Electronic signature:

Any mark in electronic form associated with an electronic document, applied with the intent to sign the document.


To convert plaintext to ciphertext by means of a cryptographic system.


To convert plaintext to ciphertext by means of a code.


The generic term encompassing encipher and encode.


The process of transforming plaintext into ciphertext. Converting data into a form that cannot be easily understood by unauthorized people.

Enterprise risk management:

A comprehensive approach to risk management that engages people, processes, and systems across an organization to improve the quality of decision making for managing risks that may hinder an organization’s ability to achieve its objectives.  Involves identifying mission dependencies on enterprise capabilities, identifying and prioritizing risks due to defined threats, implementing countermeasures to provide both a static risk posture and an effective dynamic response to active threats; and assessing enterprise performance against threats and adjusts countermeasures as necessary.


An observable occurrence in an information system or network. Sometimes provides an indication that an incident is occurring or at least raise the suspicion that an incident may be occurring.


The unauthorized transfer of information from an information system.


A technique to breach the security of a network or information system in violation of security policy.

Exploitation Analysis:

In the NICE Framework, cybersecurity work where a person: Analyzes collected information to identify vulnerabilities and potential for exploitation.


The condition of being unprotected, thereby allowing access to information or access to capabilities that an attacker can use to enter a system or network.