Threats and Risks

Threats and Risks

The term risk and threat can often be misunderstood. A threat can never be stopped. Think about it this way – a man in public may threaten to throw a bottle at you. You cannot stop him from making this threat. You can however mitigate the risk of the threat. The risk is you being hit. Moving when he throws it mitigated the risk. The term "threat mitigation" is not valid. Risk mitigation is the correct terminology.

Risk = Likelihood
Threat = Impact of an event

When we talk about threats, we are referring to the impact. Data loss is a threat. Personal information being stolen is a threat. A virus or malware is not a threat - those are threat agents. Some of the most common threat agents are:

• Insiders: Keep in mind that insiders can be the greatest risk to an organization. Insiders are thought to be responsible for some of the latest high profile attacks.
• Supply chain: Exploiting a supply chain is a method of targeting a specific organization or industry.
• Emails: Getting an employee to click on an email with a malicious attachment or link is a common way of penetrating perimeter security.

Emails are responsible for launching highly sophisticated espionage campaigns known as Advanced Persistent Threats (APT) if the email is opened.

What are the latest risks and threats?

The topic of risks and threats is very dynamic with events occurring daily around the world. Keep up to date - even on the go with our news site THREATCORE PROJECT. THREATCORE PROJECT provides daily links to news of cyberattacks, information security (infosec) and technology related stories.

Microteknix LLC | Pottstown, PA 19465