BYOD: Bring Your Own Device

Bring Your Own Device, or BYOD, indicates the permission given by a company for their employees and/or visitors to use their own personal devices on corporate networks and sometimes to view privileged information. This is opposed to strictly allowing only business-owned devices.

BYOD often provides efficiencies, shows trust from the business and can even improve mental wellbeing in the workplace.

However, BYOD opens up the possibility of cyber attacks - increasing the attack surface of the organisation. In order to counteract this, good cyber security hygiene is advised from the business from a policy perspective, from a training perspective and from a technical perspective.

BAC: Building Automation and Control

BAC systems, or Building Automation and Control systems, are automated systems within buildings which provide such things as:

  • Heating, Ventilation and Air Conditioning (HVAC)

  • Humidity and ventilation

  • Fire and smoke alarms and control

  • Flood safety

  • Lighting

  • Physical access (such as keycard or biometric entry systems)

  • Room automation

Buildings with BAC systems are often called intelligent buildings or smart buildings.

BAC systems are safety-critical systems. However, many BAC systems are internet-connected, and are subject to cyber-security threats.

BAC systems, are sometimes just known as Building Automation Systems (BAS) or Building Management Systems (BMS).

APT: Advanced Persistent Threat

An Advanced Persistent Threat (APT) is a threat involving a cyber attack over an extended period of time using a variety of methods.

These kinds of cyber attacks often go undetected as the attackers are very strategic, basing their decisions on gathered intelligence and leaving little-to-no trace. APT groups are often open about their successes online, and groups are often named in news articles.

APTs are sometimes nation state or state-sponsored attacks, and often target large enterprises including operators of critical national infrastructure (CNI), and advanced manufacturers such as pharmaceutical or automotive manufacturers.

ADS: Anomaly Detection System

An Anomaly Detection System (ADS) is a system which monitors a network or system and discovers anomalies. They could be intrusions (as in the case of an Intrusion Detection System [IDS]) or some other kind of anomaly.

An ADS, or specifically an IDS, is often used by a SOC during the monitoring of daily operations.