So You Want to Be in Cyber: Cybersecurity Acronyms 101!

So you want to be a Cyber Intern?

Learning the Language

Jargon can be a barrier to entry, especially for a young person entering cyber. Here is an (incomplete but hopefully helpful) list of terms you need to know for an internship in cybersecurity. These are based on my summer working in USG (US Government), and other interns in DC who are paving the way in cyber!

General Terms/Acronyms

• IOT = Internet of Things (e.g. like a coffee maker that connects to Wifi)
• CISO = Chief Information Security officer (most big companies have their own)
• CTO: Chief Technology Officer
• SLTT: State, Local, Tribal, Territorial [governments]
• ISAC = an Information Sharing and Analysis Center (nonprofits for gathering information on cyber threats)
  • MS-ISAC: Multi-State ISAC, protecting SLTT governments
  • EI-ISAC: Election ISAC
  • FS-ISAC: Financial Services ISAC
  • H-ISAC: Health Services ISAC
  • RH-ISAC: Retail & Hospitality ISAC
• TIP = Threat Intelligence platform
• SOC = Security operation center
• PII = personal identifiable information
• Social engineering = hacker strategy, using manipulation to gain personal information form users (think instagram crypto scam)
• MSP = Management Service Provider
• RaaS: ransomware as a service (something sold so governments and etc can use)
• IR = Incident Response, CISA has a team, there are private vendors too!
  • MSFT DART
• Zero day vulnerabilities = a known vulnerability (or weakness) that has not been patched/fixed
• Encryption = converting data into code
• Decryption = the opposite of encryption, code → data
• Cyber Operations
  • Red Teaming = offensive cyber operations (like ethically hacking into systems)
  • Blue Teaming = defensive cyber operations

Government Specific Acronyms:

• USG – United States Government
• DIR – Director (of an agency)
  • FOUO– For Official Use Only
  • MOU – Memorandum of Understanding: E.g. what CISA signs with ACP and other international partners
• RTA – Request for Technical Assistance
• SCIF – Sensitive Compartmented Information Facility (typically has no windows)
  • HI SIDE – Classified Network
  • LOW SIDE – Unclassified
•  CERTs – Computer Emergency Response Team (most countries have one that we work with!)
  • CSIRTS – Cybersecurity Incident Response Teams

Government agencies/organizations:

• ONCD – Office of the National Cyber Director, run by Chris Inglis
• DIB: Defense Industrial Base
• DoD: Department of Defense, responsible for protecting DIB systems, military technologies, military bases, and DoDin
  • DoDIn: DoD Internal Network
• NIST – National Institute for Standards and Technology (government sponsored)
• ITSCC – IT coordinating council for working in the government (cloud security, cyber threats, emerging tech)
• National Protection and Programs Directorate (NPPD): CISA’s Old Name
• CISA (in DHS) Cybersecurity and Infrastructure Security Agency, started in 2018
  • TH: Threat/Hunt teams
    • DPRK: Democratic People’s Republic of Korea
  • JCDC = joint cyber defensive collaborative
    • Industry Alliance, 20 US companies, completely voluntary
    • Feds
    • SLTT
    • International
  • CSD: Cybersecurity Division
  • ISD = Infrastructure Security Division
  • NRMC: National Risk Management Center
    • ESR: Election Security Resilience team
      • RVA: Risk and Vulnerability Analysis, a red-team assessment!
      • RPT: Remote Pen-Testing
      • VADR: Validated Architecture and Design Review
        • PCAP: Packet Capture
      • VM: Vulnerability Management
      • Vulnerability Insights
        • DMARC: Domain Message Authentication and Reporting and Conformance (most SLTTs do not have this enabled!)
  • SED (pronounced “SAID”): Stakeholder Engagement Division
    • IA: CISA International Affairs
      • WHA: Western Hemisphere
      • NEA: Near East
      • AFR: Africa
      • ACP: Panama Canal Authorities
      • ICS – Integrated Country Strategies…dictates how we should support them for mutually beneficial partnership.
      • “Post” – State Dept. offices in specific geographic regions
        • IAA – InterAgency Agreements

Tools

• Stix = a coding language for reporting cybersecurity indicators (based on Json)
• VirusTotal = a crowdsourced tracker for viruses and other malicious content [https://www.virustotal.com/gui/home/upload]
• Lockheed Martin Kill Chain = Framework for identifying and preventing cyber attacks [https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html]
• CIS Security Controls = a prioritized set of safeguards companies should implement [https://www.cisecurity.org/controls/v8#:~:text=The%20CIS%20Critical%20Security%20Controls,%2C%20regulatory%2C%20and%20policy%20frameworks]
• MITRE Attack Framework =  a matrix of adversary tactics and techniques often used to classify attack s [https://attack.mitre.org/]
• NIST Cybersecurity Framework = a set up steps for companies to follow (Identify, Protect, Detect, Respond) [https://www.nist.gov/cyberframework]

Important Cybersecurity Events: 

• Stuxnet – 2012
• Heartbleed – Apr 2014
• Sony Hack – Nov 2014
• WannaCry Ransomware – 2017
• SolarWinds – 2020
• Log4j – December 2021

Conferences and Cyber-Events:

• RSA (San Francisco)
• Black Hat (Las Vegas) = “hacker summer camp”
• DefCon (Las Vegas)
• Virus Bulletin (Prague)