Most people reading this will have partial or passive familiarity with some terminology from programming, information security, and related domains, but they may have just a hazy grasp of how they’re used. What’s the difference between DOS and DoS? Does cold call take a hyphen? Is it a SQL or an SQL? How do you pronounce ASCII? What’s a dictionary attack?*
DoS, cold call, SQL, and ASCII are on the familiar side of digital and infosec jargon. Most industry phrases and abbreviations are more obscure, so they’re not listed in dictionaries. Security consulting company Bishop Fox has done a real service to editors and writers by publishing a modern Cybersecurity Style Guide. The first version, released last month, contains 1,775 entries.
Most entries are not defined – it’s a style guide, not a dictionary, so the focus is on usage. But just browsing the guide helps readers educate themselves on an esoteric but useful lexicon. It’s especially helpful for professional writers and editors, sorting out capitalisation, hyphenation, and similar conundrums. (There’s also straight-up grammar advice, like ‘Use singular they’.)
Linguist and editor Brianne Hughes, who previously featured on Sentence first for the morphological wonders she calls cutthroat compounds, created the Cybersecurity Style Guide with help from her colleagues and introduces it on the company blog:
Our goal here is to give guidance about usage, not to define the terms in detail. Each term in the guide earned its place by being unintuitive in some way:
• It may be a homonym of a non-technical word (front door, Julia, pickling),
• it may be uniquely written (BeEF, LaTeX, RESTful),
• it may not follow a clear pattern (web page vs. website),
• it may have a very specific technical distinction (invalidated vs. unvalidated),
• or its meaning may differ depending on the audience and the day (crypto, insecure, PoC).
The editors invite feedback, so a few suggestions follow. Pwn is ‘pronounced “pown”,’ we’re told, but that could rhyme with town or tone. (It’s the latter.) I would add an entry for CamelCase, given its prevalence in the jargon. The entry for doge says ‘Such disputed pronunciation’, but standard grammar is generally avoided in doge: ‘Many disputed pronounce’ would be more apt.
Bishop Fox’s Cybersecurity Style Guide is an excellent and welcome addition to the editing literature and is likely to become increasingly useful as time goes on. You can download the PDF directly here. For a witty, entertaining explanation of the need for the guide, watch Brianne Hughes’s presentation at CactusCon last year (NB: audio quality is poor; audience reactions are louder than the speaker):
Update: Brianne Hughes talked to the Chicago Manual of Style about the Cybersecurity Style Guide.
* DOS = Disk Operating System; DoS = denial of service. The verb does; the noun doesn’t. ‘Precede with “a,” assuming that the reader pronounces it as “sequel.” Sometimes pronounced as letters.’ ‘Ask-ee’. An automated password-guessing attack.