Provides start-ups with commercialisation and/or business maturity support in the early stages of a product or service entering the market for the first time or iterating into new markets.

The ways and means, including software platforms, that allow organisations to make decisions about who and what is allowed to access which information assets, when and in what context.

Synchronized, real-time capability to discover, detect, analyse, and mitigate threats and vulnerabilities. (Source: https://www.nist.gov)

A system, software or product intended to identify or prevent fraudulent practices.

Software that is designed to detect, stop and remove viruses and other kinds of malicious software. (Source: https://www.cyber.gov.au)

Passive and active devices and software designed and implemented to prevent data or code within an application from being compromised.  Includes: endpoint security, firewall and antivirus, intrusion detection, vulnerability scanning, email security and application whitelisting.

Protection against malicious code (malware) on systems. Ensuring that only authorised applications can be executed. (Source: https://www.cyber.gov.au)

Proactive and adversarial ‘attack’ approach to protecting against cyber attacks including penetration and vulnerability testing as well as ethical hacking. Defensive security focuses on reactive measures such as patching software and detection.

A form of security that recognises a user’s identity and/or other individualised credentials and only allowing access to authorised/ approved/valid users.

Incorporating machine learning to enable greater accuracy and speed in responding to cyber threats and managing cyber risks. Note, this includes advanced forms of machine learning colloquially referred to or described as artificial intelligence.

Measurable physical characteristics used to identify or verify an individual. (Source: https://www.cyber.gov.au)

Black hat refers to a hacker who breaks into a computer system or network with malicious intent. A black hat hacker may exploit security vulnerabilities for monetary gain; to steal or destroy private data; or to alter, disrupt or shut down websites and networks.

Reward incentives (financial or other) offered by businesses to individuals who report software vulnerabilities. 

Security that protects cloud based systems and the data contained within them including policies, controls, procedures and technology.

Core primitives of cryptography as presently practised and emerging algorithms, techniques for analysis of these, and the protocols that use them including the practice of encrypting and decrypting information and data. (Source: https://www.cybok.org)

Technologies that generate traps and decoys throughout cyber-physical infrastructure to trick a malicious actor and/or software, often to also observe the methods and targets of the actor.  Includes: active defence, decoys and threat emulation.

Security management systems and organisational security controls, including standards, best practices, and approaches to risk assessment and mitigation. (Source: https://www.cybok.org). Includes: audit and maturity assessment.

Security challenges in cyber-physical systems, such as the Internet of Things & industrial control systems, attacker models in the convergence of IT and OT, digital access controls, safe-secure designs, and security of large-scale infrastructures and the intersections between them. (Source: https://www.cybok.org)

An assessment to determine an organisation’s readiness to detect, prevent and respond to cyber threats and indications of the risks they pose to the organisation and is supply and value chains.

Professional services that support the management of cyber security risk and compliance.  Includes: Technical due diligence, consultancy and advisory, legal services, recruitment, and insurance.

Cyber security refers to the technologies, processes and practices performed to achieve tasks, transfer knowledge, and build skills needed to work on protecting and defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.

Cyber security researchers, as individuals or through a formalised program or platform, who find and report security vulnerabilities and/or possible threats across the cyber-physical landscape as well as proposing solutions to organisations to help prevent cyber attacks or breaches.  Includes: bug bounty programs.

Skills development and training in technical and non-technical cyber security competencies across all ages.

Decoys lure unauthorized users to access an IT system that appears to be poorly secured. They are embedded in existing IT assets that either use real licensed operating system software or are emulations of these systems.

Defensive security focuses on reactive measures such as patching software and detection. Proactive and adversarial ‘attack’ approach to protecting against cyber attacks including penetration and vulnerability testing as well as ethical hacking.

The collection, analysis and reporting of digital evidence in support of incidents or criminal events in digital infrastructure and data. (Source: https://www.cybok.org)

Protection against unauthorised access to email accounts and content.

The conversion of electronic plaintext data into unreadable ciphertext using algorithms. Encryption protects the confidentially of data at rest and in transit. Both encryption and decryption are functions of cryptography.
(Source: https://www.cyber.gov.au)

Protection for the endpoints or end-user devices such as laptops, mobile devices and desktops that are remotely accessing a network or a cloud. (Source: https://www.mcafee.com/enterprise/en-au/home.html)

A simulated cyber event to assist organisations to evaluate and improve their cyber incident response and preparedness. Contributes to maturity of risk posture and policies.

A network device that filters incoming and outgoing network data based on a series of rules. (Source: https://www.cyber.gov.au)

Security that protects cloud based systems and the data contained within them including policies, controls, procedures and technology.

Tools and services to protect against intentional and unintentional user mistakes, support observance of organisational governance and policies, and enforce compliance to regulatory requirements.

The ways and means, including software platforms, that allow organisations to make decisions about who and what is allowed to access which information assets, when and in what context.

Provides startups with tools and business support to the pre-market development of a product or service.

Securing computer and digital networks and related physical hardware and systems from intruders and intrusions, whether targeted or opportunistic.

Protection for internet enabled devices that connect to each other using wireless networks.

Device or software that monitors a network for malicious activity or violations.

Security operations centre (SOC) is a facility that includes security analysts and security incident management services that prevent, detect, assess and respond to cybersecurity threats and incidents.

Provider of outsourced monitoring and management of network security devices and systems.  Common services include managed firewall, intrusion detection, virtual private network, vulnerability scanning and anti-viral services.

Issues related to web applications and services distributed across devices and frameworks, including the diverse programming paradigms and protection models. (Source: https://www.cybok.org)

Preventative and responsive security aspects of networking and telecommunication protocols, including the security of routing and specific cryptographic protocols used for network and systems security. (Source: https://www.cybok.org) Includes: Anti-fraud, Virtual Private Networks (VPNs), Intrusion prevention, Endpoint security including firewall and antivirus.

Operating systems protection mechanisms, implementing secure abstraction of hardware, and sharing of resources, including isolation in multiuser systems, secure virtualisation, and security in database systems. (Source: https://www.cybok.org)

Tools and services to protect against intentional and unintentional user mistakes, support observance of organisational governance and policies, and enforce compliance to regulatory requirements.

Also known as pen testing or ethical hacking, is an authorised simulated set of attacks on a system, application or network, against specified scenarios or use cases, to evaluate the robustness of security. Is also regularly used to assess whether a malicious actor or software is or has been present.

Security concerns and limitations of the physical layer including aspects of radio frequency encodings and transmission techniques, unintended radiation, and interference. (Source: https://www.cybok.org)

Techniques for protecting personal information, including communications, applications, and inferences from databases and data processing. It also includes other systems supporting online rights touching on censorship and circumvention, covertness, electronic elections, and privacy in payment and identity systems.

The technological means through which quantum control – the securing and control of physical systems whose behaviour is dominated by the laws of quantum technology – is effected in the practice of securing cyber-physical endeavours.

Tools and services to protect against intentional and unintentional user mistakes, support observance of organisational governance and policies, and enforce compliance to regulatory requirements.

Security in the design, implementation, & deployment of general-purpose and specialist hardware, including trusted computing technologies and sources of randomness. (Source: https://www.cybok.org)

The design, building, implementation, delivery and sustainment of a business unit or team that receives, monitors, analyses and often responds to security threats, risks and vulnerabilities to an organisation/ function or set of organisations/ functions, contributing to the management of security posture on an ongoing basis.

Security that focuses on keeping software and an entire computing platform and devices – including mobile, cloud and web applications – resilient to cyber threats. This includes information security that protects the integrity and privacy of data, both in transit and at rest.

Protection and cyber risk management of on-demand, cloud-based software.  SaaS allows organisations and individuals to subscribe to the software they require without the need to host the software in house.

Supervisory control and data acquisition is a control system architecture comprising computers, networked data communications and graphical user interfaces for high level process supervisory management, whiles also comprising other peripheral devices like programmable logic controllers and discrete proportional-integral-derivative controllers to interface with process plant or machinery. (Source: https://www.cyber.gov.au)

Operational, network and systems security that includes the processes and decisions for handling and protecting data assets. The permissions users have when accessing a network and the procedures that determine how and where data may be stored or shared all fall under this umbrella.

Use case testing where ‘actors’ represent users interacting with the system using test scenarios that replicate user transactions to identify gaps that may not be identified when testing individual system components in isolation.

Technical testing required to receive certification or approval for the export of cyber security products and services both in Australia and globally.

Security concerns and limitations of the physical layer including aspects of radio frequency encodings and transmission techniques, unintended radiation, and interference. (Source: https://www.cybok.org)

Identifying and managing security threats across networks, systems or applications before and/or following a cyber breach or compromise.

Threat emulation identifies malware in downloaded files or email attachments and places it in a virtual machine to verify abnormal or malicious behaviour. This ensures that exploits are stopped before entering the network.

Information used to understand the types of threats an organisation may have, will or are currently experiencing.  This information is used to prepare, prevent and identify cyber threats and inform the identification of cyber risks.

A virtual network built on top of existing networks that can provide a secure communications mechanism for data and IP information transmitted between networks. (Source: https://www.nist.gov)

Operating systems protection mechanisms, implementing secure abstraction of hardware, and sharing of resources, including isolation in multiuser systems, secure virtualisation, and security in database systems. (Source: https://www.cybok.org)

Authorised systematic discovery and/or review of security weaknesses of networks, systems, hardware or applications to identify, quantify and prioritise the vulnerabilities.

A tool that conducts an inspection on computers, applications or networks to detect and identify areas of weakness or vulnerability.

A simulated cyber event to assist organisations to evaluate and improve their cyber incident response and preparedness. Contributes to maturity of risk posture and policies.

Issues related to web applications and services distributed across devices and frameworks, including the diverse programming paradigms and protection models. (Source: https://www.cybok.org)

White hat hackers, or ethical hackers, are authorized to enter networks to identify vulnerabilities through hacking. Techniques include penetration testing, test in-place security systems and vulnerability assessments.  (Source: https://us.norton.com/internetsecurity-emerging-threats-what-is-the-difference-between-black-white-and-grey-hat-hackers.html )