Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

How can I differentiate between a threat and a risk?

user-image
Question ajoutée par Lalia Boukhers , Contracts Manager , Ooredoo
Date de publication: 2017/02/21
WILLIE SIANG KHIM TEO
par WILLIE SIANG KHIM TEO , Security Operations Manager SEA & Japan , Hewlett Packard [M] Sdn Bhd

Threat is a potential cause of harm or undesirable impact to an individual, organization or a system and tries totake advantage of vulnerability or weakness that is intrinsic to a system. For example, hackers, viruses and malicious software are all threats to your computer from the internet if you have not got installed a strong antivirus leaving your computer vulnerable to such attacks or threats.

Whereas ‘risk’ is a function of the probability that your organisation will be involved in an attack (either as a deliberate target or just in the wrong place at the wrong time) and the harm that such an attack would cause.

Therefore. eliminating risk involves both reducing threats as well as vulnerabilities of a system.

• Threat is extrinsic to a system, whereas vulnerability is an inherent weakness of a system.

• Vulnerability is utilized by an attacker, to create a real threat to a system.

Sunny Rizvi
par Sunny Rizvi , Director Of Operations , SPAN COMMUNICATIONS INC

Hey Lalia. Your question relates more to English as a language and less to do with marketing communications. This, I believe, is what happens when Bayt invite you to begin posing questions in large numbers...:) But what the heck, if you can ask it, I can answer it...right? So here goes - 'threat' is specific, clearly identifiable and impending. 'Risk' is anticipatory and more generic. Does that work for you? 

Fouad FATHI
par Fouad FATHI , Assistant IT Manager , Quantik - DBCB Maroc

risk refers to the likelihood of being targeted by a given attack and general exposure to a given threat

Abhay Pal Chauhan
par Abhay Pal Chauhan , Senior Technical Officer , Centre for Development of Advanced Computing

 

Threat is an incident with the potential to do harm to a system

Risk is intersection of  assests, threat and vulnerability.

Zayeem Alam
par Zayeem Alam , Consulting Manager , PwC (A.F.Ferguson & Co. a member firm of PwC network)

Threat is mainly a potential cause of an unwanted incident which may harm the organization as a whole or people, processes, technology or data.

Whereas risk is mainly probability of an unwanted event along with its consequence / impact on the organzations objectives or assets.

threat An ation, potential action, or inaction, likely to cause damage, harm or loss while Risk the potential or possibility of compromise, loss, injury or other adverse consequence

Puneet Nagpal
par Puneet Nagpal , INFORMATION SECURITY SENIOR CONSULTANT , Infosys Limited

Risk= Threat x Vulnerability

Naresh Dhondeti
par Naresh Dhondeti , Team lead , Naga InfoTech Pvt Ltd

IT security, like any other technical field, has its own specialized language developed to make it easier for experts to discuss the subject. It pays to understand this jargon when researching security.

Utilisateur supprimé
par Utilisateur supprimé

the Risk is a potential event causing loss or damage. It comes from applying a threat to a vulnerability.     

 

ARUN P
par ARUN P , IT PROJECT MANAGER , GLOBAL ACCESS GENERAL TRADING CONT CO.WLL

exploiting vulnerability is threat and risk is having change to loss or damage of resources.

Risk is a probability and the outcome will only be known if ever it occured..Threat is something that maybe known and can be analysed in order to come up with plans to be able to eliminate the risks that can be caused by this threats... 

More Questions Like This