Skip to main content

Risk Management

Risk

  • Definition:
    • The potential that a threat can exploit a vulnerability and cause damage to assets.
    • Can be measured both quantitatively (using specific values) and qualitatively (using subjective judgment).

information Two main aspects to risk measurement are asset value (AV) and threat modeling.

Asset Value (AV)

  • Involves:
    • Identifying the worth or value of assets within an organization.
    • Determines what assets are critical and need to be prioritized for protection.

Threat Modeling

  • Involves:
    • Identifying potential threats or adversaries targeting an organization's assets.
    • Helps organizations prepare and defend against these identified threats.

Vulnerability Analysis

  • Definition:
    • A process to identify and quantify weaknesses in an organization's assets.
    • Focuses on finding vulnerabilities that can be exploited by threats.

warning Vulnerabilities are gaps or flaws that, if left unaddressed, can be exploited by threats to harm an organization.

Resources

For more insights on attacks and countermeasures related to vulnerabilities: Watch the video

Back to top