[t]he capability of an adversary coupled with his/her intentions to undertake any actions detrimental to the success of program activities or operations.[2]
”
“
[a] natural or man-made occurrence, individual, entity, or action that has or indicates the potential to harm life, information, operations, the environment, and/or property.[3]
”
“
[a] potential cause of an unwanted incident, which may result in harm to a system or organization.[4]
Threats to information systems include environmental disruptions, human errors, and purposeful attacks. Attacks on information systems today are often well-organized, disciplined, aggressive, well-funded, and in a growing number of documented cases, extremely sophisticated. Successful attacks on public and private sector information systems can result in great harm to the national and economic security interests of a country.