51% attack

Hostile takeover of a cryptocurrency network that typically involves several miners collaborating or being recruited to compromise a Proof-of-Work or Proof-of-Stake blockchain by wielding or controlling most (more than 50%) of the network‘s validating power, unilaterally changing the blockchain.

Acceptable downtime

Maximum downtime for which a system, network, service etc. can be out of action without materially impacting the business.

Acceptable risk

The nature and quantity of risk that management is willing to endure, hopefully without compromising the organisation’s overall business strategy and mission or key objectives – a subjective, dynamic and contextual concept.

Account disabling

Rate-limiting logon control.

Activation

Enablement, initiation, triggering or executionof a planned activity such as the responseto an incident, emergency, crisis or disaster.

Active attack

Deliberate attack on a system, network, application, function, location, person etc., as opposed to, say, passive monitoring or accidental damage.

Advanced in AI Audit (AAIA)

ISACA’s qualification for experienced technology auditors auditing Artificial Intelligence systems.

Agenda

a) Topics for discussion and consideration, often at a meeting.

b) See Qilin.

Aisuru

Botnet-for-hire, active in 2025. Reportedly capable of mounting a ~30 terabits-per-second Distributed Denial of Service onslaught against unfortunate targets and intermediaries (networkand Cloud Service Providers) for its illicit clients.

Algorithmic bias

Systematic bias created within Artificial Intelligence models by training them (usually inadvertently) on biased data sets or making biased fine-tuning adjustments to their internal weightings.

Alias

See pseudonym.

Allege

To claim.

Altamides

Illicit surveillance software from Indonesian company First Wrap, exploits vulnerabilities in the Signalling System № 7 datacommunications protocol to track cellphones across the globe, intercept SMS/TXT messaging and undermine encrypted messaging.

Antithesis

Contradictory statements. See disambiguation.

Application management

Management of one or more computer applications.

Application recovery

a) Automatic error-detection and recovery capability within an application e.g. resending a message that was corrupted in transit.

b) Process to restore an application’s operational capability following an outage e.g. by rebuilding an application system from backups after a failed change.

Artifical Intelligence Bill Of Materials (AIBOM)

Bill Of Materials for the parts employed in building an Artificial Intelligence system, agent, device or service, such as the models, training data, internal and external components.

Artificial Intelligence Large Language Model (AI/LLM)

See Large Language Model.

Artificial Intelligence Large Language Model (AI/LLM) signature

A set of indicators or characteristics that, collectively, suggest the Artificial Intelligence Large Language Model (non-human) origins of a piece of writing or other creative output.

Artificial Intelligence Risk Management Framework (AI RMF)

NIST’s framework or approach, intended “to improve the ability to incorporate trustworthiness considerations into the design, development, use, and evaluation of AI products, services, and systems.”

Artificial Intelligence aging

See model drift.

Artificial Intelligence model

Core conceptual model around which an Artificial Intelligence system, agent, device or service is built.

Assume breach

Defensive security strategy, challenging the presumption that defences are entirely effective.

Audit client

Customer or governing body who (usually) scopes and specifies, commissions, authorises and pays for an audit.

Audit conclusion

a) Auditor’s definitive high-level statement of the overall outcome of an audit, summing up the key messages for stakeholders – particularly senior managers. 

b) End of an audit engagement.

Audit criteria

Expectations, requirements or obligations of the auditee being assessed by the auditor.

Automated monitoring

Monitoring involving automation.

Automatic Call Distribution or Despatch (ACD)

Call centre telephone system that automatically distributes incoming calls to the relevant people.

Barrier

Obstacle or impediment to progress or communication, generally tangible (e.g. crash-barrier or guardrail, wall, door, moat) but sometimes intangible (e.g. low self-esteem, language difficulties).

Basel Accord

Series of strategic agreements whereby banks maintain sufficient capital reserves, liquidity and transparency to remain resilient, mitigating systemic risks to the global financial system and international economy.

Basic testing

See black box testing.

Batch job

Package of work to be processed on a mainframe or other computer, typically consisting of an application with any non-default runtime parameters and data files.

Baudot code

Early text-encoding scheme invented by Émile Baudot in the 1870s.

Behavioural biometrics

Biometrics derived from observable and measurable patterns of behaviour or activity e.g. the characteristic way a particular person types, uses the mouse, scrolls, swipes or walks (their gait).

Big game hunter

Cybercriminal or spooky gang brazenly targeting powerful victims using ransomware and other means.

Biohazard

Biological materials (e.g. natural toxins, infected blood) or organisms (e.g. pathogenic bacteria or viruses, parasites, toxic plants and fungi) that threaten the health and survival of living organisms which come into contact with, ingest or inhale them.

Blast radius

Metaphorical measure of the extent or scope of damage caused by an incident, both immediate impacts to those directly affected and indirect/downstream consequences.

Blind testing

See black box testing.

Bose Chaudhuri Hocquenghem (BCH) codes

Popular family of datacommunications error-correction codes created independently by Alexis Hocquenghem in 1959 and by Raj Chandra Bose and D. K. Ray-Chaudhuri in 1960.

Brain Computer Interface (BCI)

Innovative telepathic technologies such as brain implants and non-invasive monitors allowing users to send commands controlling prosthetic devices via neural signals, and receive information from sensors and smart systems directly back into their brains.

Broken Object Level Authorisation (BOLA)

Type of Application Programming Interface vulnerabilities allowing unauthenticated users to manipulate resource IDentities in API calls and exploit unauthorised access to internal data.

Business As Usual (BAU)

Organisational normality i.e. routine business operations.

Business continuity management program

Coherent governance approach for Business Continuity Management.

Business interruption insurance

Insurance to offset the costs of incidents that interrupt the business, according to the coverage defined in policy terms and conditions.

Business operations

Routine operations or activities within a business.

Call tree

Structured (cascading) emergency communications arrangement whereby each person is expected to contact certain others (such as peers or members of their teams), efficiently notifying those who need to know.

Call tree test

Process to maintain and gain assurance re the integrity of a call tree arrangement.

Camenisch-Lysyanskaya (CL) credentials

Cryptographically-secured credentials for a person, provided by a trusted IDentity Provider, enabling selected third parties to verify details about the person (such as their age or age-range) without compromising the subject’s privacy – an applicationof Zero-Knowledge Proof.

Can, cannot

Keywords in ISO standards formally express possibility (e.g. ‘smoking can cause cancer’) or capability (e.g. ‘controls can mitigate but cannot eliminate risks’).

Causative, cause-and-effect

Directly linked, such that a particular change (or stasis) in one part always causes a specific, predictable change (or stasis) in another.

Cause

a) The situation, change, factor, activity, etc. that prompts, initiates, leads to or drives effects in a causative relationship.

b) Motivating principle, factor or core aim for a pressure group, such as climate change, vivisection or nuclear proliferation.

Cellular telephone (cellphone)

Mobile telephone that connects wirelessly to global networks via local cells, each typically covering a few square kilometres.

Central Bank Digital Currency (CBDC)

Electronic money scheme operated by central bank institutions on behalf of government authorities.

Central Security Service (CSS)

Spooky US government function (part of the National Security Agency) responsible for coordinating and supporting military uses of cryptography.

Certificate of Cloud Security Knowledge (CCSK)

Cloud Security Alliance’s credential for cloud security professionals.

Certificate of Competence in Zero Trust (CCZT)

Cloud Security Alliance’s credential for Zero Trust professionals.

Certified Red Team Operator (CRTO), Lead (CRTL) or Expert (CRTE)

Qualifications from a number of training bodies intended for red team professionals, typically covering the principles, Tactics, Techniques and Procedures used in penetration testing.

Change freeze

Busy period during which changes are only permitted under exceptional circumstances due to the risk of disrupting critical business activities.

Change owner

Person or function that notionally ‘owns’ and is responsible for the success of a planned change, typically appointing and overseeing a change or project manager.

Change window

Designated period during which planned and approved changes are to be scheduled, coordinated and implemented.

Chatbot

Commonplace application of Artificial Intelligence Large Language Models to interact through online chat (conversation) in a natural, casual style with users seeking information, sales, technical or emotional support etc.

Circuit-switched

Particular communications paths (circuits or routes) through a network are established and used between end points for the duration of each session or call.

Civil emergency

Natural disaster (e.g. earthquake), environmental incident (e.g. chemical spill) or manmade crisis (e.g. terrorist incident) that threatens public safety, property or infrastructure.

Cloud Native Application Protection Platform (CNAPP)

Multifunctional tool to secure cloud services, workflows and environments from development through to production.

Cloud Service Broker (CSB)

Intermediary or match-maker between Cloud Service Providers and Cloud Service Customers, assisting with the formation of productive relationships and the design, provision, integration and management of cloud services.

Cloud Service Customer (CSC)

Organisation or individual consumer/client using cloud services provided by one or more Cloud Service Providers.

Cloud auditor

Technology auditor with the knowledge, skills and competence to audit cloud services.

Cloud native [computing]

Development, integration, testing, deployment and production for cloud services using application microservices communicatingvia Application Programming Interfaces, plus containers, orchestration, DevOps and Continuous Integration/Continuous Delivery approaches.

Cloud service

Information service based on cloud computing, typically delivered through the Internet.

Coalition for Content Provenance and Authenticity (C2PA)

Organisation within the Linux Foundation responsible for the content credential scheme.

Cognitive

Relating to cognition (‘thinking’) i.e. natural mental activities in the brain.

Cognitive bias

Systematic error of rational cognitive function e.g. confirmation bias, Dunning-Kruger effect, anchoring.

Cognitive distortions

Persistent exaggerated/unbalanced or irrational thoughts such as fatalism, perfectionism and all-or-nothing thinking.

Cognitive system

See Artificial Intelligence system.

Combined audit

Simultaneous audit of multiple management systems e.g. ISO/IEC 27001 and ISO/IEC 22301.

Command centre

‘Nerve centre’ or hub through which responses to serious incidents or disasters are managed.

Common Channel Signalling (CCS)

Historic architectural design for telephonic networks used a dedicated (out-of-band) packet-switched channel to pass control signals and commands (e.g. call setup, routing and billing information) for groups of circuit-switched data channels carrying analogue or digital traffic.

Complex system

System whose complex adaptive structure and many interacting parts make modelling intrinsically difficult, leaving its behaviour somewhat uncertain and unpredictable in practice.

Compute

• [Verb] To calculate, analyse, determine or decide, rationally.

• [Adjective or noun] Computing capacity or power.

Computer forensics

Forensics involving the examination of computers/digital devices and digital evidence.

Conditional

Something that depends on something else such as a conditional construct in a software programming language (e.g. if-then-else) or a conditional element.

Confirmation bias

Biased human tendency to seek and over-emphasise information that supports pre-existing beliefs or suspicions, while discounting, downplaying or simply ignoring contradictory evidence and contrary positions.

Confused deputy

Situation in which a vulnerable system, software, agent or person (the deputy) with legitimate authority, access rights or privileges is tricked by another (its client) into inappropriately doing something the client is not permitted to do themself.

Connected vehicle

Vehicle with a mobile network communications capability.

Constraint

Practical limitation, limiting factor or requirement.

Consultant

Organisation or person contracted to provide professional advice for a substantial fee.

Context window

Capacity of a generative Artificial Intelligence system to process information, measured by the maximum number of tokens it can handle simultaneously.

Contingent Business Interruption (CBI) insurance

Insurance against operational interruptions caused by external supply chain issues such as delayed or non-delivery of essential products from a supplier following a ransomware or hacking incident.

Continuity Of OPerations (COOP) plan

See Business Continuity Plan.

Continuity plan

See Business Continuity Plan.

Continuous Delivery (CD)

Rapid Application Development method involving automated packaging of compiled software followed by Production Acceptance Testing.

Continuous Deployment (CD)

Rapid Application Development method involving automated packaging of compiled software followed by automated Production Acceptance Testing and (if it passes) automated deployment into production, without manual intervention.

Continuous Integration (CI)

Rapid Application Development method involving frequent small deliveries of newly developed or changed code into a shared repository.

Continuous Integration/ Continuous Delivery [or Deployment] (CI/CD)

Rapid Application Development approach where Continuous Integration extends into Continuous Delivery and perhaps as far as Continuous Deployment.

Continuous assessment

See monitor.

Continuous operations

Nonstop business activities.

Control Overlays for Securing Ai Systems (COSAiS)

Series of draft NIST guidelines on securing Artificial Intelligence systems.

Copyedit

Process of checking and revising the content of a draft document (the ‘copy’) such as a book, article, policy or contract in order to improve the quality, grammar, spelling, readability etc. of the final product.

Core business

Essential operational processes, systems and activities, the continuity, reliability, security and productivity of which an organisation relies upon to achieve its objectives or mission.

Corporate, corporation, body corporate

Typically refers to a large ‘company’ (a ‘commercial business’), ‘enterprise’ or ‘group’.

Crisis fatigue

Emotional and physical exhaustion or burnout resulting from chronic or severe stress.

Critical operations

Business operations which actually are, or are thought to be, critical to the organisation.

Critical third parties

Third parties such as suppliers, partners, customers, investors, financiers and creditors which actually are, or are thought to be, critical to the organisation.

Crypter

Leet term for a tool or service to obfuscate or encrypt malware code to resist, delay, frustrate or prevent its detection and analysis.

Custom attribute

Attribute of special interest, concern or value to a particular organisation or situation, as opposed to something generic or standard.

Custom control

Control specified, designed and developed for a particular organisation, situation or control objective, as opposed to something generic or standard.

Cybersecurity assurance

Assurance regarding cybersecurity.

CybersecurityControl

Security control intended to mitigate unacceptable cyber risks.

CybersecurityWorkforce

Cybersecurity specialists and other workers with cybersecurity responsibilities.

Damage

Harmful reduction of utility, value or health.

Damage assessment

Post-event assessment and evaluation of the damage caused by a storm, fire, cyber incident or some other disaster, with a view to planning the next steps.

Data [at] risk

Risk (uncertain possibility) of vulnerable data being exposed and compromised by threats, causing adverse impacts.

Data mirroring

Duplication or replication of critical data in near real time across two or more computer systems, servers, data storage devicesor data centres, increasing resilience against hardware failures and some other incidents, but greater complexity, dependencies and costs.

Data recovery or restoration

a) Returning data from backup or archival (standby, secondary or supplemental storage media, often offline) to operational (primary) systems to resume normal processing following an incident.

b) Specialist forensic techniques, tools and technologies to recover usable data (in whole or in part) from damaged storage media or systems, or following deliberate concealment.

Data sovereignty

Expectation, requirement or right of a data owner to insist that their data remain within a given jurisdiction – generally, a zone, state, country or continent – within which they believe it will be adequately protected under privacy or other laws, regulations and controls.

Decision

Something decided, determined or resolved.

Declaration

Statement, proclamation or announcement formally declaring something significant.

Decommission

Take out of service.

Define

To craft, compose or compile a definition.

Deserialisation

Expansion of ‘serialized’ (coded, compressed) data formats in order to utilise the data.

Deterministic

Predictable as a result of direct causative relationships - a feature of simple processes, mechanisms, systems and machines.

Devolution

See delegated authority.

Diameter

Authentication, Authorisation and Accounting protocol destined to replace RADIUS.

Diffusion model

Artificial Intelligence technique that sequentially adds noise data to a known starting point (such as a training image or musical piece), then systematically reverses the process to remove the noise, learning the effects of the changes at each stage.

Digital Euro scheme rulebook

DRAFT document about the proposed ‘digital Euro’ Central Bank Digital Currency scheme currently being debated thrashed-out by the European Central Bank and European Council.

Digital legacy

When we die, almost everyone leaves behind a number of local and online accounts and digital assets protected by authentication credentials and access controls.  Don’t take your passwords to the grave!

Digital twin testing

a) Use of digital twins to test (explore, analyse and evaluate) complex systems safely, without threatening or impacting live operations,

b) Testing and refining digital twins e.g. by comparing the behaviour of replicas or models against the real systems.

Direct Memory Access (DMA)

Facility allowing physically-attached peripherals such as video cameras and external disk drives to read and write datain a computer’s Random Access Memory directly.

Direct Memory Access (DMA) attack

Hacking technique that exploits physical access to a vulnerable FireWire port to read or modify Random Access Memory contents directly.

Direct, directing

a) [Verb] To instruct, command or mandate e.g. using a directive.

b) [Adjective] Closely-integrated, tied-to or associated-with, immediate, proximal, obvious or self-evident.

Direction

a) Instruction or mandate from an authority e.g. a manager.

b) Future path, heading, trend or orientation.

Disambiguation, negative-positive restatement, antithesis

Linguistic terms for contrasting constructs of the form “not this, but that”, one of several AI LLM signatures over-used by Artificial Intelligence Large Language Models.

Disaster management

Processes involved in monitoring, directing, controlling, testing and systematically improving the organisation’s planning, preparedness, identification of and responses to disasters.

Disaster recovery exercise

Process to practice or rehearse the declaration, invocation and execution of a Disaster Recovery Plan (typically by emulatinga disaster scenario), gaining competence, confidence and assurance in arrangements likely to be critical following an actual disaster.

Disaster recovery planning

Process of preparing, managing, exercising and maintaining a workable Disaster Recovery Plan.

Disaster risk

Uncertain nature and timing of serious and potentially disastrous incidents, emergencies or crises.

Double-blind testing

Testing, assessment or audit method in which the tester has no prior knowledge of the target aside from publicly-available information. Additionally, the target's administrators are not pre-warned about the test.

Downtime

a) Time off, time out, a welcome break or outage.

b) Measure of the length or proportion of time during which a service, system, network, worker etc. is unavailable or falls short of its specified, required, agreed or expected performance.

Drift

Artificial Intelligence systems may depart gradually from their original training due to the accumulation of internal changes to model weights etc.

Dynamic

Changing or changeable over time. Often implies proactive responsiveness to rapid, complex and unpredictable variations.

Dynamic packet filtering

See stateful firewall.

Electronic money

Digital representation of conventional currency issued by a country’s central bank.

Electronic waste

Redundant/surplus electronic equipment to be disposed of.

Emergency change (or patch)

Critically-important high-priority change or patch whose deployment and implementation is urgently required to mitigate risk or recover from an incident.

Emergency plan

a) Contingency plan made in anticipation of a future emergency or crisis of some sort.

b) Plan made urgently in the course of dealing with an actual or impending emergency.

Emergency preparedness

Contingency preparations in readiness for a future emergency or crisis of some sort.

Emergency relocation group (ERG)

a) Team responsible for planning, preparing and assisting with the shift of critical operations to an alternative location in the event of a physical disaster preventing workers accessing the primary or normal site.

b) Specific workers anticipated to relocate to alternative facilities (e.g. a hot, warm or cold site) in order to sustain or recover critical business activities if their normal facilities are out of action.

Emergency response

a) a) Pre-planned activities in response to an emergency, crisis or disaster, designed to protect (surviving) assets and maintain or recover critical operations.

b) The actual reaction and response to an emergency, in practice.

Emergency response plan

Contingency plan to respond effectively to a future emergency, crisis or disaster of some sort.

Emergency response team (ERT)

Team responsible for executing the planned response to a future emergency, crisis or disaster of some sort.

Escalation

Increasing the level, quantity, significance or severity of something e.g. privileges, access rights, incidents, alarms and alerts, risks, threats, impacts, management engagement, priorities, tensions, stakes, rates or charges.

Essential service

Critical or vital service involving significant information risks, therefore deserving strong information security, resilience, safety etc.

Event Query Language (EQL)

Flexible computer language for the Elasticsearch platform, used by cybersecurity incident analysts to query event logs, real-time alerts etc., responding accordingly.

Executive/management succession plan

Succession plan for managers.

Extra expense insurance

“Insurance covering the additional cost to maintain operations or get back in operation more quickly following property loss.” (DRI glossary).

FIDO security key

User authentication device like a USB memory stick with a fingerprint reader.

Failure notification policy

Policy concerning timely notification of relevant parties unplanned service outages or security incidents resulting from the failure (or absence!) of effective preventive controls.

Fallacy

Credible yet false and misleading belief, reasoning or argument resulting from logical errors or flaws.

Fallback site

Alternate site.

Fancy bear, APT28

Russian government-backed group of cyber-spooks active since the mid-2000s, attributed with cyber-attacks on political targets.

Federated learning

Distributed (cloud-based, decentralised, collaborative, client-server) training of a shared Artificial Intelligence Machine Learning model.

First line (of defence)

a) In the first World War, the front-line trenches bordering no man’s land were the first and most vital defensive lines.

b) In The Institute of Internal Auditors’ three lines model, the first line (management) owns Enterprise Risk Management as a whole, supported by the second and third lines.

Foundation model

Artificial Intelligence Machine Learning or Deep Learning system trained on big data, giving it a broad if shallow understanding, forming the basis for further in-depth training in more specialised areas and capabilities.

Fractional Chief Information Security Officer (CISO)

Part-time Chief Information Security Officer service, typically provided remotely on contract by a specialist cybersecurity company (a Managed Security Service Supplier) to several smaller organisations without the resources or need for a permanent in-house on-site CISO.

Fragile

Tends to fracture, break, snap or fail suddenly when stressed.

Full-stack development

Development of client-server applications, covering both client (front-end user interface) and server (back-end database and logic) components plus their integration into complete systems.

GIAC AI Security Automation Engineer (GASAE)

GIAC’s qualification for security engineers using Artificial Intelligence to build, scale and defend complex enterprise environments.

GIAC Offensive AI Analyst (GOAA)

GIAC’s qualification for penetration testers using Artificial Intelligence tools and techniques.

Gaslighting

Social engineering technique, manipulating a situation and using disinformation in an attempt to convince the target that they are mistaken.

Generative Artificial Intelligence (genAI) system

Computer system providing generative Artificial Intelligence services.

Geographic dispersion

Deliberate resilience and business continuity strategy to mitigate information, environmental, political, financial and other risks arising from concentrating business assets(including workers) and activities (particularly business-critical ones) in a single physical location.

Glass box testing

See white box testing.

Goodhart's law

“When a measure becomes a target, it ceases to become a good measure.”

Hashcat

Open-source password recovery utility for Linux, Windows and macOS systems.

High availability

Design criterion, objective or requirement for information systems, services, resources etc. supporting important business processes, safety functions etc.

Host Based Capability (HBC)

Some sort of technical capability or functionality provided on or by a networked computer system.

Human threat

a) Threat presented by or involving malicious humans, such as a hack, ransom demand, fraud, carelessness and incompetence, or dangerous activities.

b) Threat or hazard to the wellbeing, health and safety or survival of human beings, such as disease, accident, poverty or chronic stress.

IPI

Abbrev: Indirect Prompt Injectionor Ignore Previous Instructions, depending on context.

Impact tolerance

Tolerable range of impacts

Important Business Service (IBS)

See core business.

In-context learning (ICL)

Where a Large Language Model uses examples or other information provided by users with their prompts, interpreting and applying the guidance within the context of those prompts, supplementing its pre-trained knowledge.

Incident command

Focal point of incident management, providing command (clear authority, oversight and overall direction of the incident response), control (of the scene and activities), plus coordination, communication and collaboration between those involved.

Incident command system

System and management framework for incident command.

Incident management plan

Plan for incident management.

Incident manager

Person managing an incident.

Independent attitude

State of mind that is free of undue influence or constraint, remaining objective and impartial, such as an auditor or judge.

Indirect

Circuitous, tenuous, circumstantial, weakly-connected, not straightforward and direct.

Indirect Prompt Injection (IPI)

Form of prompt injection using hidden text on a web page to compromise Artificial Intelligence systems and AI agents that parse the page.

Indirect connection

a) Communications link or path that is indirect e.g. routed via intermediate systems and networks rather than taking a direct, obvious, point-to-point route.

b) Obscure, loose or tenuous linkage or association between observations, concepts, factors, people, organisations etc.

Indirection

a) Software programming reference to an identifier, name, tag or labelfor something (e.g. a memory location) rather than the thing itself (the instruction or data at that location).

b) Use of allusion, simile, vague, obscure and potentially misleading references as opposed to direct statements.

Information Technology Service Continuity Management (ITSCM)

Proactive management, monitoring and maintenance of information services and the associated infrastructure to deliver specified levels of availability.

Infrastructure-as-Code (IaC)

Automated provisioning and configuration of data centre Information Technology resources (servers, virtual machines, databases, applications and networks) using coded (machine-readable) definitions.

Insecure Direct Object Reference (IDOR)

See Broken Object Level Authorisation.

Insurance assessment

Fraught process following an incident and insurance claim to evaluate (quantify) the damage (impacts) and recovery costs, determine which aspects or elements and what proportion was covered, and negotiate a settlement.

Insurance policy

Contract for insurance services.

Interdependent

Organisations, processes, systems, people etc. bound together e.g. by operational or supply chain linkages, common factors, partnerships or shared objectives.

Intrusion Detection and Prevention System (IDPS)

Security system capable of both detecting and respondingto network intrusions or other attacks.

e-money

Abbrev: electronic money.

e-waste

Abbrev: electronic waste.

eXplainable Artificial Intelligence (XAI)

Artificial Intelligence reasoning and decision-making that is sufficiently transparent and straightforward to be interpreted and understood by a competent person.

eXtendable-Output Function (XOF)

Hash function (algorithm) such as SHAKE128 or 256 that generates a fixed-length hash value (e.g. a cryptographic key or password hash) from an input string of arbitrary length.

eXtended Validation (EV)

Certification authorities may conduct additional checks on applicants for their digital certificates, typically offering the resulting ‘EV’ certificates at a higher price reflecting the additional costs and trustworthiness.

eXtensible Markup Language (XML)

Data markup language uses named fields (defined in an XML schema) of variable lengths (defined in the field name tags), facilitating the exchange of data records between application systems.