Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST IR 7298 Rev. 3 (Initial Public Draft)

Glossary of Key Information Security Terms

Date Published: September 2018
Comments Due: December 21, 2018 (public comment period is CLOSED)
Email Questions to:


Celia Paulsen (NIST)


NIST has created an easily accessible repository of terms and definitions extracted verbatim from NIST Federal Information Processing Standards (FIPS), Special Publications (SPs), and Internal or Interagency Reports (IRs), as well as from the Committee on National Security Systems Instruction 4009 (CNSSI-4009). 

This repository is intended to help users understand terminology, recognize when and where multiple definitions may exist, and identify a definition that they can use. 

We encourage careful review of the online glossary database as well as the methodology described in this publication Specifically, we request feedback on any areas that may need changes to improve the accuracy and long-term usability of the glossary and the associated database.



cybersecurity; definitions; glossary; information assurance; information security; terminology
Control Families

None selected


Draft NISTIR 7298 Rev. 3 (pdf)

Supplemental Material:
Online Glossary

Document History:
09/28/18: IR 7298 Rev. 3 (Draft)
07/03/19: IR 7298 Rev. 3 (Final)


Security and Privacy

general security & privacy