NIST glossary of security terms displayed on a tablet

A comprehensive list of security terms you should know

A comprehensive glossary of information security terms used in government documents has been updated by the National Institute of Standards and Technology, with more than 200 pages of definitions for words most commonly used in NIST publications.

First published in 2006 in response to requests for a comprehensive source of definitions, the latest version of Interagency Report 7298, Glossary of Key Information Security Terms, provides the most current definitions, culled from Federal Information Processing Standards; the NIST 800 series of Special Publications, which provide guidance for meeting federal cybersecurity requirements; NIST interagency reports; and the Committee for National Security Systems (CNSS) information assurance publications.

Each definition, from “Access” (the ability to make use of any information system resource) to “Zone of Control” (the three-dimensional space surrounding equipment that processes classified and/or sensitive information) cites the NIST and/or CNSS source.

Authoritative definitions are necessary for agencies to meet requirements for information assurance laid out in the Federal Information Security Management Act and in the standards, specifications and guidelines for implementing them. For example, “continuous monitoring,” which has emerged as key component for federal information security, is defined as “maintaining ongoing awareness to support organizational risk decisions.”

Because the field of information security evolves quickly, the glossary is intended to be a living document, the authors wrote. “It is our intention to keep the glossary current by providing updates online. New definitions will be added to the glossary as required, and updated versions will be posted on the Computer Security Resource Center Web site.”

Comments and suggestions for changes or additions for the publication should be sent to [email protected]

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected