InfoSec 101 terms

Our  information risk and security glossary has grown steadily over the years to a document of about 100,000 words over 350 pages defining 3,000 terms. That's easily a book's worth (maybe we should publish it!), and way too much information for the Information Security 101 module, so I spent yesterday paring it down to a more sensible size. 

The easiest approach was to chop out obscure/specialist terms and their definitions, then go through again to catch the ones I missed. 

Next I set to work trimming down the definitions for the remaining terms, simplifying the wording and removing the quoted extracts from the ISO27k and other standards and references. 

Some terms are context-dependent - they normally mean one thing but can mean something else. For the purposes of the 101 module, I've chopped off the 'something else' explanations.

So now we're down to 11,000 words and 40 pages, defining about 400 terms. Still more than I'd like for Information Security 101. The 2017 revision of the 101 module included a glossary of 2,000 words and 10 pages defining about 100 terms. Hmmm, it will be a struggle to get it down that far, but I'll give it a go. 

Time for another few cycles of chopping and trimming ...