Commonly Used Cybersecurity Acronyms
July 30, 2025
Acronyms are everywhere in cybersecurity, and understanding them is vital to navigate technical documentation, compliance requirements, and industry conversations. We've consolidated a list of commonly used acronyms from our internal guides, NIST publications, and email communications to help you stay informed.
In today's digital landscape, understanding cybersecurity terminology isn't just for IT specialists. Small and midsize businesses face the same threats as larger companies but often with fewer resources to combat them. This guide breaks down the most important cybersecurity acronyms you'll encounter, helping you communicate more effectively with security professionals and make informed decisions about protecting your digital assets.
Cybersecurity Acronym Glossary
Below is a curated list of acronyms and their definitions. This glossary is sourced from documents such as the Assessment Guide, NIST IR publications, and insider threat manuals, as well as email exchanges with our team.
2FA/MFA
Two-Factor Authentication/Multi-Factor Authentication - Security processes requiring users to verify identity through multiple methods beyond just a password.
5G
Fifth Generation Wireless - Modern cellular network standard.
AAA
Authentication, Authorization, Accounting - Framework for controlling access and logging usage.
ACL
Access Control List - Rules that decide what traffic is allowed or denied.
AES
Advanced Encryption Standard - A specification for the encryption of electronic data.
AP
Access Point - Device that connects wireless clients to a wired network.
API
Application Programming Interface - A set of rules that allows programs to talk to each other.
APT
Advanced Persistent Threat - Sophisticated, targeted cyber attacks where unauthorized users gain and maintain long-term access.
ARP
Address Resolution Protocol - Maps IP addresses to MAC addresses.
AS
Autonomous System - A collection of IP networks under one administrative domain, identified by an ASN.
ATM
Asynchronous Transfer Mode - Old but once-popular cell-based switching tech.
BER
Bit Error Rate - Number of bit errors in transmission.
BGP
Border Gateway Protocol - The "postal service" of the internet, used between ISPs.
BPDU
Bridge Protocol Data Unit - Control message used in STP.
BSSID
Basic Service Set Identifier - MAC address of an access point.
BW
Bandwidth - Maximum rate of data transfer.
BYOD
Bring Your Own Device - Policy allowing personal devices on corporate networks.
CA
Certificate Authority - Trusted entity that issues digital certificates.
CASB
Cloud Access Security Broker - Software that sits between cloud service users and cloud applications.
CDN
Content Delivery Network - A distributed platform of servers that helps minimize delays in loading web page content.
CDP
Cisco Discovery Protocol - Cisco proprietary device discovery protocol.
CIRP
Cyber Incident Response Plan - A documented approach to addressing and managing cybersecurity incidents.
CISO
Chief Information Security Officer - Executive responsible for an entity's information and data security.
CMMC
Cybersecurity Maturity Model Certification - A unified standard for implementing cybersecurity across the defense industrial base.
CoS
Class of Service - Layer 2 traffic prioritization marking.
CRM
Customer Relationship Management - Systems used to manage customer data and interactions.
CSIRT
Computer Security Incident Response Team - A group responsible for receiving, reviewing, and responding to computer security incident reports.
CSRM
Cybersecurity Risk Management - The process of identifying, analyzing, evaluating, and addressing cybersecurity risks.
CVSS
Common Vulnerability Scoring System - A framework for rating the severity of computer system security vulnerabilities.
DDoS
Distributed Denial of Service - Attack that floods systems with traffic to disrupt service.
DFARS
Defense Federal Acquisition Regulation Supplement - A set of cybersecurity regulations for defense contractors.
DFS
Dynamic Frequency Selection - Automatically avoids radar frequencies in Wi-Fi.
DHCP
Dynamic Host Configuration Protocol - Hands out IP addresses automatically.
DKIM
DomainKeys Identified Mail - An email authentication method designed to detect email spoofing.
DLP
Data Loss Prevention - Tools that prevent unauthorized exfiltration of sensitive data.
DMARC
Domain-based Message Authentication, Reporting, and Conformance - An email authentication protocol.
DMZ
Demilitarized Zone - A network segment between the internet and LAN for public-facing servers.
DNS
Domain Name System - Translates human-friendly names into IP addresses.
DoS
Denial of Service - Attack that disrupts availability by flooding resources.
DSCP
Differentiated Services Code Point - Field in IP header for QoS marking.
DSL
Digital Subscriber Line - Broadband over telephone lines.
EAP
Extensible Authentication Protocol - Framework for authentication over Wi-Fi and PPP.
ECMP
Equal-Cost Multi-Path - Load balancing traffic across multiple equal-cost routes.
EDR
Endpoint Detection and Response - Tools that continuously monitor endpoints to detect and respond to cyber threats.
EGP
Exterior Gateway Protocol - General term for routing protocols used between ASes.
EIGRP
Enhanced Interior Gateway Routing Protocol - Cisco proprietary hybrid routing protocol.
EVPN
Ethernet VPN - MPLS/BGP-based Layer 2 VPN solution.
FHRP
First Hop Redundancy Protocol - Family of protocols providing default gateway redundancy.
FMEA
Failure Mode Effects Analysis - A step-by-step approach for identifying potential failures.
FQDN
Fully Qualified Domain Name - Complete domain name (e.g., host.example.com).
FTP
File Transfer Protocol - Protocol for file transfers.
GDPR
General Data Protection Regulation - European Union regulation on data protection and privacy.
GRE
Generic Routing Encapsulation - Encapsulates packets to create point-to-point tunnels.
HIPAA
Health Insurance Portability and Accountability Act - U.S. legislation for safeguarding medical information.
HMAC
Hash-Based Message Authentication Code - Method for verifying message integrity/authenticity.
HSRP
Hot Standby Router Protocol - Cisco protocol for gateway redundancy.
HTTP
HyperText Transfer Protocol - Foundation of web communication.
HTTPS
HyperText Transfer Protocol Secure - Encrypted HTTP using TLS.
IaaS
Infrastructure as a Service - Cloud model providing compute/storage/network.
IAM
Identity and Access Management - Framework of policies ensuring appropriate access to resources.
ICMP
Internet Control Message Protocol - Used for network diagnostics (ping, traceroute).
IDS
Intrusion Detection System - Detects malicious activity but doesn't block.
IGMP
Internet Group Management Protocol - Manages multicast group memberships.
IGP
Interior Gateway Protocol - General term for routing protocols used within an AS.
IKE
Internet Key Exchange - Protocol used in IPsec for secure key negotiation.
IMAP
Internet Message Access Protocol - Retrieves and manages email.
IoT
Internet of Things - Network of physical objects embedded with sensors and software.
IP
Internet Protocol - Provides addressing and routing of packets.
IPS
Intrusion Prevention System - Detects and blocks malicious network traffic.
IPsec
Internet Protocol Security - Encryption/authentication protocol suite for IP traffic.
IS-IS
Intermediate System to Intermediate System - Link-state routing protocol similar to OSPF.
ISDN
Integrated Services Digital Network - Circuit-switched digital transmission standard (legacy).
ISP
Internet Service Provider - Company that provides internet access.
Jitter
Variation in packet delay times.
Kerberos
Authentication protocol using tickets and symmetric cryptography.
KPI
Key Performance Indicator - Measurable values demonstrating how effectively objectives are achieved.
L2TP
Layer 2 Tunneling Protocol - VPN tunneling protocol, often paired with IPsec.
LACP
Link Aggregation Control Protocol - Bundles multiple network links for redundancy/bandwidth.
LAN
Local Area Network - A small local network (like in your house or office).
LDAP
Lightweight Directory Access Protocol - Protocol for accessing directory services.
LLDP
Link Layer Discovery Protocol - Vendor-neutral device discovery protocol.
LTE
Long-Term Evolution - Standard for 4G wireless broadband.
MAC
Media Access Control - Unique hardware address of a network interface card.
MACsec
Media Access Control Security - Provides encryption and integrity for traffic on Ethernet links.
MAN
Metropolitan Area Network - Regional-scale network between LANs and WANs.
MDM
Mobile Device Management - Software allowing IT administrators to control and secure devices.
MPLS
Multiprotocol Label Switching - High-performance routing method using labels instead of IP lookups.
MSS
Maximum Segment Size - Largest segment of TCP data a device is willing to receive.
MSSP
Managed Security Service Provider - Companies offering outsourced monitoring and management of security systems.
MTU
Maximum Transmission Unit - The largest packet size a network link can handle.
MU-MIMO
Multi-User, Multiple Input, Multiple Output - Wi-Fi tech allowing simultaneous data streams.
NAT
Network Address Translation - Maps private IPs to a public IP.
NFV
Network Functions Virtualization - Virtualizing network services (firewalls, routers).
NIST
National Institute of Standards and Technology - Agency developing cybersecurity standards.
NSX
Network Virtualization and Security Platform - VMware's SDN product.
NTP
Network Time Protocol - Synchronizes clocks over a network.
OFDM
Orthogonal Frequency Division Multiplexing - Modulation technique used in Wi-Fi and LTE.
OpRisk
Operational Risk - Risk of loss from inadequate or failed internal processes.
OSPF
Open Shortest Path First - A routing protocol for finding efficient paths inside a network.
OTP
One-Time Password - Password valid for only one login session.
OWASP
Open Web Application Security Project - Online community producing web application security resources.
PaaS
Platform as a Service - Cloud model providing platforms for applications.
PAT
Port Address Translation - A type of NAT that also maps ports.
PCI DSS
Payment Card Industry Data Security Standard - Information security standard for handling credit card data.
PHI
Protected Health Information - Individually identifiable health information protected under HIPAA.
PII
Personally Identifiable Information - Data that could potentially identify a specific individual.
PKI
Public Key Infrastructure - Framework for managing certificates and keys.
PoE
Power over Ethernet - Supplies electrical power to devices over the network cable.
POP3
Post Office Protocol version 3 - Downloads email from a server.
PPP
Point-to-Point Protocol - Protocol for direct connections between two nodes.
PPPoE
Point-to-Point Protocol over Ethernet - Used by ISPs to authenticate broadband subscribers.
Q-in-Q
Technique for stacking VLAN tags in Ethernet frames.
QBR
Quarterly Business Review - Regular assessment of business performance.
QoS
Quality of Service - Prioritization of network traffic for performance.
RADIUS
Remote Authentication Dial-In User Service - Authentication/authorization/accounting protocol.
RARP
Reverse Address Resolution Protocol - Maps MAC addresses back to IPs (obsolete).
RBAC
Role-Based Access Control - Method of restricting system access based on roles.
RDP
Remote Desktop Protocol - Microsoft protocol for remote GUI sessions.
RIP
Routing Information Protocol - Early distance-vector routing protocol.
RMF
Risk Management Framework - A structured approach to identify, assess, and manage risk.
RMM
Remote Monitoring and Management - Software used by MSPs to monitor client endpoints.
RSSI
Received Signal Strength Indicator - Measurement of Wi-Fi signal power.
RST
Reset Flag - TCP flag that immediately terminates a connection.
RSTP
Rapid Spanning Tree Protocol - Faster-converging STP variant.
RTT
Round-Trip Time - Time it takes for a packet to go to a destination and back.
SaaS
Software as a Service - Software licensing and delivery model.
SCP
Secure Copy Protocol - File transfer over SSH.
SDH
Synchronous Digital Hierarchy - SONET equivalent used outside North America.
SDN
Software Defined Networking - Abstracts control of the network into software.
SFTP
SSH File Transfer Protocol - Secure file transfer over SSH.
SIEM
Security Information and Event Management - Software providing real-time analysis of security alerts.
SMTP
Simple Mail Transfer Protocol - Protocol for sending email.
SNMP
Simple Network Management Protocol - Manages and monitors network devices.
SNR
Signal-to-Noise Ratio - Signal strength compared to background noise.
SOC
Security Operations Center - Facility where security professionals monitor and protect against threats.
SONET
Synchronous Optical Network - Standard for fiber optic transport (North America).
SPF
Sender Policy Framework - Email authentication method to detect forging sender addresses.
SQL
Structured Query Language - Programming language used to communicate with databases.
SSH
Secure Shell - Encrypted remote management protocol.
SSID
Service Set Identifier - The name of a Wi-Fi network.
SSL
Secure Sockets Layer - Old standard for encryption, now replaced by TLS.
SSO
Single Sign-On - Authentication process allowing access to multiple applications with one login.
STP
Spanning Tree Protocol - Prevents loops in switch networks.
Syslog
Standard for logging system messages across a network.
TACACS
Terminal Access Controller Access-Control System - Original AAA protocol.
TACACS+
Terminal Access Controller Access-Control System Plus - Cisco protocol for AAA.
TCP
Transmission Control Protocol - Reliable, connection-oriented transport layer protocol.
TFTP
Trivial File Transfer Protocol - Lightweight, insecure file transfer protocol.
Throughput
Actual rate of successful data delivery.
TLS
Transport Layer Security - Modern encryption standard used in HTTPS, VPNs, etc.
UDP
User Datagram Protocol - Lightweight, connectionless transport layer protocol.
VLAN
Virtual Local Area Network - Logical separation of networks on the same switch.
VNF
Virtual Network Function - Virtualized instance of a network appliance.
VoIP
Voice over Internet Protocol - Phone calls over IP networks.
VPN
Virtual Private Network - Encrypted tunnel between networks or devices.
VRRP
Virtual Router Redundancy Protocol - Vendor-neutral gateway redundancy protocol.
VTP
VLAN Trunking Protocol - Cisco protocol for distributing VLAN info.
VXLAN
Virtual Extensible LAN - Encapsulation protocol for creating overlay networks in data centers.
WAF
Web Application Firewall - A firewall that filters and blocks HTTP/S traffic.
WAN
Wide Area Network - A network that spans a large geographic area.
WEP
Wired Equivalent Privacy - Old, insecure Wi-Fi encryption.
WPA2
Wi-Fi Protected Access 2 - Common Wi-Fi encryption standard.
WPA3
Wi-Fi Protected Access 3 - Current Wi-Fi security protocol.
XDR
Extended Detection and Response - Security approach unifying multiple security products.
Zero-day
Security flaw unknown to the software vendor that hackers can exploit before it's patched.
ZTA
Zero Trust Architecture - Security model requiring strict identity verification for everyone.
Why Understanding These Acronyms Matters
For small and midsize businesses, cybersecurity knowledge translates directly to risk management. When you understand these terms, you can:
- Communicate effectively with IT security professionals
- Make more informed decisions about security investments
- Better understand compliance requirements affecting your industry
- Assess potential vulnerabilities in your current setup
- Develop more comprehensive security policies
How to Use This Glossary
Bookmark this page or integrate these acronyms into your internal documentation. Understanding these terms can improve communication across teams and help with onboarding new staff or clients.
Consider creating flashcards from these acronyms for team training sessions, or include them in your security awareness program. Regular exposure to these terms will help staff become more comfortable with cybersecurity concepts.
Taking Action: Next Steps for Your Business
Knowledge of terminology is just the beginning. Here are practical steps to improve your cybersecurity posture:
- Conduct a security assessment using these terms as a framework
- Identify which security measures are most critical for your specific operations
- Consider working with an MSSP if in-house expertise is limited
- Implement at least basic protections like MFA and endpoint security
- Develop an incident response plan before you need it
Real-World Impact
Our clients often reference this glossary during audits, tabletop exercises, and policy development. Having a shared understanding of terminology helps reduce confusion and ensures alignment across departments.
As cyber threats continue evolving, staying informed about cybersecurity terminology helps your business maintain resilience against increasingly sophisticated attacks. While large corporations may have extensive security teams, small and midsize companies can achieve comparable protection by understanding and implementing these fundamental concepts.
Need Help with Cybersecurity Documentation?
Contact STACK Cybersecurity for assistance in building glossaries, policy templates, and training materials tailored to your business. We specialize in making complex cybersecurity concepts accessible and actionable.
Website: stackcyber.com
Email: digital@stackcyber.com
Phone: (734) 744-5300