Explain the differences between threat, vulnerability, and risk.
Topic 8 Discussion 1: Threat, Vulnerability and Risk
A threat is a malicious activity that aims to steal personal data by accessing a digital network or system. It also includes the possibility of attackers successfully accessing sensitive data or information. There are many categories of threats like computer viruses, denial of service attacks, data breaches, and many others.
The threats can be implemented intentionally or unintentionally, and unintentional threats are due to human errors. The threat can also be natural, which arises from any natural disaster.
Vulnerability is a flaw in the design of systems or security procedures, usually exploited by cybercriminals.
The vulnerabilities are often associated with cyber-attacks and are unrelated to any configuration or network. The user downloading any virus file can be one of the causes of vulnerabilities.
Risk can be some potential consequences of any asset loss or damage due to cyber threats. The risk cannot be obliterated, but it can be managed or resolved at a certain level.
Thus, the target of every security professional is to keep system risk as low as possible and not a risk-free system (geeksforgeeks.org, 2021).
Thus, the relationship between three of the terms in cybersecurity can be denoted by the following mathematical expression
Risk = Threat + Vulnerability
References
geeksforgeeks.org, (2021), Difference Between Threat, Vulnerability and Risk in Computer Network, Retrieved from: https://www.geeksforgeeks.org/difference-between-threat-vulnerability-and-risk-in-computer-network/ [Retrieved on: 08-01-2023]
