2025 Cybersecurity Acronyms with Definitions

4 min read
(November 12, 2024)

There may be no industry with more acronyms than cybersecurity and each year the number increases. Often, those in the industry are baffled as to what they mean. Take SASE for example, which is Secure Access Service Edge, and in simplest terms is a cloud model combining network and security functions – the analysts and vendors coined it well before any practitioners had knowledge of it. Below, we have outlined the most notable acronyms in cybersecurity as we approach 2025 and will update as new ones emerge.

 

If you have any acronyms you feel should be included please get in touch with us: suggest an acronym.

AMP: Advanced malware protection
Solution that uses advanced technology to prevent, detect and help remove threats.

APT: Advanced persistent threat
Undetected, unauthorized access to a network for a significant period.

BCP: Business continuity plan
A plan that permits an organization to continue operating during an event or disaster.

BEC: Business email compromise
When a criminal/bad actor uses email to trick someone into sending money or to steal sensitive data.

BISO: Business information security officer
A senior role connecting a company's security team to the business leaders.

CASB: Cloud access security broker
Enforces security policy between the cloud-service provider and the customer.

CISO: Chief information security officer
The leader responsible for the information, technology and cyber systems of the organization.

CSP: Cloud service provider
A company providing cloud services including storage, databases, and infrastructure at scale to organizations.

CSPM: Cloud security posture management
A tool that identifies and remediates risk across cloud environments.

CTI: Cyber threat intelligence
Information that is data driven and assists organizations to prevent, detect, and respond to cyber threats .

CTrO: Chief trust officer
Senior executive responsible for ensuring compliance and risk management efforts and building trust with customers around the company's services and products.

CVE: Common vulnerabilities and exposures
Publicly disclosed system vulnerabilities.

DAC: Discretionary access control
A model where the owner of a resource controls who can access it.

DDoS: Distributed denial of service
An attempt to disrupt traffic of a server by flooding it with malicious traffic.

DLP: Data loss prevention
A strategy to prevent unauthorized sharing, transfer, or use of sensitive data.

DNS: Domain name system
Translates readable domain names to IP addresses.

DRP: Disaster Recovery Plan
A document outlining how to respond to unplanned incidents including cyber-attacks, natural disasters, power outages and  other disruptive events.

DSPM: Data security posture management
Provides organizations visibility on where sensitive data is, who has access to it and how it is being used.

EDR: Endpoint detection and response
Continually monitors endpoints for threats and automatically responds to them.

GenAI: Generative Artificial Intelligence
Artificial intelligence that uses machine learning algorithms to generate new content, ideas, or data.

GRC: Governance risk compliance
A strategy that helps organizations meet business goals while remaining compliant to regulations and managing risk.

IaaS: Infrastructure as a service
Pay as you go cloud computing service that provides compute, storage, and networking resources on demand.

IAM: Identity access management
A framework for managing people's access to a company's data and resources.

IDR: Incident detection response
Technologies and practices which identify a threat or attack and quickly respond to contain it.

IDS/IDP: Intrusion detection/Intrusion detection and prevention
A system that monitors your network for threats and alerts security administrators.

IRP: Incident response plan
An organization's outline of steps/procedures to be taken when a cybersecurity incident occurs.

LLML: Large language models
Artificial intelligence systems which process large amounts of text data to understand and generate human language.

MAC: Mandatory access control
A strategy where the system has access control, restricting the ability an individual resource owner has to grant or deny access.

MDR: Managed detection response
A service that uses human expertise and technology to identify and respond to threats.

NHIDR: Non-human identity detection and response
Solution which helps identify and respond to risks associated with non-human identities.

NHIM: Non-human identity management
Manages and secures non-human identities such as digital entities used to represent machines, applications, and automated processes within an IT infrastructure.

NIST: National Institute of Standards and Technology
An agency of the U.S. Department of Commerce that helps organizations understand, manage, and reduce their cybersecurity risk.

PaaS: Platform as a service
Cloud computing model that provides on-demand access to a complete, ready-to-use, cloud-hosted platform for developing, running, maintaining and managing applications.

PAM: Privileged access management
A system that restricts access to their most critical systems and data through only necessary levels of access based on their job.

RBAC: Role based access controls
Restricting access to resources and systems based on the role someone has within the organization.

SaaS: Software as a service
Cloud hosted applications.

SASE: Secure access service edge
Cloud based architecture combining network and security functions.

SIEM: Security incident event management
A solution that helps companies detect threats by collecting and analyzing data from multiple sources.

SOAR: Security orchestration, automation, and response
Automates cyberattack prevention and response through tools and services.

SOC: Security operations center
Team of IT security professionals responsible for protecting the organization through monitoring, detecting, analyzing, and investigating cyber threats.

SOC2: Service Organization Control 2
Compliance framework to ensure that third-party service providers store and process client data in a secure manner.

SSO: Single Sign On
A user authentication model that allows someone to use one set of credentials to log in to multiple applications.

UBA: User behavior analytics
System of collecting and analyzing user activity to track normal activity and detect deviations that could signify a threat.

VDI: Virtual desktop infrastructure
An infrastructure that permits access to the enterprise systems from multiple devices and locations.

VPN: Virtual private network
An encrypted connection over the Internet from a device to a network known as a "tunnel."

XDR: Extended detection and response
Leverages multiple security tools to for quicker threat detection and response.

ZTNA: Zero trust network access
Aligned with zero trust security policies it removes implicit trust and provides access to resources based on identity, device and data.