top of page
Search

Risk and Threats

  • ali@fuzzywireless.com
  • Mar 4, 2022
  • 2 min read

Threat analysis group (2018) define threat as anything that can exploit a vulnerability either intentionally or accidentally to damage or destroy an asset. Vulnerability is referred as weakness or gaps in a program related to information security that can lead to unauthorized access to an asset. Finally, risk is defined as potential for loss or damage of an asset as a result of threat exploiting a vulnerability thus risk is described as an intersection of assets, threat and vulnerabilities. (2018).


Watts (2018) define threat as an incident which can harm a system or overall organization. Threat can be:

1. Natural – floods, tornadoes etc.

2. Unintentional – employee mistake etc.

3. Intentional – spyware, malware etc.


On the other hand, risk is referred as the potential loss due to vulnerability exploited by threat. For instance, risk can be financial, privacy, business disruption, reputational damage, legal implications, loss of life etc. (2018).


For the fictional ABC telecommunication company, there are wide variety of threats for example natural threat like, hurricane, storm, flood etc. can risk the sanctity of physical network equipment’s as well as lives of personnel. Similarly, unintentional threat due to employee mistake of changing incorrect network parameter can lead to loss of traffic or complete outage of services in a given geographical area. Intentional threat like denial-of-service, distributed DOS etc. attacks can bring the switches and gateways down resulting in partial or complete outage of network services. Risk associated with unintentional and intentional threats can cause severe financial damage, legal issues, regulatory warnings and fines, loss of life and so on.


References:


Threat analysis group (2018). Threat, vulnerability, risk – commonly mixed up terms. Retrieved from https://www.threatanalysis.com/2010/05/03/threat-vulnerability-risk-commonly-mixed-up-terms/


Watts, S. (2018). IT Security Vulnerability vs threat vs risk: what’s the difference? Retrieved from http://www.bmc.com/blogs/security-vulnerability-vs-threat-vs-risk-whats-difference/

Recent Posts

See All
Policy Proposal for healthcare

Data Privacy - HIPAA Data privacy is regulated by the implementation of regulations set forth by Health Insurance Portability and...

 
 
 
Security Framework

Greene (2014) define security framework as a collective term given to guidance on topics related to information systems security,...

 
 
 

Comments

Post: Blog2_Post
bottom of page