Cyber Threat Glossary – By Example

As more and more people talk about security, I hear the terms threat, vulnerability, mitigation and risk used. Often in what I believe is the wrong context.

There are lots of attempts to define the terms, write taxonomies etc. There is little point in duplicating this, however, here is how I think about the terms…

Threat Someone could steal my laptop.
Threat Actor A random chancer in this example. Other examples could be someone specifically targeting my laptop (which alters the likelihood and threat intelligence))
Incident A random chancer steals my laptop.
Threat Intelligence On average each hotel suffers one incident of theft from rooms per year.
Vulnerability I leave my laptop unattended in a hotel room, that has weak room security (see Hotel room zero-factor authentication)
Likelihood I stay in a hotel about 1 day in 20.Combined with my threat intelligence, suggests this example is relatively rare.
Impact A competitor is able to gain advantage from information on the laptop, if the chancer recognised the data and finds a buyer.
Risk If I leave my laptop in a hotel room, there is a small chance that it will be stolen and company confidential information find its way to a competitor.
Risk Treatment Mitigation 1.Encrypt the disk, with a boot level password, and follow operational procedures to ensure the disk is encrypted when unattended.
Mitigation 2. Company policy: do not leave laptop in hotel rooms unattended.

I find these examples easier to relate to than definitions. Do they work for you? Thoughts welcome?


One thought on “Cyber Threat Glossary – By Example

Comments are closed.