Cyber Security Acronyms (T)

Acronyms that start with T

Glossary Home

TB.   Terabyte(s).   A unit of measurement used in IT that is equal to one trillion bytes (or 1000 gigabytes). The terabyte is typically used to measure data storage capacity in devices and services such as hard discs, flashdrives, and cloud-based data backup solutions.


TCO.   Total Cost of Ownership.   A calculated estimate of expenses associated with the purchase, deployment, usage, and maintenance of a product, service, equipment, or IT system throughout its life cycle. TCO serves as a measure of asset value, especially when used in conjunction with ROI (return on investment). TCO can be calculated as the sum of the product’s initial purchase price and the cost of its operation and maintenance across its lifespan.


TCP.   Transmission Control Protocol (also known as Transport Control Protocol).   The internet standard for establishing a connection and facilitating data exchange between remotely hosted applications or devices. Formally rendered as TCP/IP, TCP and IP (Internet Protocol) represent the two original and core protocols of the Internet, with TCP playing a central role in the World Wide Web, file transfer, peer-to-peer communication apps, and email.


TCP/IP.   Transmission Control Protocol/Internet Protocol.   The default framework that establishes the rules, processes, layers, connections, and routes for data communication on the Internet. Also called the Internet protocol suite, TCP/IP is composed of several protocols of which Transmission Control Protocol (TCP), Internet Protocol (IP), and User Datagram Protocol (UDP) constitute the foundational components. Controlling how digital information is broken down into data packets, transmitted through the network, and reconstituted at its destination, TCP/IP is hardware-independent and requires minimal central management.


TEB.   Thread Environment Block.   A piece of data that contains information about a currently running thread, including its state and user-mode representation.


TGT.   Ticket Granting Ticket.   A small piece of encrypted data that serves as an identification token with a limited validity period. Also called an authentication ticket, TGT is used in the Kerberos authentication protocol and contains the user’s IP address and the session key with its expiration date.


TI.   Threat Intelligence.   A collection of strategic insights and actionable information about latent, active, or emerging cyber threats (as well as the field, processes, and technologies enabling the acquisition of such information). Threat intelligence is generated through the rigorous gathering and proactive analysis of all relevant data —  including context, indicators of compromise, system vulnerabilities, attack mechanisms, event history, immediate and implicit risks, known mitigations, and the motives and behaviors of threat actors.


TKIP.   Temporal Key Integrity Protocol.   An encryption protocol that formed part of the wireless local area network (LAN) standards established by the Institute of Electrical and Electronics Engineers (IEEE). TKIP improved encryption strength and is more robust than the original Wi-Fi security protocol WEP (Wired Equivalent Privacy) that it replaced in 2004. In 2012, however, the IEEE deprecated the protocol that was then considered no longer secure. Security researchers in 2015 demonstrated that the RC4 (Rivest Cipher 4) stream cipher used by TKIP for its encryption algorithm can be decrypted within an hour, allowing attackers to inject arbitrary packets to the target system.


TLD.   Top-level Domain.   As used in the domain name system (DNS), the last part of a domain name immediately following the dot (.) symbol. For example, “.au” is the TLD in the internet address “” Top-level domains indicate a key attribute of a website such as its purpose (education: .edu) or location (New Zealand: .nz). Also called “domain suffix.”


TLS.   Transport Layer Security.   A cryptographic system that secures communication over a computer network. TLS is widely used in email, instant messaging, and HTTPS.


TOCTOU.   Time-of-check to time-of-use.   A software bug arising from a “race condition” wherein a service (or application, or transaction) checks the state or value of shared resource prior to performing a subsequent action, but said value is changed by a near-simultaneous action by another service or transaction that can access the same resource. As a result, the check result acquired by the original service has been invalidated, potentially causing problems when the service proceeds to perform further (but normally restricted) actions. Threat actors can exploit this vulnerability in multithreaded programs by maliciously influencing a resource state between check and action.


ToE.   Target of Evaluation.   As used in the Common Criteria, the IT product or system that is the subject of a security assessment. The assessment process evaluates whether the official security claims about the system are true or not. Products and services with validated security claims and meet predefined security standards are awarded a Common Criteria certification. The Common Criteria for Information Technology Security Evaluation (more commonly refrerred to as CC or Common Criteria) is a specification framework and an international standard under ISO/IEC 15408 for computer security certification.


TOGAF.   The Open Group Architecture Framework.   A suite of open-source tools, practices, methods, and guidelines for the design, deployment, and governance of an enterprise IT architecture. A widely used framework, TOGAF helps stakeholders align IT architecture with well-defined business objectives. The framework typically adopts a four-level design template: business goals, enterprise applications, data, and technology.


TOR.   The Onion Router.   A free, open-source web browser purposely designed to protect personal privacy and confidentiality of information by enabling anonymous Internet communications and browsing. Developed with support from the U.S. military, Tor uses a global overlay network to conceal users’ locations and thwart surveillance and traffic analysis. While Tor is often associated with cyber crime and the illicit trade of highly regulated commodities such as drugs and weapons, it is also used by journalists, activists, whistleblowers, and law enforcement entities.


TOTP.    Time-based One-time Password.   A temporary, single-use authentication key or passcode composed of a string of dynamic digits that periodically change every small increments of time. Adopted as an Internet standard and commonly used in two-factor authentication (2FA), the algorithm that generates a TOTP uses the current time as an additional factor for credential verification.


TPB.   The Pirate Bay.   A file-sharing website that indexes a large volume of digital content of various types, providing the mechanisms for how these content can be downloaded from obfuscated hosting locations on the Internet. These content include music, films, electronic books, video games, and software applications. Site visitors can search, share, download, and contribute content using the BitTorrent protocol, regardless of the legal implications of such actions. As a result, TPB has often been the subject of controversies, legal complaints, criminal investigations, and law enforcement shutdowns related to intellectual property rights and copyright infringement issues.


TPM.   Trusted Platform Module.   A tiny, tamper-resistant computer chip built into some motherboards that uses cryptography to enhance IT security and data privacy. TPM forms the core standard for cryptoprocessors, a family of dedicated microcontrollers designed to protect hardware from cyber threats such as firmware attacks. Capable of storing certificates, passwords, and cryptographic key pairs, TPMs are used in digital rights management (DRM) and in the enforcement of software licenses.


TPoC.   Technical Point of Contact.   The person responsible for managing a specified Internet domain under the rules, policies, and procedures of the relevant entities (such as the Internet Corporation for Assigned Names and Numbers, ICANN).


TPRM.   Third-Party Risk Management.   The field and process of detecting, identifying, evaluating, monitoring, and minimising risks (security, operational, financial, reputational, etc.) associated with outsourcing required business inputs to third-party service providers and vendors. In IT security, TPRM specifically focuses on the protection of intellectual property, customer data, personally identifiable information, and health-related data.


TTD.   Time to Detection.   The elpased time from the actual start of a security incident (such as a network intrusion and other malicious activity) to its discovery by an entity’s IT security system.


TTL.   Time to Live.   The period of time that a data or a packet thereof is allowed to exist in a network, application, or computer before being discarded. Assigning a definite lifespan for specific types of data, the TTL mechanism can help a) prevent any packet from circulating a computer network indefinitely; or b) improve the performance of services and applications by optimising their data caching functions. TTL may be implemented as a timestamp or a counter affixed to the relevant data. In computer networking especially in IPv6, TTL is sometimes referred to as “hop limit.”


TTP.   Tactics, Techniques and Procedures.   A military concept used in cyber security (including the MITRE® ATT&CK framework) for describing the nature of a specific threat, especially the behavior of the adversarial entities associated with the threat. TTP encapsulates a hierarchy of behavior, with “tactic” representing the highest-level descirption and “procedures” as the most detailed, step-by-step descriptions in the context of a specific “technique.” TTP helps organisations identify and netralise attacks before significant damage is done.

Glossary Home


Our Address


1300 667 871 or +61 7 3220 0352

Brisbane Office

Level 5, 488 Queen Street, Brisbane, QLD 4000

Sydney Office

Level 21, 133 Castlereigh Street, Sydney, NSW 2000

Melbourne Office

Level 28, 303 Collins Street, Melbourne, VIC 3000

Our Services

Industry Expertise