Smart Citizen Cyber Resilience Ontology

Responses are framed around four resilience phases of Prepare, Absorb, Recover, and Adapt.

The Absorb phase is triggered by the occurrence of an adverse cyber event, which diminishes and degrades individuals’ overall core cyber functioning (i.e., harmful impact). The effectiveness of the Absorb measures adopted in this phase determines the extent of the impact of the adverse incident.

Abuse threats emanate from the harmful treatment of individuals online.

Abused Harm refers to misuse of physical or digital assets.

Access control is the prevention measure that involves controlling and authorizing access to cyber resources.

This is the process where an individuals account is hijacked or stolen by someone else.

Account recovery measures involve restoring access and control of an account after an adverse cyber incident.

Active Mediation involves awareness-raising and discussion with potential victims of adverse cyber incidents.

Activity Data is the record of any user action (online or in the physical world) that can be logged on a computer.

Responses are framed around four resilience phases of Prepare, Absorb, Recover, and Adapt.

Once baseline cyber functioning has been restored, the Adapt phase can commence and Adapt measures can be put in the place, using the learnings and experience from the adverse event to inform the evolution and increase in cyber functioning and to “bounce forward better”

Addiction refers to the excessive, compulsive, non-productive use of the Internet by an individual desperately relying on it to occupy free time for recreation or social purposes.

Agency is the ability to define one’s goals and act upon them.

This measure involves engaging alternative complementary cyber resources to deal with incidents that have deminished cyber functioning of primary resources.

For example, in cases of data corruption, the redundant backups of the data would be utilized. In cases where a computing device is damaged, an alternative device would be utilized.

Angler Phishing occurs when individuals receive a message from a social media account masquerading as a corporate's customer support account that tricks them into handing over their sensitive information.

Anonimity Threat occurs when individuals' preference to remain anonymous or unnoticed online is threatened.

Anonymous routing is the use of computing networks in a way that protects communication from identification by third-party observers.

Anticipate Measures are put in place by an individual to prepare for and anticipate the inevitability of adverse cyber incidents.

The Rght to Assemble (freedom of association) is individual's right to gather and meet, both publicly and privately.

Asset Inventory Management involves maintaining a list of cyber resources and assets that individuals have access to.

Attitudinal Measures are attitudes that individuals can adopt in the context of preparing and planning for adverse cyber incidents.

Authentication threats compromise the Authentication cyber security goal.

Availability Threats compromise the Availability cyber security goal.

Awareness measures enhance the ability of individuals to comprehend their cybersecurity landscape.

Baiting occurs when individuals are tricked into handing their login credentials to the perpetrator who leverages the offer of free items or goods.

Bandwagon Effect (contagion effect) refers to the creation of the illusion of group consensus to cause people to think or act in the same way as the group does.

This attitude emphasizes the need to be critical in online engagements.

For example being critical with regard to news and content consumed online.

This attitude emphasizes the importance of being suspicious online.

For example, being suspicious of unsolicited communication.

This attitude emphasizes the need to be vigilant online.

Behavioural Data refers to data collected from individuals' online activities, typically commercial behaviour using a range of devices connected to the Internet. Behavioural data tracks the sites visited, the apps downloaded, or the games played.

Biometric Token is a biometric-based security token that is used for authentication or verification purpose.

Where white propaganda clearly states its source and grey propaganda obscures its origins, black propaganda actively deceives about its origins.

Blacklisted refers to the state in which the individual is regarded as unacceptable or untrustworthy and should be excluded or avoided.

Bodily Injury refers to the wound caused to individual's body.

Boyfriending/girlfriending occurs when individuals are manipulated into thinking that they are in a relationship with the perpetrator.

The capacity-building measures involve increasing the level of nominal cyber functioning of individuals.

Catphishing occurs when individuals are targeted by the perpetrator who creates a fictitious online profile to seduce them into a fictitious online relationship in order to benefit from them. The perpetrator often uses social media or dating sites to get to their target.

Censorship occurs when individuals are suppressed or constrained by institutions from achieving specific cyber functionings - including consuming and producing information, accessing content, software, or media.

Using information influence techniques to crowd out dissent.

Coercion occurs when individuals are persuaded by threats or force to do something.

Cognitive Impairment refers to the state in which the individual has trouble remembering, learning new things, concentrating, or making decisions that affect their everyday life.

Cognitive and Influece Threats are adverse incidents that compromise or affect individuals cognitive functioning. They include efforts to influence the perceptions, behaviour, and decisions of individuals for the benefit of others.

Compensation Payment is the costs that the individual has to pay as compensation to those affected by the incident.

Comprised is the state in which the resources are physically or digitally affected.

Computer is an electronic device that can store, retrieve, and process data.

Computing Asset is any asset that utilises computing processes.

Confidentiality Threats compromise the Confidentiality cybersecurity goal.

Conflict refers to an active disagreement between the individual with those with opposing opinions or principles.

Confronting the threat is an engage response that involves directly confronting the cyber threat. For examples, in the case of socio-technical threats, this involves direct engagement with the threat actors.

Confusion refers to the state in which individuals being bewildered, uncertain, or unclear about something.

Conscientiousness refers to individual's ability to control, regulate, and direct their impulses.

A contract breach occurs when individuals break conditions of a contract in the course of utilizing cyber resources.

Corrupted is the state where the resources are being physically or digitally debased or their integrity affected.

A Credential is the tool for authentication or verification. A credential may be part of a certificate or other authentication process that helps confirm a user’s identity in relation to a network address or other system ID.

Curiosity is the desire to learn or know about anything.

Cyber Predator refers to those who use the Internet to exploit others, usually young people, for emotional, sexual, and other purposes.

Cyber Stalking occurs to individuals when they are being stalked online or through the use of digital technology. Motives for cyber stalking may be to control or intimidate the victim, or to gather information for use in other crimes.

Cyberbullying occurs when individuals are bullied, harassed, humiliated, threatened, embarrased, or targeted through the use of online communication methods.

A Cryptocurrency is a digital or virtual currency that is secured by cryptography.

These are damages to cyber resources, including data, software, and hard, that compromise the integrity and proper functioning of the resources.

Damaged Relationship refers to an adverse change in relationship between the individuals with other people.

Damaged Social Perception refers to an adverse change in how the individual is regarded within their social network.

Dark Advertising is a type of advertising where the message can only be seen by the advertiser and the specific target group. Other people with dissimilar interests or who fall outside of the target group will usually be completely unaware of their existence.

Data is information that has been translated into a form that is efficient for movement or processing.

A data breach occurs when there is unauthorized access to data as a result of an attacker exploiting data systems which host individuals' confidential data. The source of data breaches is external.

Data Corruption occurs when there are errors to data which compromise the integrity of the data.

These are data errors that compromise the integrity of data.

A data leak occurs when confidential information is made accessible to unauthorized individuals a a result of an internal factor.

Data recovery measures involve the recovery of data resources, from data backups, to enable continued use of data after an adverse cyber incident, such as data corruption and loss.

Data redundancy measure involves having data backups and redundant data storage.

Data Token is tokenized data access that is used to secure access to data.

Data Vulnerabilities are the weaknesses associated with data.

Threat of deceptive content and information

Demographic Information is information about groups of people according to certain attributes, such as age, gender, place of residence, and socio-economic status.

A Denial of Service occurs when attackers maliciously restrict and limit access to information and services from legitimate users.

Depressed is the state in which the individual experiences low-spiritedness, unhappiness, or despondency.

Destroyed refers to the state in which the resources being physically or digitally ruined.

Device authentication is the process is verifying the identity of the devices that are used to connect to network resources.

Diffusion of Responsibility is a psychological phenomenon in which individuals are less likely to take action or responsibility when in the presence of a large group of people.

Digital Vulnerabilities are weaknesses associated with digital resources.

Digital Footprint Management involves understanding the digital resources, including the trail of data, that is involved and used in individuals Cyber functionings.

Digital hoarding (also known as e-hoarding, datahording or cyberhoarding) is excessive acquisition and reluctance to delete electronic material no longer valuable to the user.

Digital resources are resources that have been conceived and created digitally or by converting analogue materials to a digital format (digitised).

Discomfort is the state in which the individual experiences uneasiness or anxiety.

The Disconnect measure involves removal of connection and interaction between the threat and the affected cyber resource. While the threat remains, the affected resource is removed from the attack situation.

For example, in the case of a Remote Execution attack or Denial of Service attack, this could include physical disconnection of affected devices from the network. In the case of socio-technical threats, such as cyberbullying, it could include disconnecting from the relevant platform.

Disempowerment is the state in which the individual feels weak, ineffectual, not confident, or unimportant.

Disinformation is false or misleading information that is spread deliberately to cause harm. This is a subset of misinformation, which may also be unintentional.

Disrupted Income refers to the suspension of individual's income flow as a result of cyber threats.

Disrupted Work refers to the suspension of work as a result of the cyber threats.

Disruption occurs when individuals' access to information and resources is disrupted.

Distraction is the state in which the individual experiences extreme agitation of the mind or emotions that prevents them from giving full attention to something else.

Doxing is when private and confidential information about individuals is researched and published online with malicious intent.

Eavesdropping occurs when attackers secretly and stealthly gain access to private and confidential communication without the consent of and the authorization from the communicating parties.

Economic Harm is the harm that relates to negative financial or economic consequences.

Electricity is the flow of electrical power or charge that is used to power the infrastructures supporting our cyber functionings.

Email hygiene are measures and practices that contribute to safe and secure use of email.

Embarrassed is the state in which the individual feels humiliated or shameful.

Engage measures involve direct handling of and engagement with the adverse cyber incident.

Engineered content is broadly information that is produced for specific influence and cognitive disinformation objectives.

Environmental Threats emanate from individuals' wider environmental and institutional context.

The evolve measure involves an adaptation in the use of cyber resource through the adoption of complementary resources that enable higher nominal cyber functioning.

Exposed is the state in which the resources are physically or digitally disclosed.

The Right to Expression (freedom of expression) is individual's right to express their beliefs, thoughts, ideas, and emotions about different issues.

External Hard Drive is a portable storage device located outside of a computer that is connected through a USB cable or wireless connection.

External support involves receiving external input and support towards recovering and restoring cyber functioning.

Extorsion Payment refers to the costs that the individual has to pay to continue their cyber functioning (e.g. after ransom-related incidents).

Extortion refers to the use of threat or intimidation by a perpetrator to gain something from the target.

Fabrication refers to an attack where illegitimate information is generated under the pretence of a false identity.

Fact-checking involves establishing the truth and validating the facts behind a specific adverse incident.

In the case of socio-technical threats such as misinformation attacks, fact-checking involves establishing the veracity of the information consumed. In the case of technical threat, it would involve understanding and documenting the experience of an adverse incident.

Failure detection is the monitoring measure that involves checking for the failure in the operation of specific cyber resources.

Fake Giveaway scam occurs when individuals are promised a prize in exchange for doing something beforehand, such as paying a fee.

Fake News is news that include deliberate disinformation content.

Fear is an emotion caused by anxiety or the uneasiness of being afraid of something or someone.

Feeling Upset is the state in which the individual feels unhappy, disappointed, or worried.

A File is an object on a computer that stores data, information, settings, or commands used with a computer program.

Financial Data is data on individual's assets, liabilities, equity, income, expenses, and cash flow.

Fine Payment refers to the fine that the individual is liable to pay.

Firehosing (firehose of falsehood) is a technique in which a large number of messages are broadcast rapidly, repetitively, and continuously over multiple channels without regard for truth or consistency. While Gish Gallop usually refers to a single online encounter, firehosing involves a strategy of massive disinformation over time and in multiple venues.

Firewall is a mechanism for allowing and denying access to specific network resources.

Flaming is the online act of posting insults, often laced with profanity or other offensive language on social networking sites.

Flooding involves the generation of fraudulent messages to increase traffic on the network for consuming server’s or network’s resources.

Forging is the illegitimate dissemination of falsified evidence.

Online Fraud is a type of deception or fraud scheme that uses the Internet and digital communications technology to provide fraudulent solicitations to prospective targets to conduct fraudulent transactions, or to transmit the proceeds of fraud to those connected with the scheme. Online fraud may include identity theft, non-delivery payment, and online advertising fraud.

Frustration is the state in which the individual feels upset or annoyed, especially because of inability to change or achieve something.

Gish Galloping is a rhetorical tactic used to flood individuals with as many arguments as possible (without regard for accuracy or strength of the argument) in a way that make them feel overwhelmed. Gish galloping usually refers to a single online encounter, for example in an online debate setting.

Gluttony refers to over-indulgence in being online.

Greed is an overwhelming urge to have more of something, usually more than needed.

Grooming occurs when the pepetrator uses tactics to gain the target's trust and to develop a relationship with the target by giving complimenets, attention, affection, or gifts.

Guilt is a feeling of worry or unhappiness that an individual has because they have done something wrong or bad.

Guilty refers to the state in which the individual feels regretful or remorse.

Hardware Vulnerability

A Harm, also called Impact, is the negative consequences of unmitigated Threats

Helpfulness is the quality of being ready to give help.

Humor and Memes that are employed to influence individuals and shape narratives.

Identification is a prevention measure that involves confirming claimed identity online.

Identifying Data includes all kinds of data that can be used to identify an individual and their personal information.

Identity consists of individual personal attributes, such as gender, race, ethnicity, abilities, and socio-economic status.

Identity theft is the deliberate use of someone else's identity, usually as a method to gain a financial advantage or obtain credit and other benefits in the other person's name, and perhaps to the other person's disadvantage or loss.

Identity Theft Loss refers to the state in which the individual's personal information is stolen.

Impaired Private Social Boundary refers to the state in which the boundary between the individual's private and social affairs is no longer clear.

Impulsiveness (or impulsivity) refers to a tendency to act on a whim, displaying behaviour characterised by little or no forethought, reflection, or consideration of the consequences.

Inadvertent information disclosure occurs when individuals disclose private and confidential information inadvertently.

Inappropriate information is content that causes harm to individuals who consume it.

Incident reporting is the formal documentation and reporting of adverse cyber incidents that are experienced by individuals.

This measure involves increasing resources that are allocated towards maintaining the desired level of cyber functioning and supplementing the affected resources.

For example, in cases where the adverse cyber incident deminished the quality of functioning of specific cyber resources, this measure would involve adding more resources (e.g., computing resources) to enable continue desired functioning.

Individual and Personal Vulnerabilities are situations and attributes of individuals that not only expose them to threats, but also that can be exploited and compromised by specific threats.

Individual resources are a combination of natural endowments and what is acquired through social relationships.

Infected is the state in which the resources are physically or digitally contaminated.

Influence Operations are efforts to influence the perceptions, behaviour, and decisions of individuals for the benefit of others.

Influence Threat is any threat that is intended to influence individual's perceptions and prejudices.

The Right to Information is individual's right to access personal and non-personal information held by government.

Information Flooding occurs when individuals are exposed to too much information and data.

Information Overload (information anxiety; information explosion) occurs when individuals are exposed to too much information and data that makes it difficult for them to understand an issue and effectively make decisions.

Informational Privacy is individual's right to determine for themselves when, how, and to what extend information about them is communicated to others.

Infrastructure resources are physical and virtual resources that support the internet-enabled flow, storage, processing, and analysis of data.

Institution Threats are adverse cyber incidents that are associated with institutions within individuals' context.

Integrity Threats compromise the Integrity cybersecurity goal.

Interception occurs when unauthorized access is gained to private or confidential information.

Internet Connectivity refers to the way people are connected to the Internet, and may include dial-up telephone lines, always-on broadband connections, and wireless devices.

Intimacy Threat occurs when individuals' preference to be alone with their significant others in their intimate online environments is threatened.

Intrusion detection involves monitoring and checking for unauthorized access to cyber resources including networking resources.

The isolate measure involves isolating the affected cyber resources from the connection with the threat.

While related to Disconnect measures, isolation measures involve the continual operation of the cyber resources in an isolated context.

Isolation refers to the individual's act of completely separating themselves from others.

Knowledge is familiarity with, awareness, or understanding of various objects, events, ideas, or ways of doing things which is acquired through experience or education.

A Laptop is a portable computer.

Laundering is a combination of several techniques, such as tainted leaks, fake news, and potemkin village to create the appearance of legitimate and significant controversy where there is none.

Least privilege is the principle and mechanism of giving the minimum required privileges necessary for performing specific functions.

Location data is geographial information about a specific device's whereabouts associated to a time identifier.

Logging and audit is a monitoring measure that involves keeping a record of relevant cyber activities, events, as well as states and operations of cyber resources.

Loss of Confidence refers to the state in which the individual experiences a lack of courage or certainty.

Loss of Life refers to the passing of the individual as the result of realised impacts of cyber threats.

Loss of Work refers to the situation in which the individual loses their job as the impact of the cyber threats of which they are the victim.

Lost Credentials is when access to information and services is not possible due to lost account creditials.

This is a loss of computing devices that results in lack of access to the associated information and services.

Love Bombing occurs when the perpetrator gives the target an abundance of compliments and affection to gain their love and trust.

Low Morale refers to the state in which the individual's general confidence, enthusiasm, mood, and discipline is negatively impacted.

Low Satisfaction refers to the state in which the individual experiences a lack of contentment.

Luring occurs when the perpetrator uses online communication to contact the target who they think is under 18, in order to make it easier for them to commit a sexual offence against them.

Malfunctions occurs when systems do not function as they are supposed to. This can be due to malicious factors or human errors.

This measures involves the removal and elimination of contact with an individual who is a threat actor.

This measures involves the removal and elimination of content that is a cause of a cyber threat.

Malicious software detection involves scanning computing equipment to check for the presence of malicious software.

This measures involves the removal and elimination of software, usually malware, that is a source of a cyber threat.

Malign Rhetoric is an influence effort that aims to subvert and undermine specific narratives and views that individuals might hold.

Malinformation occurs when individuals are exposed to content and information that is based on reality but taken out of context with malicious intent to inflict harm.

Malware is software that is created for malicious purposes to compromise and damage individuals' cyber resources.

Masquerading is an attack where false identity is used to gain access to unauthorized information. The attacker pretends to be and masquerades as the victim.

Mediation measures are measures that are put in place for other individuals to limit the impact of adverse cyber incidents.

For example, guardians and parents can put in place mediation measures that limit the negative outcomes of online gaming.

Mental Faculties are the various functions of the mind, or things the mind can "do". Mental faculties comprise cognitive, affective, and conative skills that are crucial to human’s conscious experience and decision-making process.

Microtargeting (or niche-tageting) occurs when individuals are targeted by marketing content that is personalised to attract the attention of the members of the sub-group the individuals are segmented in, to influence their actions.

Misconfiguration occurs when systems have been configured in a way that compromise their functioning and integrity. Misconfiguration exposes resources to vulnerabilities that can be avoided through better configuration.

Misinformation is false or inaccurate information. Examples of misinformation include false rumours, or insults and pranks, while examples of more deliberate disinformation include malicious content such as hoaxes, spearphishing, andd computational propaganda.

This is advertising content that is meant to mislead consumers.

Misleading Information is content that is meant to mislead or misinform.

Misled is the state in which the individual is led to believe something that is not true.

Mistreatment refers to the state in which the individual feels mistreated.

Mitigation Cost refers to the costs, charges, fees, or payment incurred in taking action that is intended to mitigate the severity of harms that would occur if the cyber threat is realised.

Mobile Device is any portable computing device, such as a smartphone or tablet computer.

Monitoring measure involves observing and checking the state of individual cyber functions as well as the operation of relevant cyber resources.

Motivation is the internal needs, desires, wants or drives of individuals.

Multi-factor authentication is the process of using multiple authentication methods to verify claimed identity.

Mutual authentication is a process of two-way authentication between the communicating entities.

Natural disasters affect the cyber resources that support individuals' cyber functionings.

Negative Perception refers to the state in which the individual experiences an adverse change in their perception about something.

Network Equipment (networking hardware; networking device) comprises electronic devices which are required for communication and interaction between devices on a computer network.

Network intrusion occurs when there is unauthorized access to a digital network.

Network redundancy involves having redundant network connectivity to allow for alternative connection to the internet in cases where the primary connectivity is negatively affected by adverse cyber incidents.

Network Vulnerabilities are weaknesses in the network resources.

Non-repudiation Threats compromise the non-repudiation cybersecurity goal.

This is information and content that uses language that is offensive to individuals under specific contexts.

An Online Service refers to any information and services provided over the Internet.

The Right to Opinion (freedom of opinion) is individual's right to hold opinions without interference, and cannot be subject to any exception or restriction.

This is part of disinformation and influence campaign in which content is distributed to counter specific narratives and perspectives.

Overwhelmed refers to the state in which the individual feels completely submerged by their thoughts and emotions to the point where they lack efficacy and feel frozen or paralysed.

Pain refers to the experience of agony of the individual.

Parasocial Hacking exploits the biases arising from individual's parasocial relationships.

Parody used in the context of an influence campaign to shape narratives and influence individuals.

Password management is the use of password of authentication in a safe and secure manner.

Persistence occurs when someone keeps asking for something, even when the victim repeatedly says “no.”

Personal data is any data relating to an identified or identifiable natural person (‘data subject’).

Personal Threats are associated with individuals' personal attributes and endowments. They include cognitive and influence threats, as well as privacy and identity threats.

Phishing is a broader term for any attempt to trick individuals to share sensitive information, such as passwords, usernames, and credit card details for malicious reasons using a message sent via email, text, phone call, or direct-chat message that appears to be from a trusted source.

Physical Vulnerabilities are weaknesses associated with the materiality of cyber resources that individuals own.

Physical harm is the negative effect on physical or digital resources.

Physical Privacy is individual's right to determine the degree of their physical inaccessibility to others and to prevent intrusion into their physical place or solitude.

Physical resources are technological resources in material form.

This is the measure for restricting and limiting access to physical resources.

Physical Token (hardware token) is a security token that is in the form of hardware device that the user carries to authorise access to a network service.

Piggybacking is when individuals gain unauthorized free access to a network. Piggybacking is usually not for malicious intent besides gaining free access to a network.

Exploiting existing sensitivities, such as using misleading evidence to depict a military attack as having taking place at a place of worship to influence opinion.

Influence techniques can be applied to discredit moderate views and force narratives to focus on extreme positions.

Pornography is visual content depicting sexual subject matter that may be inappropriate to individuals.

Potemkin villages of evidence refer to the attempt to set up intricate institutional networks that are controlled and used by actors as a fact-producing apparatus for the promotion and amplification of specific narratives. Potemkin villages can, for instance, consist of an array of illegitimate or fake research, (online) journals, NGOs or thinktanks that produce studies, working papers, conferences, etc. to present the respective narrative as a product of careful scholarly consideration.

Responses are framed around four resilience phases of Prepare, Absorb, Recover, and Adapt.

The Prepare phase represents the baseline level of individuals’ cyber functioning during which Prepare measures are undertaken for facilitating responses in the subsequent phases.

Pretexting occurs when individuals are targeted by an attempt to trick them into handing sensitive data or login credentials to the perpetrator who uses a good pretext or fabricated scenario to build a false sense of trust.

Prevention measures are put in place to limit and stop the occurance of specific cyber threats.

The Right to Privacy is individual's right to be free from intrusion into or publicity concerning matters of a personal nature.

Privacy Threat is an adverse cyber incident that negatively impacts and violates individuals' various dimensions of privacy.

This is information and content that uses language that is offensive to individuals under specific contexts.

This is receiving professional input to assist in dealing with an adverse incident and recovering the lost cyber functioning.

Propaganda is information that is used to promote and advance a specific political perspective or point of view.

Prosecution refers the state in which the individual feels prosecuted, tried, or wrongly convicted.

Psychographic Hacking refers to the covert targeting and influencing of individuals using messages created to appeal to precisely identified groups or individuals based on their psychographic profiles.

Psychological harm is the harm which focuses on an individual and their mental well-being and psyche.

Psychological Privacy is individual's right to control cognitive and affective inputs and outputs, to form values, and to determine with whom and under what circumstances their thoughts will be shared or intimate information revealed.

Quid Pro Quo occurs when individuals are targeted by an attempt to trick them into handing their login credentials to the perpetrator who leverages the offer of free services.

Radicalisation refers to the state in which the individual adopts increasingly radical views in opposition to a political, social, or religious status quo.

Rapid and coordinated influence attacks.

Ransomware is malicious software that limits or restricts access to information and services with a demand for a ransom fee to be paid.

Reconnaissance occurs when an attacker engages in both passive and active collection of information that can be used to execute an attack on individuals' cyber resources.

Responses are framed around four resilience phases of Prepare, Absorb, Recover, and Adapt.

The Recover phase starts from the moment the adverse incident stops or is halted, and when restoration of lost cyber functioning begins. Timely and effective recover measures are necessary to reduce the compounded negative impacts of disrupted cyber functioning.

Recovery planning is the process of putting in place plans to restore and recover cyber functioning when adverse incidents do occur.

Reduced Opportunities refers to an adverse change in the established reputation of the individual's.

Reduced Performance refers to the state in which the ability of resources to function is lowered.

Redundancy measure is a preparation measure that involves putting in place redundant resources, to be utilized in cases where core resources are compromised and affected by adverse cyber incidents.

Remote Execution occurs when an attacker exploits a vulnerability in networking and computing systems to run commands and software on individuals computing resources.

Removal measure involve the direct removal and elimination of the cyber threat.

Replay attacks occur when legitimate information and network transactions are repeated and retransmitted for malicious purposes.

Reporting measure is the reporting of an adverse cyber incident to external responders.

Reputation is the overall quality or character as recognised by other people.

Reputational harm is the harm pertaining to the general opinion held about an entity.

Reserve Threat occurs when individuals' preference to not interact or remain strangers with others online is threatened.

A Resource is a capability input that contributes to individuals cyber activities. Resources are framed much broader that technological computing assets (i.e., hardware, software, data) and include individual and social resources.

A Response, also called Countermeasure, is an intervention that can be employed to mitigate Threats and reduce Vulnerabilities. Responses are framed around the four phases of resilience: prepare, absorb, recover, and adapt.

Restrictive mediation are a set of rules and limits that are placed on individuals to minimize the negative impacts in use of cyber resources.

Rights are non-negotiable entitlements grounded in the idea of justice.

SD Card (Secure Digital Card) is an ultra small flash memory card designed to provide high-capacity memory in a small size.

Sandboxing is a mechanism of isolating the operation of cyber resources that may otherwise cause widespread adverse incidents.

Satire used as part of an influence campaign.

Scam is the broader term for the use of internet services or software to defraud or take advantage of targets, typically financial gain or other valuable information. Scam types include romance scam, the overpayment scam, quick-money promise, impersonation scam, and tech support online scam.

Scam Cost refers to the costs that the individual has to pay as a result of successful scam scheme of which they are victim.

Scareware is a form of malware that is designed to manipulate individuals to buy or download unnecessary and potentially dangerous software, such as fake antivirus protection.

Sealioning is a type of troll tactic which consists of pursuing people with persistent requests for evidence or repeated questions, while maintaining a pretense of civility and sincerity.

Self-censorship is the state in which the individual exercises control over what they say and do, especially to avoid castigation.

Self Harm refers to intentional damage or injury done to the individual's body.

A Server is a computer or system that provides resources, data services, or programs to other computers.

Sextortion occurs when the perpetrator uses unwanted sexually explicit material of the target to blackmail or coerce the target into extorting sexual favors.

Sexual Abuse occurs to individuals when they are targeted by a virtual, distanced sexual abuse or exploitation through the use of online communication.

Sexual Assault occurs when the perpetrator constantly threats the target with sexual assault online.

Shameful refers to the state in which the individual experiences disgracefulness.

Shilling involves a person engaging with a particular subject (e.g. through marketing or a review) jointly with the actor concerned, for example someone writing a glowing customer review or answering their own questions under different identities to simulate a debate.

A Skill is the ability and capacity to perform an action with determined results.

Skimming occurs when attackers steal and capture private and confidential information, such as credit card details, in the course of a 'legitimate' use of services.

Smishing occurs when individuals receive a convincing yet fraudulent text message (instead of email) from the perpetrator that attempts to trick into handing over personal information.

Social capital is the accumulation of actual and potential resources linked to the possession of a social network.

Social Contact refers to individual's contact list and the conversation they have with others that occur through the use of a digital device.

Social Engineering is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.

Social hacking is the act of attempting to manipulate outcomes of social behaviour through orchestrated actions.

Social harm is the harm that may result in a social context or society more broadly.

Social media hygiene are measures and practices that contribute to safe and secure use of social media.

Social media monitoring involves observing and checking social media resources for signs of adverse incidents.

Social Network refers to individual's network of social interactions and personal relationships.

Social Privacy is individual's right to keep their social network to themselves to protect the privacy of others within the network.

This involves leveraging individuals social capital towards recovery to the lost cyber functioning.

For example, in the case of socio-technical threats, social support can enable individuals to deal with the adverse incident and to recover from its impacts.

Social Threats are associated with individuals' social and societal context.

Social Withdrawal refers to the state in which the individual avoids people and activities they would usually enjoy, that could lead to a point of social isolation.

Socio-cognitive hacking seeks to manipulate the perception of people by exploiting their psychosocial vulnerabilities with the purpose of changing people's behaviour. The most common tool used is weaponised information.

Sock Puppetry is a form of deception that involves the misleading use of online identities to manipulate public opinion, or to circumvent restrictions, suspension or an outright ban from a website.

A Software is a set of programs, procedures, and routines used to operate computers and execute specific tasks.

Software redundancy involves having redundant software in place to be utilized in cases where primary software is affected by adverse cyber incidents.

Sofware Vulnerabilities are weaknesses in software resources.

Solitude Threat occurs when individuals' preference to be alone by themselves and free from observations by others is threatened.

Source redundancy involves having alternative sources of information, content and services to be utilized in cases where primary sources are affected by adverse cyber incidents.

Spam Emails (junk emails) are unsolicited messages sent in bulk through email with commercial, fraudulent, or malicious intent.

Spear Phishing occurs when individuals receive a convincing yet fraudulent message from the perpetrator who poses as a familiar person or entity to the individual in an attempt to trick them into sharing sensitive information.

Spoofing is an attack where fake and falsified identity is provided by individuals or machines. For example, a rogue website pretending to be another legitimate website by spoofing the address.

Storage Asset comprises any recording media used to retain data using computers or other devices.

Strawman attack is a technique that is used to undermine a specific position by summarising the position inaccurately so as to weaken it and then by refuting that inaccurate rendition.

Surveillance occurs when individuals are observed and monitored for the purposes of collecting information, influencing or managing.

Sweepstakes scam occurs when individuals are told that they have won a prize and that they need to pay a fee before receiving their prize.

Sympathy is an affinity, association, or understanding of someone else's feeling, problem, or suffering.

System recovery involves the restoration of a system, including services and configuration, to the level of nominal functioning equivalent to that before an adverse cyber incident.

Tailgating (or piggybacking) occurs when individuals are targeted by an attempt to trick them to help the perpetrator gain unauthorised access into a secure, restricted area.

Technical mediation is the use of technology solutions to limit the impact of adverse cyber incidents.

Technological Threats are associated with and affect individuals' computing resources.

The right to protect personal space, property, and objects.

Theft Harm refers to the state in which individual's resources are physically or digitally stolen.

Theft of Finances the state in which individual's financial resources are stolen.

Theft Threats aim to steal of defraud individuals of certain resources.