Risk Management Part 1

The likelihood of a cyber-attack occurring

The potential for harm resulting from a cyber threat

The cost of implementing security measures

The size of an organization's IT infrastructure

Threat

Vulnerability

Countermeasure

Impact

Confidentiality, Integrity, Availability

Cybersecurity, Integrity, Authorization

Confidentiality, Integrity, Authorization

Cybersecurity, Integrity, Availability

Security policies

Security awareness training

Firewalls

Background checks

They are the same thing

A threat is a weakness in a system, while a vulnerability is any potential danger

A vulnerability is a weakness in a system, while a threat is any potential danger

A threat is the likelihood of a risk occurring, while a vulnerability is the impact

Encryption

Biometric authentication

Security guards

Intrusion detection system

A potential risk

Anything of value to an organization

A risk response strategy

A type of threat actor

Threat x Vulnerability

Asset x Vulnerability

Threat x Asset

Threat x Vulnerability x Asset

To eliminate all threats

To minimize the impact of cyber attacks

To achieve 100% security

To transfer all risks to a third party

Insider threat

Natural disaster

Zero-day exploit

Security patch