CIO is an acronym that can be used for either Chief Information Officer or Chief Innovation Officer.
CERT: Computer Emergency Response Team
CERT is an acronym for Computer Emergency Response Team. There are geographical CERTs, such as CERTs for a local or national areas. There are also subject specific CERTs, such as CERTs for ICS.
BYOD: Bring Your Own Device
Bring Your Own Device, or BYOD, indicates the permission given by a company for their employees and/or visitors to use their own personal devices on corporate networks and sometimes to view privileged information. This is opposed to strictly allowing only business-owned devices.
BYOD often provides efficiencies, shows trust from the business and can even improve mental wellbeing in the workplace.
However, BYOD opens up the possibility of cyber attacks - increasing the attack surface of the organisation. In order to counteract this, good cyber security hygiene is advised from the business from a policy perspective, from a training perspective and from a technical perspective.
BAC: Building Automation and Control
BAC systems, or Building Automation and Control systems, are automated systems within buildings which provide such things as:
Heating, Ventilation and Air Conditioning (HVAC)
Humidity and ventilation
Fire and smoke alarms and control
Flood safety
Lighting
Physical access (such as keycard or biometric entry systems)
Room automation
Buildings with BAC systems are often called intelligent buildings or smart buildings.
BAC systems are safety-critical systems. However, many BAC systems are internet-connected, and are subject to cyber-security threats.
BAC systems, are sometimes just known as Building Automation Systems (BAS) or Building Management Systems (BMS).
Botnet
A botnet is a network of compromised devices used for coordinated cyber attacks such as DDoS attacks.
Brute Force
A brute force attack is a type of cyber attack which uses vast quantities of data combinations to gain access to data.
APT: Advanced Persistent Threat
An Advanced Persistent Threat (APT) is a threat involving a cyber attack over an extended period of time using a variety of methods.
These kinds of cyber attacks often go undetected as the attackers are very strategic, basing their decisions on gathered intelligence and leaving little-to-no trace. APT groups are often open about their successes online, and groups are often named in news articles.
APTs are sometimes nation state or state-sponsored attacks, and often target large enterprises including operators of critical national infrastructure (CNI), and advanced manufacturers such as pharmaceutical or automotive manufacturers.
ADS: Anomaly Detection System
An Anomaly Detection System (ADS) is a system which monitors a network or system and discovers anomalies. They could be intrusions (as in the case of an Intrusion Detection System [IDS]) or some other kind of anomaly.
An ADS, or specifically an IDS, is often used by a SOC during the monitoring of daily operations.