Chapter 1: Risk Management
A vulnerability is a weakness in system design, procedure, or code. It can be exploited for a threat to destroy, damage, or compromise an asset. A threat is the circumstance or likelihood of a vulnerability being exploited. The likelihood of the threat is the probability of occurrence or the odds that the event will actually occur.
The BEST definition of a risk in IT is a vulnerability in your ecosystem and the high probability of compromise with a known active threat actor.
A breach of physical security can be instigated by a trusted insider or an untested outsider. Intruders, vandals, and thieves remove sensitive information, destroy data, or physically damage or ...