Definition Edit

Cybersecurity risk is

[t]he risk to organizational operations (including mission, functions, image, reputation), resources, and other organizations due to the potential for unauthorized access, use, disclosure, disruption, modification, or destruction of information and/or IT and ICS.[1]

Overview Edit

"The risks associated with any attack depend on three factors: threats (who is attacking), vulnerabilities (the weaknesses they are attacking), and impacts (what the attack does). The management of risk to information systems is considered fundamental to effective cybersecurity."[2]

References Edit

  1. Electricity Subsector Cybersecurity Risk Management Process, at 62.
  2. Cybersecurity Issues and Challenges: In Brief, at 2.

See also Edit