Vulnerability vs Threat vs Risk: What’s the Difference?
Threat: Anything that can exploit vulnerability, intentionally or accidentally.
Vulnerability: Weaknesses or gaps in a security program that can be exploited by threats to gain unauthorized access to an asset.
Risk: refers to the potential for loss or damage when a threat exploits vulnerability. Examples of risk include financial losses as a result of business disruption, loss of privacy, reputational damage, and legal implications and can even include loss of life.
Risk can also be defined as follows:
Risk = Threat X Vulnerability
No comments:
Post a Comment