What are the differences between threat, vulnerability, and consequence in the context of cybersecurity?
Asked by
arzour (
1)
July 27th, 2021
To clarify, this is not my homework. I did this on my past tutorial, Now we are on study week. I don’t feel satisfied with my answer. So, I hope someone can give me profound understanding so I can answer the question just in case it appears on my final exam. thank you.
Observing members:
0
Composing members:
0
3 Answers
Those are academic terms, or possibly professional cybersecurity lingo. I’m a software developer, but have only done a few projects in cybersecurity, and I don’t follow the academic or industry terminology very closely.
However, I would say:
Vulnerability – any potential way in which a system could be used in a way its owners don’t want, and would prefer not to be possible. It includes ways an unauthorized person or program could take more control of the system than the owner wants, to access or alter the data or programs, cause damage, etc. It includes physical and social aspects, electronic and programming aspects, etc.
Consequence – Any undesired outcome that actually happens from a Vulnerability. i.e. The system crashes because someone used it in a way the owner wishes weren’t possible. Or someone accessed and/or modified data the owner intended to be inaccessible. Or a program infected the system with viruses and sent a million spam emails and launched a DOS attack. Or someone bribed or seduced an admin and stole some passwords. Or someone broke into the server room and stole the hard drive.
Threat – I don’t know for sure what they mean, but probably people, organizations, or software that may tend to actually take action that would use a Vulnerability to cause a Consequence. Could be a hacker or spy or burglar. Could be a virus or malicious or badly-designed software such as Microsoft Update, or a DDOS attack. Could be ignorant users who don’t know what they’re doing.
Response moderated (Unhelpful)
Response moderated (Unhelpful)
Answer this question
This question is in the General Section. Responses must be helpful and on-topic.