection Modelling and Analysis (Australia)

CIRCL                  The Computer Incident Response Center Luxembourg

CIRT                    Computer Incident Response Team

CIS                       Center for Internet Security

CISA                    Civilian Intelligence Service (Switzerland)

CISA                    Cybersecurity and Infrastructure Security Agency (US)

CiSP                     Cyber-security Information Sharing Partnership (UK)

CISR                     Comitato interministeriale per la sicurezza della Repubblica (Italy)

CloudAuthZ        Cloud Authorization (OASIS)

CMK                    Certified Migration Key (TCG)

CMRS                  Comité Ministériel du Renseignement et de la Sécurité (Belgium)

CN                        subcommittee on Core Network (3GPP)

CNAIPIC             Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastructure Critiche (Italy)

CNC                     National Cyber Security Council (Spain)

CNCERT/CC       National Computer Network Emergency Response Technical Team/Coordination Center (China)

CND                     Computer Network Defence (Italy)

CNDP                   National Commission for Data Protection (Morocco)

CNE                     Computer Network Exploitation (Italy)

CNI                       National Intelligence Centre (Spain)

CNIP                    Critical National Infrastructure Protection Program (Jordan)

CNO                     Computer Network Operations (Italy)

CNO                     Computer Network Operations (Switzerland)

CNPIC                  National Centre for Critical Infrastructure Protection (Spain)

CNSS                   Committee on National Security Systems (USA)

COMCYBER      Commandement de cyberdéfense (France)

CONNECT          Directorate on Communications Networks, Content and Technology (EC)

COSC                   Consiliul Operativ de Securitate Cibernetica (Romania)

CPB                      Constitution Protection Bureau (Latvia)

CPE                      Common Platform Enumeration

CNPD                   Commission Nationale pour la Protection des Données (Luxembourg)

CPNI                    Centre for the Protection of National Infrastructure (UK)

CPS                      Cyber Physical System (Italy)

CPVP                   Commission de la Protection de la Vie Privée (Belgium)

CRP                      Cyberprzestrzen Rzeczypospolitej Polskiej (Poland)

CRTM                  Core Root of Trust for Measurement (TCG)

CSA                      Cloud Security Association

CSAF                   Common Security Advisory Framework (OASIS)

CSBM                  Confidence and Security Building Measures (Italy)

CSBN                   Cyber Security Beeld Nederland (Netherlands)

CSC                      Council on Cyber Security (now the Centre for Internet Security)

CSCG                   Cyber Security Coordination Group

CSCP                    Cyber Security Cooperation Program (Canada)

CSEC                   Communications Security Establishment Canada (Canada)

CSIAC                  Cyber Security and Information Systems Information Analysis Center (USA)

CSIRT                  Computer Security Incident Response Team (South Africa)

CSIRT.SK            National centre for computer security incidents.Slovakia (Slovakia)

CSIS                     Canadian Security Intelligence Service (Canada)

CSN                      National Security Council (Spain)

CSO                      Armed Forces Command Support Organisation (Switzerland)

CSOC                   Cyber Security Operations Centre (Australia)

CSOC                   National Cyberspace Security Operations Centre (Jordan)

CSOC                   National Cyber Security Operations Centre (Netherlands)

CSPC                    Cyber Security Policy and Coordination Committee (Australia)

CSSC                    Control System Security Centre (Japan)

CSSF                    Commission de Surveillance du Secteur Financier (Luxembourg)

CTI                       Cyber Threat Intelligence (OASIS)

CTWIN                Critical Infrastructure Warning Information Network (Lithuania)

CVE                     Common Vulnerabilities and Exposures

CVE-ID                CVE Identifier

CVRF                   Common Vulnerability Reporting Format

CVSS                   Common Vulnerability Scoring System

CWC                    Cyber Watch Centre (Singapore)

CWE                    Common Weakness Enumeration

CWRAF               Common Weakness Risk Analysis Framework

CWSS                  Common Weakness Scoring System

CYBER                Cybersecurity Technical Committee (ETSI)

CYBEX                Cybersecurity Information Exchange (ITU-T)

CybOX                Cyber Observable Expression

CYCO                  Cybercrime Coordination unit Switzerland (Switzerland)

CYIQL                 Cybersecurity Information Query Language

DAA                     Direct Anonymous Attestation (TCG)

DCE                     Dynamic root of trust for measurement Configuration Environment (TCG)

DCEC                   Defence Cyber Expertise Centre (Netherlands)

D-CRTM             Dynamic Core Root of Trust for Measurement (TCG)

DDoS                   Distributed Denial of Service

DDPS                   Federal Department of Defence, civil Protection and Sport (Switzerland)

DeitY                   Department of electronics & information technology (India)

DETEC                Federal Department of Environment, Transport, Energy and Communications (Switzerland)

DF                        Digital Forensics (Italy)

DGCC                  Direction Générale Centre de Crise (Belgium)

DGSE                   Direction Générale de la Sécurité Extérieure (France)

DHS                     Department of Homeland Security (USA)

DIGIT                   Directorate on Informatics (EC)

DIN                      Deutsches Institut für Normung

DISS                     Defence Intelligence and Security Service (Latvia)

DISS                     Defence Intelligence and Security Service (Netherlands)

DL                        Dynamic Launch (TCG)

DLME                  Dynamically Launched Measured Environment (TCG)

DNS                     Domain Name System

DoC                      Department of Communications (South Africa)

DOD                     Department Of Defence (Australia)

DoD&MV           Department of Defence and Military Veterans (South Africa)

DOJ&CD             Department Of Justice and Constitutional Development (South Africa)

DoS                      Denial of Service

dots                      DDoS open threat signaling (IETF)

DRDC                  Defence Research and Development Canada (DRDC)

DRSD                   Direction du Renseignement et de la Sécurité de la Défense (France)

D-RTM                Dynamic Root of Trust Measurement (TCG)

DSD                     [See ASD] (Australia)

DSG                     Federal Act on Data Protection (Switzerland)

DSI                       Data State Inspectorate (Latvia)

DSN                     National Security Department (Spain)

DSS-X                  Digital Signature Services eXtended (OASIS)

DST                      Department of Science and Technology (South Africa)

E2NA                   End-to-End Network Architectures (ETSI)

EAP                      Extensible Authentication Protocol

EAPC                   Euro-Atlantic Partnership Council (Switzerland)

EBIOS                  Expression of Needs and Identification of Security Objectives

EC                        European Commission

ECI                       European Critical Infrastructure

EI-ISAC               Elections Infrastructure Information Sharing and Analysis Center

ECRG                   Electronic Communications Reference Group (EC)

EMAD                 Chiefs of the Defence Staff (Spain)

ENFSI                  European Network of Forensic Institutes

ENISA                  European Network and Information Security Agency

EOC                     Electronic Operations Centre (Switzerland)

EPCIP                   European Programme for Critical Infrastructure Protection

ESA                      European Space Agency (Belgium)

ESI                        Electronic Signatures and Infrastructures (ETSI)

ESPCERTDEF    Computer Emergency Response Team in the field of the Ministry of Defence (Spain)

ESRIM                 European Security Research & Innovation forum

ETI                       Encrypted Traffic Inspection working group (IEEE)

ETSI                     European Telecommunication Standards Institute

EU                        European Union

EU CSS                EU CyberSecurity Strategy (EU)

Europol               European Police Office

EVCERT              Extended Validation Certificate

FASG                   GSM Association Fraud and Security Working Group

FCC                      Federal Communications Commission (USA)

FCCU                   Federal Computer Crime Unit (Belgium)

FCMC                  Financial and Capital Market Commission (Latvia)

FCP                      Federal Criminal Police (Switzerland)

FDEA                   Federal Department of Economic Affairs (Switzerland)

FDF                      Federal Department of Finance (Switzerland)

FDJP                    Federal Department of Justice and Police (Switzerland)

FDPIC                  Federal Data Protection and Information Commissioner (Switzerland)

Fedict                   FOD voor informatie-en communicatietechnologie (Belgium)

Fedoct                  SPF Technologie de l'Information et de la Communication (Belgium)

fedpol                  federal office of police (Switzerland)

FIA                       Federal Investigation Agency (Pakistan)

FIC                       Forum International de la Cybersécurité (Europe)

FICORA               Finnish COmmunications Regulatory Authority (Finland)

FIDO                    Fast IDentity Online

FIPS                      Federal Information Processing Standards (USA)

FIRST                   Forum of Incident Response and Security Teams

FIS                        Federal Intelligence Service (Switzerland)

FISMA                 Federal Information Security Management Act (USA)

FITO                     Federal IT Ordinance (Switzerland)

FITSU                  Federal IT Steering Unit (Switzerland)

FOCA                   Federal Office of Civil Aviation (Switzerland)

FOCP                   Federal Office for Civil Protection (Switzerland)

FOD                     Federal OverheiDsdienst (Belgium)

FOITT                  Federal Office of Information Technology, systems and Telecommunication (Switzerland)

FONES                 Federal Office for National Economic Supply (Switzerland)

FS-ISAC              Financial Services Information Sharing and Analysis Centre

GFCE                   Global Forum on Cyber Expertise

GCHQ                  Government Communications HeadQuarters (UK)

GISS                     General Intelligence and Security Service (Netherlands)

GovCERT            CERT gouvernemental du Grand-Duché de Luxembourg

GovCERT            Governmental Computer Emergency Response Team (Austria)

GovCERT            Staatliches Computer Emergency Response Team (Austria)

GovCERT            Government Computer Emergency Response Team (Switzerland)

GovCERT.au      Australian Government's Computer Emergency Readiness Team (Australia)

GROW                 Directorate on Internal Market, Industry, Entrepreneurship and SMEs (EC)

GSA                     Government Services Administration (USA)

GSMA                  GSM Association

GSS                      Government Security Secretariat (UK)

H2020                  Horizon 2020

HCPN                   Haut-Commissariat à la Protection Nationale (Luxembourg)

Healthnet CSIRT Healthsector CERT (Luxembourg)

HOME                 Directorate on Migration and Home Affairs (EC)

HR                        Directorate on Human Resources and Security (EC)

i2nsf                     interface to network security functions (IETF)

IA                         Information Assurance

IAAGs                  Infrastructure Assurance Advisory Groups (Australia)

IAB                       Internet Architecture Board

IAD                      Information Assurance Directorate (USA)

IANA                   Internet Assigned Numbers Authority

IBPT                     Institut Belge des services Postaux et des Télécommunications (Belgium)

ICANN                 Internet Corporation for Assigned Names and Numbers

ICASA                 Independent Communications Authority of SA (South Africa)

ICASI                   Industry Consortium for Advancement of Security on the Internet

ICE                       Infrastructure Critiche Europe (Italy)

ICE                       European Critical Infrastructure

INCIBE                Spanish National Cybersecurity Institute (Spain)

ICPO                    International Criminal Police Organization (Japan)

ICSG                    Industry Connections Security Group (IEEE)

ICT                       Information and Communication Technology

IDA                      Infocomm Development Authority of Singapore (Singapore)

IE                          Internet Explorer

IEEE                     Institute for Electrical and Electronic Engineers

IETF                     Internet Engineering Task Force

IGF-Bpf               Internet Governance Forum Best Practice Forum on Cybersecurity

ILNAS                  Institut Luxembourgeois de la Normalisation, de l'Accréditation, de la Sécurité et qualité des produits et services

ILP                        Initiating Logical Processor (TCG)

ILR                       Institut Luxembourgeois de Régulation

IMEI                     International Mobile station Equipment Identity

IMS                      IP Multimedia Subsystem (3GPP)

INRIA                  Institut national de recherche en sciences et technologies du numérique (France)

IODEF                  Incident Object Description Exchange Format

IP                          Internet Protocol

IPC                       International Police Cooperation (Switzerland)

ipsecme               IP security maintenance and extensions working group (IETF)

IRAP                    Information security Registered Assessors Program (Australia)

IRTF                     Internet Research Task Force

ISA                       Internal Security Agency (Poland)

ISA                       Federal Act on Measures to Safeguard Internal Security (Switzerland)

ISA                       Intelligence Service Act (Switzerland)

ISF                        Information Security Forum

ISFP                      Information Security and Facility Protection (Switzerland)

ISM                      Australian government Information and communications technology Security Manual (Australia)

ISMP                    Infocomm Security Master Plan (Singapore)

ISO                       International Organization for Standardization

IT                          Infrastrutture Critiche (Italy)

IT                          Information Technology

ITIDA                   Information Technology Industry Development Agency (Egypt)

ITU                       International Telecommunication Union

ITU-T                   International Telecommunication Union - Telecommunication Standardization sector

IWWN                 International Watch and Warning Network (Australia)

IXP                       Internet eXchange Point

J-CAT                  Cybercrime Action Task Force (Europol)

JASPER               Japan-ASEAN Security PartnERship (Japan)

JCPS                     Justice, Crime Prevention and Security cluster (South Africa)

JOA                      Joint Operating Arrangements of DSD, AFP and ASIO (Australia)

JOCERT              National Computer Emergency Response Team (Jordan)

JP CERT              Japan CERT (Japan)

JRC                      Directorate on Joint Research Centre (EC)

JSON                    JavaScript Object Notation

JUST                    Directorate on Justice and Consumers (EC)

JVN                      Japan Vulnerability Notes (Japan)

KCC                     Korea Communications Commission (Korea)

KIS                       Koordineringsutvalget for forebyggende Informasjonssikkerhet (Norway)

KITS                     Koordinierungsstelle IT-Sicherheit

kitten                   common authentication technology next generation working group (IETF)

KMIP                   Key Management Interoperability Protocol (OASIS)

KMU                    Kleine und Mittlere Unternehmen (Austria)

KRITIS                 Kritische Infrastrukturen (Germany)

KSZ                      Kruispuntbank van de Sociale Zekerheid (Belgium)

LECC                   Law Enforcement/CSIRT Cooperation (FIRST)

LI                          Lawful Interception

LIBGUIDE          reference library on cybersecurity (NATO)

lisp                       locator/ID separation protocol (IETF)

LÜKEX                Länderübergreifende Krisenmanagement Exercise (Germany)

MACCSA            Multinational Alliance for Collaborative Cyber Situational Awareness

MA-CERT           Morocco CERT (Morocco)

MCCD                 Joint Cyber Command (Spain)

MAEC                  Malware Attribute Enumeration and Characterization

MCI                      Ministry of Communications and Information (Singapore)

MCIT                   Ministry of Communications and Information Technology (Egypt)

MCIT                   Ministry of Communications and Information Technology (Saudi Arabia)

MCIV                   Ministerieel Comité voor Inlichting en Veiligheid (Belgium)

MD                       Ministry of Defence (Montenegro)

MELANI              Melde- und Analysestelle Informationssicherung (Switzerland)

MHA                    Ministry of Home Affairs (Singapore)

MI                         Ministry of the Interior (Montenegro)

MIIT                     Ministry of Industry and Information Technology (China)

MilCERT             Military Computer Emergency Response Team (Austria)

MilCERT             Militärisches Computer Emergency Response Team (Austria)

milCERT             Military Computer Emergency Response Team (Switzerland)

mile                      Managed incident lightweight exchange working group (IETF)

MINDEF              MINistry of DEFence (Singapore)

MIS                      Military Intelligence Service (Switzerland)

MISP                    Malware Information Sharing Platform & Threat Sharing (Luxembourg)

MIST                    Ministry for Information Society and Telecommunications (Montenegro)

MMDEF              Malware Metadata Exchange Format Working Group (IEEE)

MNiSW               Ministry of Science and Higher Education (Poland)

MNiSW               Ministerstwo Nauki i Szkolnictwa Wyzszego (Poland)

MOD                    Ministry Of Defence (Latvia)

MoE                     Ministry of Economics (Latvia)

MoEPRD             Ministry of Environmental Protection and Regional Development (Latvia)

MoES                   Ministry of Education and Science (Latvia)

MOF                     Ministry Of Finance (Singapore)

MoFA                  Ministry of Foreign Affairs (Latvia)

MoI                      Ministry of the Interior (Latvia)

MoJ                      Ministry of Justice (Latvia)

MOPAS               Ministry Of Public Administration and Security (Korea)

MoT                     Ministry of Transport (Latvia)

Mow                     Ministry of welfare (Latvia)

MP                        Member of Parliament

MS-ISAC             Multi-State Information Sharing and Analysis Center

MTS                     Methods for Testing and Specification (ETSI)

NAF                     National Armed Forces (Latvia)

NASK                  Research and Academic Computer Network (Poland)

NASK                  Naukowej i Akademickiej Sieci Komputerowej (Poland)

NATO                  North Atlantic Treaty Organization

NAVONVO         Nord-Atlantische Verdragsorganisatie (Belgium)

NBU                     Národný Bezpecnostný Úrad (Slovakia)

NCAC                  National Cybersecurity Advisory Council (South Africa)

NCCC                  National Cyber Coordination Centre (India)

NCCoE                National Cybersecurity Centre of Excellence (USA)

NCDC                  National Centre for Digital Certification (Saudi Arabia)

NCIA                    National Computing and Information Agency (Korea)

NCIIPC                National Critical Information Infrastructure Protection Centre (India)

NCP                      National Checklist Program

NCPF                   National Cybersecurity Policy Framework (South Africa)

NCSC                   National Cyber Security Centre (Korea)

NCSC                   National Cyber Security Centre (Lithuania)

NCSC                   Nationaal Cyber Security Centrum (Netherlands)

NCSC                   National Cyber Security Centre (New Zealand)

NCSC                   National Cyber Security Coordinating Centre (South Africa)

NCSC                   National Cyber Security Centre (U.K.)

NCSP                   National Cyber Security Programme (UK)

NCSRA                Nationale Cyber Security Research Agenda (Netherlands)

NCSS                   National Cybersecurity Strategie (Netherlands)

NCSS                   National Cyber Security Strategies

NCIRC                 NATO Communications and Information Agency

NEC                     National Encryption Centre (Jordan)

NEOC                  National Emergency Operations Centre (Switzerland)

NERC                   North American Electric Reliability Corporation

NES                      National Economic Supply (Switzerland)

NESAG                Network Equipment Security Assurance Group (3GPP)

NetSafe                Safer Internet Centre of Latvia Net-Safe Latvia (Latvia)

NFSA                   National Forensic Science Agency (Pakistan)

NFV                     Network Functions Virtualisation (ETSI)

NIACSA              National Information Assurance and Security Agency (Jordan)

NIACSS               National Information Assurance and Cyber Security Strategy (Jordan)

NICI                     National Information Security Authority (Slovakia)

NICT                    National institute of Information and Communications Technology (Japan)

NIS                       Network and Information Security (EU)

NIS                       National Intelligence Service (Korea)

NISC                    National Information Security Centre (Japan)

NISC                    National Infocomm Security Committee (Singapore)

NISE                     National Information Security Environment (Saudi Arabia)

NISE                     NISE Instructions (Saudi Arabia)

NISED                  NISE Directives (Saudi Arabia)

NISEMs               NISE Manuals (Saudi Arabia)

NISS                     National Information Security Strategy (Saudi Arabia)

NIST                     National Institute of Standards and Technology (USA)

NITC                    National Information Technology Centre (Jordan)

NorCERT            Norway CERT (Norway)

NorSIS                 Norsk senter for informasjonssikring (Norway)

NPA                     National Prosecuting Authority (South Africa)

NPSI                     Nationaler Plan zum Schutz der Informationsinfrastrukturen (Germany)

NRAF                   National IS Risk Assessment Function (Saudi Arabia)

NRF                      National Research Foundation (Singapore)

NSA                     National Security Authority (Czech)

NSA                     National Security Authority (Hungary)

NSA                     National Security Agency (Montenegro)

NSA                     National Security Authority (Slovakia)

NSA                     National Security Agency (USA)

NSC-CSC            National Security Council Cyber Security Committee (Spain)

NSCS                   National Security Coordination Secretariat (Singapore)

NSIS                     National Strategy for Information Security in the Slovak Republic (Slovakia)

NSM                     Nasjonal SikkerhetsMyndighet (Norway)

NSS                      National Security Strategy (Jordan)

NSSIS                   National Security Science and Innovation Strategy (Australia)

NTECH                Network Technologies (ETSI)

NTRA                  National Telecommunication Regulatory Authority (Egypt)

NV (Storage)      Non-Volatile (shielded location) (TCG)

NVD                     National Vulnerability Database (USA)

nvo3                     network virtualization overlays working group (IETF)

NZ-CERT            New Zealand Computer Emergency Response Team (New Zealand)

NZSIS                  New Zealand Security Intelligence Service (New Zealand)

OAG                     Office of the Attorney General (Switzerland)

OASIS                  Organization for the Advancement of Structured Information Standards

oauth                    web authorization protocol working group (IETF)

OCAD                  Coördinatieorgaan voor dreigingsanalyse (Belgium)

OCAM                 Organe de Coordination pour l'Analyse de la Menace (Belgium)

OCC                     Cybernetics Coordination Office (Spain)

OCP                      Operator Cyber security Plan

OCSIA                 Office of Cyber Security & Information Assurance (UK)

OFCOM               Federal Office of COMmunications (Switzerland)

OGCIO                 Office of the Government Chief Information Office (UK)

OIV                      Opérateur d'Importance Vitale (France)

OMB                    Office of Management and Budget (USA)

OMG                    Object Management Group

OpenC2               Open Command and Control (OASIS)

opsec                   operational security capabilities for IP network infrastructure working group (IETF)

OS                        Operating System

OSCE                   Organization for Security and Co-operation in Europe

ÖSCS                   Österreichische Strategie für Cyber Sicherheit (Austria)

ÖSS                      Österreichischen SicherheitsStrategie (Austria)

OSZE                   Organisation für Sicherheit und Zusammenarbeit in Europa (Germany)

OTAN                  Organisation du Traité de l'Atlantique Nord (Belgium)

OTS                      Ordinance on Telecommunication Services (Switzerland)

OVAL                  Open Vulnerability and Assessment Language

PBC                      pelnomocnika ds. bezpieczenstwa cyberprzestrzeni (Poland)

PC                         Personal Computer

PCA                      Privacy CA (TCG)

PCR                      Platform Configuration Register (TCG)

PCS                      Plenipotentiary for Cyberspace Security (Poland)

PDCA                   Plan-Do-Check-Act (Germany)

PHAROS             Platform for Harmonization, Analysis, Cross-check and Orientation of Reportings (France)

PISA                     Pakistan Information Security Association (Pakistan)

PKCS                   Public-Key Cryptography Standards

PKI                       Public Key Infrastructure

PMRM                 Privacy Management Reference Model (OASIS)

PPP                       Public Private Partnership (Austria)

PRACTICE          Proactive Response Against Cyber-attacks (Japan)

PrivEK                 Private Endorsement Key (TCG)

PSN                      Public Sector Network

PTA                      Police Tasks Act (Switzerland)

PubEK                 Public Endorsement Key (TCG)

RAN                     subcommittee on Radio Access Network (3GPP)

RCMP                  Royal Canadian Mounted Police (Canada)

Restena CSIRT   Research and education CERT (Luxembourg)

RGISSP                Research Group Information Society and Security Policy (Switzerland)

RGS                      Référentiel Général de Sécurité (France)

RID                       Real-time Inter-network Defense

RoT                      Root of Trust (component) (TCG)

RTD                     Directorate on Research and Innovation (EC)

RTM                     Root of Trust for Measurement (TCG)

RTR                      Root of Trust for Reporting (TCG)

RTS                      Root of Trust for Storage (TCG)

SA CISRS            Saudi Arabian Critical Security and Resilience Strategy (Saudi Arabia)

SA2                      Subcommittee on Architecture (3GPP)

SA3                      Subcommittee on Security (3GPP)

SA5                      Subcommittee on Telecom Management (3GPP)

sacm                     security automation and continuous monitoring working group (IETF)

SAGE                   Security Algorithms Group of Experts (ETSI)

SAI                       Securing Artificial Intelligence (ETSI)

SAML                  Security Services (OASIS)

SAMRISK           Samfunnssikkerhet og risiko (Norway)

SANS                   SysAdmin, Audit, Networking, and Security

SAPS                    South African Police Service (South Africa)

SAS                      Security Assurance Specification (3GPP)

SC27                    ISO/IEC JTC1 Committee on Security techniques

SC6                      ISO/IEC JTC1 Committee on Telecommunications and information exchange between systems

SC7                      ISO/IEC JTC1 Committee on Software and systems engineering

SCADA                Supervisory Control And Data Acquisition (Belgium)

SCAP                   Security Content Automation Protocol

SCP                      Smart Card Platform

SIG                       Special Interest Group

SE                         Secure Element

SECAM               Study on Security Assurance Methodology (3GPP)

SeP                       Security Police (Latvia)

SERI                     Senter for rettsinformatikk (Norway)

SES                       Secretariat of State for Security

SESIAD               Secretariat of State for the Information Society and the Digital Agenda (Spain)

SFOE                    Swiss Federal Office of Energy (Switzerland)

SG 2                     Study Group on Operational aspects (ITU-T)

SG11                    Study Group on Protocols and test specifications (ITU-T)

SG13                    Study Group on Future networks (ITU-T)

SG17                    Study Group on Security (ITU-T)

SGDSN                Secrétariat Général de la Défense et de la Sécurité Nationale (France)

SGRS                   Service Général du Renseignement et de la Sécurité (Belgium)

sidr                       secure inter-domain routing working group (IETF)

SIEM                    Security Information and Event Management

SIGINT-CYBER Joint General Intelligence and Security Service Unit (Netherlands)

SIIO                      State Internet Information Office (China)

SIM                      Subscriber Identity Module, including USIM and ISIM (ETSI, 3GPP)

SIS                        State Information Systems (Latvia)

SKKM                  Staatliches Krisen- und KatastrophenschutzManagement (Austria)

SLT                      Samordning av Lokale kriminalitetsforebyggende Tiltak (Norway)

SN                        Standard Norge (Norway)

SNSC                   Sistemul |National de Securitate Cibernetica (Romania)

SOC                      Security Operations Centre

SOME                  Cyber Incident Response Team (Turkey)

SOME                  Siber Olaylara Mildahale Ekipleri (Turkey)

SONIA                 Special Task Force on Information Assurance (Switzerland)

SOSMT                Slovak Standards Institute (Slovakia)

SP                         State Police (Latvia)

SPF                       Service Public Fédéral (Belgium)

SPIK                     Swiss Police IT Congress (Switzerland)

SPOC                   Single Point of Contact

SPTA                    Surveillance of Postal and Telecommunications traffic Act (Switzerland)

SRDA                   State Regional Development Agency (Latvia)

SRK                      Storage Root Key (TCG)

SSA                      State Security Agency (South Africa)

SSP                       Smart Secure Platform

stir                        secure telephone identity revisited working group (IETF)

STIX                     Structured Threat Information eXpression

TAC                     Threat Analysis Centre (Singapore)

TAXII                   Trusted Automated eXchange of Indicator Information

TBB                      Trusted Building Block (TCG)

TC                        Technical Committee

TCG                     Trusted Computing Group

TCP                      Transmission Control Protocol

tcpinc                   TCP increased security working group (IETF)

TEE                      Trusted Execution Environment

TISN                     Trusted Information Sharing Network for critical infrastructure protection (Australia)

TLP                      Traffic Light Protocol

TLS                      Transport Layer Security

tls                         transport layer security working group (IETF)

TMI                      Trusted Multi-tenant Infrastructure (TCG)

TNC                     Trusted Network Connect (TCG)

TPM                     Trusted Platform Module (TCG)

TPS                       Trusted Platform Support services (TCG)

trans                     public notary transparency (IETF)

Trust Elevation   electronic identity credential trust elevation methods (OASIS)

TSS                       TPM Software Stack -or- TCG Software Stack (TCG)

TSUBAME          International network traffic monitoring project (Japan)

TT CSIRT            Trinidad and Tobago CSIRT (Trinidad & Tobago)

TTA                      Telecommunications Technology Association (Korea)

TTC                      Telecommunication Technology Committee (Korea)

TTCSA                 Trinidad and Tobago Cyber Security Agency (Trinidad & Tobago)

TUVE                   turvallisuusverkkohanke (Finland)

UKE                     Office of Electronic Communications (Poland)

UKE                     Urzedem Komunikacji Elektronicznej (Poland)

UNSW                 University of New South Wales

UP KRITIS          Umsetzungsplan KRITIS (Germany)

URI                       Uniform Resource Identifier

USOM                  National Centre for Cyber Incident Response (Turkey)

USOM                  Ulusal Siber Olaylara Mildahale Merkezi (Turkey)

uta                        using TLS in applications (IETF)

UTM                    Unified Threat Management (Italy)

UVTA                  Ulko- ja turvallisuuspoliittinen ministerivaliokunta (Finland)

VAHTI                 Valtionhallinnon tietoturvallisuuden johtoryhmä (Finland)

VDRX                  Vulnerability Reporting and Data eXchange SIG (FIRST)

VDSG                  Ordinance to the Federal Act on Data Protection (Switzerland)

VSSE                    Veiligheid van de Staat, Sûreté de l'Etat (Belgium)

W3C                     World Wide Web Consortium

websec                 web security working group (IETF)

wpkops                web PKI OPS working group (IETF)

WS-SX                 Web Services Secure eXchange (OASIS)

XCCDF                eXtensible Configuration Checklist Description Format

XDI                      XRI Data Interchange (OASIS)

XML                    eXtensible Markup Language

XSPA                   Cross-Enterprise Security and Privacy Authorization (OASIS)

YTS                      Yhteiskunnan turvallisuusstrategiassa (Finland)

ZNIIS                   Центральный научно-исследовательский институт связи (Russia)