Threat Ecosystem

Threat, Vulnerability and Countermeasure

Understanding current threats

Now you know what information assets you have, you’ll look at how those assets can be compromised.

You will learn about some different kinds of threat, the vulnerabilities that they exploit and some countermeasures that can be put in place to guard against them. When we use those terms we mean:

• Vulnerability – a point at which there is potential for a security breach
• Threat – some danger that can exploit a vulnerability
• Countermeasure – action you take to protect your information against threats and vulnerabilities.

Threats can take many different forms, including unauthorised access to data with the intent of committing fraud against individuals or businesses. At its most extreme, there is the potential for the systematic disruption of computer networks and services, putting cyber security threats on a par with those associated with terrorism. In 2010, the UK government’s National Security Strategy highlighted cyber security attacks on the UK as a ‘Tier 1’ threat, which means they are one of the highest priorities for action.

New threats are being discovered all the time and they can affect any and every operating system, including Windows, Mac OS, Linux, Android and iOS. To protect ourselves it is important to keep ourselves up to date with the latest cyber security news.

Information Security - Threat and Attack

Threat: A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit vulnerability.

Attack: An assault on system security that derives from an intelligent threat. That is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violates the security policy of a system.