8 Understanding risk

This chapter covers

Demonstrating the differences between issues, vulnerabilities, threats, and risks
Enriching our existing model of the three factors of cybersecurity
Exploring CVE and CVSS scores, learning how to measure the severity of a vulnerability, and learning for yourself how to calculate CVE and CVSS values
Learning how to apply context to a risk model
Combining this knowledge to build easy-to-read reports showing the level of risk

As we kick off part 2 of the book, we start looking at things from a purely defensive point of view and dive in at a deeper level to see how to protect ourselves and our organizations from attackers. Although it would be useful for you to have read the first half of the book, this ...

Get Making Sense of Cybersecurity now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Making Sense of Cybersecurity by Thomas Kranz

8 Understanding risk

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly