backdoor –an unofficial method to access software or a device that bypasses the normal authentication requirements.
backup –(i) the process of archiving a copy of something so that it can be restored following a disruption. (ii) having a redundant (secondary) capability to continue a process, service or application if the primary capability is disrupted.
bashdoor – alternative name for the family of security bugs also known as shellshock. See entry for shellshock.
behavior monitoring – a method of surveillance to check for actions or activities that may indicate rogue or undesirable intent.
BGP – see Border Gateway Protocol,
biometrics – the use of physical qualities and attributes as a form of identity authentication. Fingerprint scans, retina scans and facial recognition are all examples of biometric. As fast as new biometric options are created, the means to defeat them often follow. For this reason, biometrics is usually used only as a part of a multi-factor authentication.
bitcoin – a decentralized, virtual digital currency and payment system, based on a distributed, public ledger. The currency provides a high degree of transactional anonymity as balances and ledger entries are associated with private cryptographic keys and not with the individual or company that uses it (lose your key, lose your money). This has made it, along with other digital currencies a payment method of choice for illegal transactions, including making and receiving cyber blackmail payments.
black-box penetration testing – is the term used to describe a situation where no advance information about the technical details of a computer program have been made available to those who are checking it for vulnerabilities. They are operating without any inside knowledge, so the term is used to indicate a lack of visibility inside the ‘box’ (program) they are checking.
black hat – a person who engages in attempts to gain unauthorized access to one or more digital devices with nefarious (criminal or unethical) objectives. A hacker with unethical goals, or no perceived ethical goals.
black-listing – (in the context of cybersecurity) adding a specific file type, URL or data packet to a security defense program to prevent it from being directly accessed or used. For example, a website domain can be blocked using firewall rules to ensure that no user can visit that website through usual means.
bleeding edge – Using inventions so new, they have the likelihood to cause damage to their population before they become stable and safe.
blue team – the group of people that assemble during a mock attack by a red team to help defend the digital landscape being targeted.
border gateway protocol (BGP) – is a standard format that different systems on a network can use to share and make decisions on the path (routing) for information.
Bot – is a computer program designed to perform tasks. They are usually simple, small and designed to perform fast, repetitive tasks. Where the purpose of the program is in conflict with the organization, they can be considered to be a form of malware. See also botnet.
bot herder – is a hacker who uses automated techniques to seek vulnerable networks and systems. Their initial goal is to install or find bot programs they can use. Once they have one or more bots in place, they can control these to perform a larger objective of stealing, corrupting and/or disrupting information, assets and services. See also botnet.
bot master – alternative naming convention for a bot herder.
botnet – shortened version of robotic network. A connected set of programs designed to operate together over a network (including the internet) to achieve specific purposes. The purpose can be good or bad. Some programs of this type are used to help support internet connections, malicious uses include taking over control of some or all of a computers functions to support large scale service attacks (see denial of service). Botnets are sometimes referred to as a zombie army.
breach notification procedure – some types of information, when suspected or known to be lost or stolen, are required to be reported to one or more authorities within a defined time period. Usually this is when personal information is involved. The notification time period varies but is often within 24 hours. In addition to reporting the known or suspected loss to the authorities, the lead organization responsible for the information (referred to as the data controller) is also required to swiftly notify any people who are affected and later to submit, to appropriate regulators, a full root cause analysis and information about how they have responded and fixed any issues identified. To meet these legal obligations, larger companies usually have a predefined breach notification procedure to ensure that the timelines are met. The fines for data breaches are usually increased or decreased based on the adequacy of the organizations breach and incident response management.
brute force (attack) – the use of a systematic approach to try to gain unauthorized access. For example, if there is a single password that is only 8 characters long, there are only a finite number of possibilities that can be attempted through an automated attempt of all possible combinations. Computing speeds make brute force attempts to try millions of possibilities easy if other defenses are not present.
bug – a flaw or fault in an application or system. The term originated from very early computers that had huge capacitors that could become defective if physical insects (bugs) were present and shorted the connection.
Business Continuity Plan – (abbreviation BCP) an operational document that describes how an organization can restore their critical products or services to their customers should a substantial event that causes disruption to normal operations occur.
BYOC – acronym for Bring Your Own Cloud. A term used to describe the cybersecurity status where employees or contractors are making direct decisions to make use of externally hosted services to manage, at least some of, their organizations work. If this is taking place without the inclusion of a process to risk assess and control the security features, it can lead to significant risks both to the direct information involved and by potentially opening up other security gaps in the digital landscape.
BYOD – acronym for Bring Your Own Device, indicating that employees and other authorized people can bring some of their own digital devices into the work place to use for some work purposes. Some security people also use this term for ‘Bring Your Own Disaster’ due to the uncontrollable number of security variables that this introduces to any information allowed to flow on to or through personal devices.