Technology and Behavioral Risk Management
Expert-defined terms from the Advanced Certificate in Behavioral Risk Management (Poland) course at London School of Business and Administration. Free to read, free to share, paired with a professional course.
Adaptive Security Architecture – A design framework that dynamically adju… #
Related terms: risk‑adaptive access, zero‑trust model. Example: A network that tightens firewall rules when anomalous user behavior is detected. Challenge: Requires continuous monitoring and sophisticated analytics to avoid over‑restriction.
Algorithmic Bias – Systematic and unfair discrimination embedded in autom… #
Related terms: fairness, ethical AI. Example: An AI‑driven hiring tool that undervalues candidates from certain demographics. Challenge: Detecting hidden bias in complex models and mitigating it without compromising performance.
Artificial Intelligence (AI) Ethics – Principles guiding the responsible… #
Related terms: responsible AI, governance. Example: Implementing transparency logs for AI‑generated recommendations in financial risk analysis. Challenge: Balancing innovation speed with thorough ethical review.
Automation Fatigue</b – The reduced vigilance of operators caused by excessiv… #
Related terms: alarm fatigue, human‑automation interaction. Example: Security analysts ignoring alerts after weeks of false positives. Challenge: Designing alert thresholds that maintain human engagement.
Behavioral Analytics – The study of patterns in user actions to identify… #
Related terms: user behavior analytics (UBA), anomaly detection. Example: Detecting a surge in file downloads from an employee’s account after hours. Challenge: Differentiating legitimate outliers from malicious activity.
Behavioral Biometrics – Authentication methods that verify identity based… #
Related terms: continuous authentication, keystroke dynamics. Example: A banking app that flags a login session when typing speed deviates from the norm. Challenge: Managing privacy concerns while maintaining accuracy.
Behavioral Risk Modeling – Quantitative models that predict the likelihoo… #
Related terms: predictive analytics, risk scoring. Example: A model that forecasts insider threat probability using email sentiment and access patterns. Challenge: Securing high‑quality data and avoiding over‑fitting.
Behavioral Threat Intelligence – Information that captures the tactics, t… #
Related terms: threat hunting, MITRE ATT&CK. Example: Sharing patterns of lateral movement observed in ransomware campaigns. Challenge: Keeping intelligence up‑to‑date and actionable across organizations.
Biometric Spoofing – The act of falsifying biometric data to gain unautho… #
Related terms: presentation attack, liveness detection. Example: Using a high‑resolution fingerprint replica to unlock a device. Challenge: Implementing robust anti‑spoofing measures without degrading user experience.
Cloud Access Security Broker (CASB) – A security policy enforcement point… #
Related terms: SaaS security, data loss prevention (DLP). Example: Enforcing encryption for files uploaded to a collaboration platform. Challenge: Managing visibility across multiple cloud services and APIs.
Cloud Security Posture Management (CSPM) – Automated tools that assess an… #
Related terms: compliance automation, IaC scanning. Example: Detecting publicly exposed storage buckets in a public cloud. Challenge: Reducing false positives while maintaining rapid remediation cycles.
Computer Vision Threat Detection – Use of image‑processing algorithms to… #
Related terms: video analytics, object recognition. Example: Recognizing unattended bags in an airport terminal via CCTV. Challenge: Handling diverse lighting conditions and privacy regulations.
Credential Stuffing – Automated injection of breached username/password p… #
Related terms: password spraying, brute‑force attack. Example: Bots attempting logins on a corporate VPN using leaked credentials. Challenge: Distinguishing legitimate login attempts from malicious activity at scale.
Cyber‑Physical Systems (CPS) – Integrated networks that combine computati… #
Related terms: IoT, SCADA. Example: A smart grid that adjusts power distribution based on real‑time demand. Challenge: Protecting both the digital and physical layers against coordinated attacks.
Data Anonymization – The process of removing personally identifiable info… #
Related terms: de‑identification, k‑anonymity. Example: Masking customer names in a dataset used for risk modeling. Challenge: Balancing utility against re‑identification risk.
Data Exfiltration – Unauthorized transfer of data from an organization to… #
Related terms: data leakage, insider threat. Example: Malware that compresses and uploads confidential documents to a remote server. Challenge: Detecting low‑volume, stealthy exfiltration channels.
Data Governance – The set of policies, processes, and standards that ensu… #
Related terms: data stewardship, data lifecycle. Example: Defining who can access customer financial records and under what conditions. Challenge: Aligning governance with rapidly evolving regulatory landscapes.
Data Lake Security – Controls and practices that protect large, heterogen… #
Related terms: lakehouse, access control. Example: Role‑based permissions that restrict raw log ingestion to security analysts. Challenge: Managing fine‑grained access in a highly scalable environment.
Decision‑Support Systems (DSS) – Computer‑based tools that aid human deci… #
Related terms: expert systems, dashboards. Example: A risk dashboard that suggests mitigation actions based on current threat levels. Challenge: Preventing over‑reliance on automated recommendations.
Deception Technology – Security tools that create fake assets or environm… #
Related terms: honeypots, honeytokens. Example: Deploying decoy servers that trigger alerts when accessed. Challenge: Maintaining realism without exposing real assets.
Digital Twin – A virtual replica of a physical system used for simulation… #
Related terms: simulation modeling, predictive maintenance. Example: A digital twin of a manufacturing line that predicts failure based on sensor data. Challenge: Ensuring fidelity and synchronizing updates in real time.
Distributed Ledger Technology (DLT) – A decentralized database that recor… #
Related terms: blockchain, smart contracts. Example: Using a permissioned ledger to track supply‑chain provenance. Challenge: Managing scalability and privacy while preserving immutability.
Edge Computing Security – Protecting data processing performed at the net… #
Related terms: fog computing, IoT security. Example: Encrypting sensor data before transmission from a remote oil rig. Challenge: Limited resources on edge devices constrain traditional security controls.
Enterprise Risk Management (ERM) Framework – A structured approach for id… #
Related terms: ISO 31000, COSO. Example: Integrating cyber‑risk metrics into the overall risk register. Challenge: Aligning disparate risk domains and ensuring consistent reporting.
Explainable AI (XAI) – Techniques that make the outputs of AI models unde… #
Related terms: model interpretability, transparency. Example: Providing feature importance scores for a fraud‑detection algorithm. Challenge: Maintaining model performance while delivering clear explanations.
Federated Learning – A machine‑learning approach that trains models acros… #
Related terms: privacy‑preserving AI, on‑device learning. Example: Updating a malware detection model using data from smartphones without transmitting raw files. Challenge: Handling heterogeneous data quality and communication overhead.
Human‑In‑The‑Loop (HITL) – Security processes that require human judgment… #
Related terms: semi‑automation, decision gating. Example: An analyst reviews AI‑flagged phishing emails before quarantine. Challenge: Designing interfaces that present actionable insights without overwhelming users.
Identity and Access Management (IAM) – Systems that control user identiti… #
Related terms: single sign‑on (SSO), privilege management. Example: Enforcing multi‑factor authentication for privileged accounts. Challenge: Scaling policies across cloud and on‑premise environments while preventing “access creep”.
Incident Response Automation – Use of scripts and playbooks to accelerate… #
Related terms: SOAR, orchestration. Example: Automatically isolating a workstation after detecting ransomware behavior. Challenge: Ensuring automation does not bypass critical manual verification steps.
Information Flow Control (IFC) – Mechanisms that restrict how data can mo… #
Related terms: data tagging, mandatory access control (MAC). Example: Preventing confidential documents from being sent to external email addresses. Challenge: Defining granular policies that are both enforceable and adaptable.
Insider Threat Analytics – Techniques that monitor and analyze employee b… #
Related terms: user and entity behavior analytics (UEBA), privileged user monitoring. Example: Alerting when a privileged user accesses a large number of HR files. Challenge: Balancing privacy rights with security monitoring.
Internet of Things (IoT) Security – Protecting connected devices that com… #
Related terms: device authentication, firmware integrity. Example: Deploying secure boot on industrial sensors to prevent tampering. Challenge: Managing a vast, heterogeneous device fleet with limited update capabilities.
Knowledge Graphs for Risk – Structured representations of entities and th… #
Related terms: semantic modeling, ontology. Example: Linking vendor contracts, compliance clauses, and audit findings to highlight exposure gaps. Challenge: Keeping the graph current as organizational structures evolve.
Least Privilege Enforcement – Granting users only the minimal access nece… #
Related terms: role‑based access control (RBAC), zero‑trust. Example: Restricting a marketing analyst from accessing finance databases. Challenge: Continuously reviewing permissions as roles change.
Machine Learning Model Drift – The degradation of model performance over… #
Related terms: concept drift, model monitoring. Example: A phishing detection model that misses new phishing tactics after several months. Challenge: Detecting drift early and retraining without service interruption.
Malware Sandbox – Isolated environments where suspicious code is executed… #
Related terms: dynamic analysis, threat emulation. Example: Running an unknown executable in a virtual machine to capture network calls. Challenge: Emulating realistic conditions to avoid detection evasion.
Multi‑Factor Authentication (MFA) – Requiring two or more verification me… #
Related terms: token, biometric factor. Example: Combining a password with a hardware token for VPN login. Challenge: User convenience versus security strength, especially for remote workers.
Network Segmentation – Dividing a network into distinct zones to limit la… #
Related terms: micro‑segmentation, VLAN. Example: Isolating the finance department’s subnet from the general corporate LAN. Challenge: Managing inter‑segment policies without hindering legitimate workflows.
Privacy‑Preserving Computation – Techniques that enable data analysis whi… #
Related terms: homomorphic encryption, secure multi‑party computation. Example: Aggregating health data from multiple hospitals without exposing patient records. Challenge: High computational overhead and algorithmic complexity.
Predictive Risk Scoring – Assigning numerical values to entities based on… #
Related terms: risk index, threat rating. Example: A score indicating the probability that a vendor will experience a data breach. Challenge: Avoiding bias in scoring models and ensuring transparency.
Quantum‑Resistant Cryptography – Encryption algorithms designed to withst… #
Related terms: post‑quantum cryptography, lattice‑based encryption. Example: Deploying NIST‑approved key‑encapsulation mechanisms for future‑proof communications. Challenge: Integrating new algorithms into legacy systems without performance loss.
Real‑Time Threat Intelligence – Immediate, actionable information about e… #
Related terms: STIX/TAXII, feed aggregation. Example: Receiving automated alerts when a new ransomware variant is observed globally. Challenge: Filtering noise and correlating with internal telemetry.
Risk Appetite Definition – The amount and type of risk an organization is… #
Related terms: risk tolerance, risk threshold. Example: Setting a tolerance level that allows low‑impact phishing incidents but not data exfiltration. Challenge: Communicating appetite across business units and aligning with regulatory expectations.
Risk Heat Map – Visual representation that plots risk likelihood against… #
Related terms: risk matrix, dashboard. Example: Highlighting high‑impact, high‑probability risks in red for executive review. Challenge: Ensuring consistent scoring criteria across diverse risk categories.
Risk Quantification – Translating risk factors into monetary or statistic… #
Related terms: expected loss, value‑at‑risk (VaR). Example: Estimating a $2 million potential loss from a cyber‑incident based on historical data. Challenge: Dealing with uncertainty and limited incident data.
Risk Register – Centralized repository that records identified risks, the… #
Related terms: risk log, tracking system. Example: Documenting a risk that third‑party software may contain vulnerabilities. Challenge: Keeping the register up‑to‑date as new risks emerge.
Secure Development Lifecycle (SDLC) – Integrated process that embeds secu… #
Related terms: DevSecOps, threat modeling. Example: Conducting static code analysis during each build phase. Challenge: Aligning security checks with rapid Agile sprints.
Security Information and Event Management (SIEM) – Platform that aggregat… #
Related terms: log aggregation, incident detection. Example: Correlating failed login attempts with unusual network traffic to detect a brute‑force attack. Challenge: Managing high data volume while reducing false positives.
Security Orchestration, Automation, and Response (SOAR) – Tools that coor… #
Related terms: playbooks, incident workflow. Example: Auto‑assigning a phishing incident to a response team after enrichment. Challenge: Designing flexible playbooks that adapt to evolving threats.
Security Operations Center (SOC) Maturity Model – Framework for assessing… #
Related terms: capability maturity, performance metrics. Example: Moving from reactive monitoring to proactive threat hunting. Challenge: Securing budget and talent for continuous improvement.
Secure Multi‑Party Computation (SMPC) – Cryptographic method allowing par… #
Related terms: secret sharing, privacy‑preserving analytics. Example: Multiple banks calculating aggregate fraud statistics without exposing individual customer data. Challenge: Complex protocol implementation and performance overhead.
Social Engineering Defense – Strategies and controls to prevent manipulat… #
Related terms: phishing awareness, security training. Example: Simulated phishing campaigns to gauge employee susceptibility. Challenge: Maintaining engagement and avoiding training fatigue.
Software Bill of Materials (SBOM) – Inventory of all components, librarie… #
Related terms: supply chain transparency, component licensing. Example: Publishing an SBOM for a web application to identify vulnerable third‑party libraries. Challenge: Keeping the SBOM current as code evolves.
Supply Chain Risk Management (SCRM) – Processes for identifying and mitig… #
Related terms: vendor assessment, third‑party risk. Example: Conducting security questionnaires for cloud service providers. Challenge: Balancing thoroughness with the speed of procurement cycles.
Threat Modeling – Systematic analysis of potential attack vectors, assets… #
Related terms: STRIDE, attack trees. Example: Applying STRIDE to a new API to identify spoofing and tampering risks. Challenge: Keeping models aligned with rapid development cycles.
Zero‑Trust Architecture – Security paradigm that assumes no implicit trus… #
Related terms: micro‑segmentation, continuous verification. Example: Requiring MFA and device posture checks for every internal application request. Challenge: Integrating legacy systems and managing performance impacts.
Zero‑Day Vulnerability – Security flaw unknown to the vendor and unpatche… #
Related terms: exploit, CVE. Example: An attacker leveraging a newly discovered kernel bug to gain elevated privileges. Challenge: Rapid detection and mitigation before patches are released.
Behavioral Risk Dashboard – Visual interface that presents key behavioral… #
Related terms: KPI, risk metrics. Example: Displaying a trend line of failed login attempts per user group. Challenge: Selecting metrics that are both actionable and comprehensible for executives.
Context‑Aware Access Control – Granting permissions based on situational… #
Related terms: adaptive authentication, dynamic policy. Example: Allowing access to sensitive data only from corporate devices within the office network. Challenge: Collecting reliable context data while respecting privacy.
Digital Forensics – Scientific process of preserving, analyzing, and pres… #
Related terms: chain of custody, incident investigation. Example: Recovering deleted log files to reconstruct a breach timeline. Challenge: Maintaining evidence integrity amid volatile environments.
Dynamic Risk Assessment – Continuous evaluation of risk as conditions cha… #
Related terms: real‑time monitoring, risk dashboard. Example: Updating risk scores when a new vulnerability is disclosed for critical software. Challenge: Integrating diverse data sources and automating assessment logic.
Endpoint Detection and Response (EDR) – Solutions that monitor endpoint a… #
Related terms: XDR, host‑based sensors. Example: Flagging a process that attempts to disable Windows Defender. Challenge: Balancing depth of telemetry with endpoint performance.
Explainable Risk Scores – Providing transparent reasoning behind risk cal… #
Related terms: model interpretability, risk communication. Example: Showing that a vendor’s risk score increased due to recent security incidents and poor patch cadence. Challenge: Simplifying complex statistical outputs for non‑technical stakeholders.
Human Factors Engineering – Designing systems that account for human capa… #
Related terms: usability, cognitive load. Example: Simplifying password reset workflows to minimize insecure work‑arounds. Challenge: Aligning security controls with ergonomic principles.
Incident Severity Classification – Categorizing incidents based on impact… #
Related terms: tiered response, SLA. Example: Defining “Critical” incidents as those causing service outage for >1 hour. Challenge: Consistently applying criteria across diverse incident types.
Information Rights Management (IRM) – Controlling how digital information… #
Related terms: DRM, data leakage protection. Example: Encrypting a PDF so recipients cannot copy or print it without authorization. Challenge: User adoption and compatibility with multiple platforms.
IoT Device Identity Management – Assigning and managing unique identifier… #
Related terms: PKI for IoT, device attestation. Example: Issuing certificates to sensors for mutual TLS authentication. Challenge: Scaling certificate issuance and renewal for millions of devices.
Knowledge‑Based Authentication (KBA) – Verifying identity by asking perso… #
Related terms: security questions, shared secret. Example: Prompting a user to recall a previously set phrase during password recovery. Challenge: Susceptibility to social engineering and data breaches.
Machine‑to‑Machine (M2M) Security – Protecting autonomous communications… #
Related terms: protocol hardening, secure APIs. Example: Encrypting telemetry data sent from industrial controllers to a central SCADA system. Challenge: Limited processing power on devices restricts cryptographic options.
Multivariate Anomaly Detection – Identifying outliers by analyzing multip… #
Related terms: statistical profiling, clustering. Example: Detecting a user who logs in from an unusual location while accessing atypical file types. Challenge: Managing high‑dimensional data and avoiding false alerts.
Predictive Maintenance – Using sensor data and analytics to anticipate eq… #
Related terms: condition monitoring, IoT analytics. Example: Scheduling HVAC repairs after vibration analysis indicates bearing wear. Challenge: Integrating maintenance alerts into existing operational workflows.
Privacy Impact Assessment (PIA) – Systematic evaluation of how personal d… #
Related terms: GDPR compliance, data protection. Example: Assessing privacy risks of a new employee wellness app. Challenge: Keeping assessments current as data processing activities evolve.
Proactive Threat Modeling – Anticipating future attack techniques by stud… #
Related terms: horizon scanning, red teaming. Example: Incorporating supply‑chain attack scenarios into the organization’s threat model. Challenge: Allocating resources to speculative threats without neglecting known vulnerabilities.
Risk‑Based Authentication (RBA) – Adjusting authentication requirements b… #
Related terms: adaptive MFA, behavioral risk scoring. Example: Prompting for a security token only when a login originates from a new device. Challenge: Defining risk thresholds that minimize friction while preserving security.
Secure Enclave – Isolated execution environment within a processor that p… #
Related terms: trusted execution environment (TEE), hardware root of trust. Example: Storing cryptographic keys in a secure enclave to prevent extraction by malware. Challenge: Limited programmability and vendor‑specific implementations.
Security Automation Framework – Structured approach for deploying repeata… #
Related terms: DevSecOps pipeline, policy as code. Example: Using infrastructure‑as‑code scripts to enforce encryption on all new storage buckets. Challenge: Ensuring automation aligns with evolving compliance requirements.
Threat Intelligence Platform (TIP) – Centralized system for aggregating,… #
Related terms: feed integration, enrichment. Example: Correlating internal alerts with external indicators of compromise from a TIP. Challenge: Managing data quality and avoiding information overload.
Zero‑Trust Network Access (ZTNA) – Secure remote access model that enforc… #
Related terms: software‑defined perimeter, identity‑driven security. Example: Providing contractors with application‑specific access without exposing the corporate network. Challenge: Integrating with legacy VPN solutions and ensuring seamless user experience.