Information Security Industry Acronyms | Optiv

Information Security Industry Acronyms | Optiv

Information Security is one of the fastest growing industries because of organizations' requirements to protect their data.  To help those individuals that want to learn about information security, one of the first steps is to understand the acronyms.  While there are literally thousands of industry acronyms, we created this short list to highlight some of the most common acronyms to help individuals get a head start.

 

  • AD - Active Directory
  • API - Application Program Interface
  • ASV - Authorized Security Vendor
  • C&A - Certification and Accreditation
  • CA - Certification Authority
  • CISA - Certified Information Security Auditor
  • CISO - Chief Information Security Officer
  • CISSP - Certified Information Systems Security Professional
  • ComSec - Communications Security
  • CSA - Cloud Security Alliance
  • CSTA - Certified Security Testing Associate
  • CSTP - Certified Security Testing Professional
  • DDOS - Distributed Denial of Service (attack)
  • eDiscovery - Short for Electronic Discovery
  • eSAS - eLearning Security Awareness Solution
  • ESI - Electronically Stored Information
  • FISMA - Federal Information Security Management Act
  • FRCP - Federal Rules of Civil Procedure
  • GIAC - Global Information Assurance Certification
  • GLBA - Gramm–Leach–Bliley Act (also known as the Financial Services Modernization Act of 1999)
  • GRC - Governance Risk & Compliance
  • HIE - Health Information Exchange
  • HIPAA - Health Insurance Portability and Accountability Act
  • HITECH - Health Information Technology for Economic and Clinical Health Act
  • HTTP - Hypertext Transmission Protocol
  • HTTPS - Secured Hypertext Transmission Protocol
  • IA - Information Assurance
  • IAG - Identity & Access Governance
  • IAM - Identity & Access Management
  • IDS - Intrusion Detection System
  • IIS - Internet Information Services
  • IM - Incident Management
  • InfoSec - Information Security  
  • IRRA - Incident Response Risk Assessment
  • ISACA - Information Systems Audit and Control Association
  • ISMS - Information Security Management System
  • ISPM - Information Security Program Model
  • ISSA - Information Security Systems Association
  • IT - Information Technology
  • LMS - Learning Management System
  • MA - Management Agent
  • MDM - Mobile Device Management
  • MLS - Multilevel Security
  • MSS - Managed Security Services
  • MSSP - Managed Security Services Program or Managed Security Services Provider
  • NSA - National Security Agency
  • OPSec - Operations Security
  • PCI - Payment Card Industry
  • PCI-DSS - Payment Card Industry  Data Security Standards
  • Pen Test - Penetration Test
  • QSA - Qualified Security Assessor
  • RMF - Risk Management Framework
  • SAS - Statement on Auditing Standards (SAS 70)
  • SCORM - Sharable Content Object Reference Model
  • SDLC - Software Development Lifecycle
  • SEM - Security Event Management
  • SIEM - Security Information Event Management
  • SIM - Security Information Management
  • SIM - Subscriber Identity Module
  • SOX - Sarbanes-Oxley Act
  • SSL - Secure Socket Layer
  • SSO - Single Sign-On
  • SSPM - Self-Service Password Management
  • UTM - Unified Threat Management
    Randy Pringle
    Solutions Marketing Manager
    Randy Pringle brings more than 15 years of integrated marketing solutions experience in the information security and technology space. Experience includes partner marketing strategies, thought leadership, campaign program designs and execution, and education and awareness. As a marketing manager, Randy focuses on strengthening marketing programs to help clients and employees learn behavioral changing tactics to protect personal and corporate data.