A threat is a circumstance or event that has or could potentially exploit vulnerabilities or adversely impact (create adverse consequences for) organizational operations, organizational assets (including information and information systems), individuals, other organizations, or society. This includes an individual or group of individuals, entity such as an organization or a nation), action, or occurrence.
For example, if you are accosted by a mugger after leaving a movie theater on your way to your car, the Mugger represents a Threat. More specifically, if they have a Gun or a Knife, those objects are considered the Threat to your safety and well being. See also the term Vulnerability for an explanation of your risk which is the combination of the threat and your vulnerability to that threat. If you are a black belt karate instructor, the knife may not represent a threat to you because you are not vulnerable to it.
See Also: Exposure, Risk, Vulnerability
Source: DHS Risk Lexicon, NIPP, CNSSI 4009, NIST SP 800-53 Rev 4
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
Spoiler alert: If you’re still using “password123” or “iloveyou” for your login… it’s time for an...
Read more
CyberHoot June Newsletter: Stay Informed, Stay Secure Welcome to the June edition of CyberHoot’s newsletter,...
Read more
Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.
