GC Cyber Security Event Management Glossary

From wiki
Jump to navigation Jump to search



Glossary

Below you will find a glossary of terms used in the GC Cyber Security Event Management Plan (GC CSEMP). All terms below are defined in the context of the GC CSEMP.

Glossary of Terms
Term Definition
Compromise The unauthorized access to, disclosure, modification, use, interruption, removal, or destruction of information or assets, causing a loss of confidentiality, integrity, availability and/or value.
Cyber Security Event Indication that a cyber vulnerability may exist, that a cyber threat may be planned or that a cyber security incident may have occurred, requiring analysis and a risk management decision to determine an appropriate course of action (Note: Individual day-to-day events, such as those collected by a SIEM, are not considered in this definition).
E.g. Disclosure of a new vulnerability, intelligence that a threat actor may be planning an attack against a GC information system (e.g. DDOS attack), etc.
Cyber Security Incident Any cyber security event (or collection of security events) or omission that results in the compromise of a GC IT system.
E.g. Active exploitation of one or more identified vulnerabilities, exfiltration of data, failure of a security control, etc.
Cyber Threat Any potential event or act, deliberate or accidental, that could result in the compromise of a GC IT system.
Cyber Vulnerability Any factor that could increase an IT system’s susceptibility to compromise.

Acronyms and Abbreviations

Below is a list of acronyms and abbreviations that are commonly used in the GC CSEMP.

ADM Assistant Deputy Minister
BCP Business Continuity Plan
CCIRC Canadian Cyber Incident Response Centre
CCNSS Canadian Committee on National Security Systems
CIO Chief Information Officer
CIOB Chief Information Officer Branch
CIOC Chief Information Officer Committee
Comms Communications
CSE Communications Security Establishment
CSEMP Cyber Security Event Management Plan
CSEMT Cyber Security Event Management Team
CSIS Canadian Security Intelligence Service
CTEC Cyber Threat and Evaluation Centre
DG Director General
DND/CAF Department of National Defence / Canadian Armed Forces
DR Disaster Recovery
DSO Departmental Security Officer
EEMT Executive Event Management Team
ERC Event Response Committee
FERP Federal Emergency Response Plan
FIPC Federal Information Protection Centre
GC Government of Canada
GC-CIRT Government of Canada Computer Incident Response Team
GOC Government Operations Centre
IT Information Technology
ITSIRT Information Technology Security Incident Recovery Team
ITSec Information Technology Security
LSA Lead Security Agency
MITS Management of Information Technology Security
NSS National Security Systems
PCO Privy Council Office
PGS Policy on Government Security
PS Public Safety
RCMP Royal Canadian Mounted Police
RFA Request for Action
SC Strategic Communications
SCMA Strategic Communications and Ministerial Affairs
SIEM Security information and event management
SOC Security Operations Centre
SOP Standard Operating Procedure
SSC Shared Services Canada
TBS Treasury Board of Canada Secretariat
WG Working Group