Cybersecurity risk is
|“||[t]he risk to organizational operations (including mission, functions, image, reputation), resources, and other organizations due to the potential for unauthorized access, use, disclosure, disruption, modification, or destruction of information and/or IT and ICS.||”|
"The risks associated with any attack depend on three factors: threats (who is attacking), vulnerabilities (the weaknesses they are attacking), and impacts (what the attack does). The management of risk to information systems is considered fundamental to effective cybersecurity."
- ↑ Electricity Subsector Cybersecurity Risk Management Process, at 62.
- ↑ Cybersecurity Issues and Challenges: In Brief, at 2.