This lexicon comprises a set of approximately 50 core terms related to cyber security and cyber resilience in the financial sector. It is intended to support the work of the FSB, standard-setting bodies, authorities and private sector participants, e.g. financial institutions and international standards organisations, to address financial sector cyber resilience. The lexicon includes the following terms:

  • Access Control
  • Identity and Access Management (IAM)
  • Accountability
  • Incident Response Team (IRT)
  • Advanced Persistent Threat (APT)

  • Indicators of Compromise (IoCs)
  • Asset
  • Information Sharing
  • Authenticity
  • Information System
  • Availability
  • Integrity
  • Campaign
  • Malware
  • Compromise
  • Multi-Factor Authentication
  • Confidentiality
  • Non-repudiation
  • Course of Action (CoA)
  • Patch Management
  • Cyber
  • Penetration Testing
  • Cyber Advisory
  • Protect (function)
  • Cyber Alert
  • Recover (function)
  • Cyber Event
  • Reliability
  • Cyber Incident
  • Respond (function)
  • Cyber Incident Response Plan
  • Situational Awareness
  • Cyber Resilience
  • Social Engineering
  • Cyber Risk
  • Tactics, Techniques and Procedures (TTPs)
  • Cyber Security
  • Threat Actor
  • Cyber Threat
  • Threat Assessment
  • Data Breach
  • Threat Intelligence
  • Defence-in-Depth
  • Threat-Led Penetration Testing (TLPT)
  • Denial of Service (DoS)
  • Threat Vector
  • Detect (function)
  • Traffic Light Protocol (TLP)
  • Distributed Denial of Service (DDoS)
  • Verification
  • Exploit
  • Vulnerability
  • Identify (function)
  • Vulnerability Assessment