Definitions

/in /by

Risk – Is any chance or probability that could cause a loss of, or damage to computer hardware, software, data,
information or processing capability.

Threats – Are malicious acts that seek to damage data, steal data, or disrupt digital life in general.

Vulnerability – Is a weakness which can be exploited by a threat to gain unauthorized access to or perform unauthorized actions on a computer system.

Incident– Is an event that may indicate that an organization’s systems or data have been compromised or that measures put in place to protect them have failed.

Risk mapping – Is identifying the risks associated with an organization, project or other system in a way which enables an organization to understand the risk better.

Threat hunting – The process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions.

Threat model – Threat modeling is a process of identifying potential threats, such as structural vulnerabilities or the absence of appropriate safeguards, through which risks can be enumerated, and mitigations can be prioritized.

Security policy – A Security Policy lays out the rules and procedures for all individuals accessing and using organizational IT assets and resources.

Ransom-ware – This is a form of malware (malicious software) that attempts to encrypt (scramble) your data and then extort a ransom to release an unlock code to regain access your computer system.

Risk impact – An estimate of the potential losses associated with an identified risk. standard risk analysis practice to develop an estimate of probability and impact.