Cybersecurity ABCs: Delivering awareness, behaviours and culture change

ABBREVIATIONS

(ISC)² International Information Systems Security Certification Consortium (www.isc2.org)

2FA two-factor authentication

AIDA awareness, interest, desire and action

B2B business to business

B2C business to consumers

BYOD bring your own device (or, to security professionals, bring your own disaster)

CBT computer-based training

CEO chief executive officer

CISM Certified Information Security Manager – a credential issued by ISACA

CISO chief information security officer

CISSP Certified Information Systems Security Professional – a credential issued by (ISC)²

COVID-19 coronavirus disease (https://www.who.int/emergencies/diseases/novel-coronavirus-2019/technical-guidance/naming-the-coronavirus-disease-(covid-2019)-and-the-virus-that-causes-it)

DNA deoxyribonucleic acid

FCA Financial Conduct Authority (UK)

FUD fear, uncertainty and doubt

GDPR European Union General Data Protection Regulation (properly: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation))

HARK Hypothesizing After the Results are Known

HR human resources

HTML Hypertext Markup Language

IBM International Business Machines, now just IBM (nicknamed ‘Big Blue’)

IEC International Electrotechnical Commission (www.iec.ch)

ISACA Originally Information Systems Audit and Control Association, now just ISACA (www.isaca.org)

ISF Information Security Forum (www.securityforum.org)

ISO International Organization for Standardization (www.iso.org)

IT information technology

KPI key performance indicator

MAS Monetary Authority of Singapore (Singapore)

NCSC National Cyber Security Centre (UK, www.ncsc.gov.uk)

NHS National Health Service (UK)

NIST National Institute of Standards and Technology (US, www.nist.gov)

PCI DSS Payment Card Industry Data Security Standard (https://www.pcisecuritystandards.org/)

RSA Rivest, Shamir and Adleman (www.rsaconference.com)

SANS SysAdmin, Audit, Network and Security (www.sans.org)

SAS Scandinavian Air Systems

SMART specific, measurable, achievable, relevant (or realistic) and time-bound

SP Special Publication – used by NIST (q.v.)

URL Uniform Resource Locator (web address)

USB Universal Serial Bus

VPN virtual private network

Wi-Fi Wireless Fidelity