The state that exists when information is being electronically sent from one location

Container Runtime

The environment for each container; comprised of binaries coordinating multiple OS

Contingency Plan

Management policy and procedures used to guide an enterprise response

Mobile Device

A portable computing device that: (i) has a small form factor such that


A layered structure indicating what kind of programs can or should be built

Internet of Things

As used in this publication, user or industrial devices that are connected to the internet.


The single, interconnected, worldwide system of commercial, governmental, educational

Total Risk

The potential for the occurrence of an adverse event if no mitigating action is taken


The ‘Training’ level of the learning continuum strives to produce relevant

Operating System

The software “master control application” that runs the computer.

Key Recovery Agent

An FCKMS role that assists in the key-recovery/metadata-recovery process.

Keystroke Monitoring

The process used to view or record both the keystrokes entered by a computer user


Cryptographic transformation of data (called “plaintext”) into a form (called “ciphertext”)


Use a system of symbols to represent information, which might originally

Fail to Known State

Upon a disruption event that causes the system to fail, it fails to a pre-determined state.


An RBG that includes a DRBG mechanism and (at least initially) has access

Clear Text

Information that is not encrypted.See NIST SP 800-82 Rev. 2 under Clear Text

Air Gap

An interface between two systems at which (a) they are not connected physically