Cybersecurity: Threats, Vulnerabilities, and Risks

Rajesh Laskary
4 min readJul 24, 2021

This post explains cybersecurity threats, vulnerabilities, and risks, in simple words with examples. This will help you build a robust understanding of cybersecurity or information security.— By Rajesh Laskary

Understanding the cybersecurity fundamentals is paramount before starting your cybersecurity voyage. This short post will not only help you understand ‘What is cybersecurity?’ but will also help prepare for various cybersecurity certifications such as CISSP, CISM, CompTIA Security+, etc. I’d suggest starting with reading ‘Thinking of A Career Growth In Cybersecurity! Understand Why You Need To Know The CIA Triad First and then reading through the post below.

(Cybersecurity Threats, Vulnerabilities, and Risks)

What Is a Threat?

See it as a “DANGER”

  • A threat is any type of danger, which can steal or damage the data, cause disruption or harm to the information systems in general.
  • A threat involves a malicious act that aims to destroy or damage data, disrupt operations or inflict harm to information systems.
  • A malicious act that can result in the compromise of confidentiality, integrity, or availability (CIA triad) information.

Examples of Threats:

Ransomware, viruses, malware

Denial-of-Service (DoS) attacks, Data breaches, Phishing attacks

Rogue or disgruntled employees (Internal Threats), Hackers

What Is Threat Management?

Threat Management is the process of using a combination of threat detection systems (IDS or IPS) to detect, investigate and analyze, and respond to threats originating from various sources such as websites, emails, applications, network connections, social media, etc.

What Is a Vulnerability?

  • See it as a WEAKNESS
  • A vulnerability is a weakness or flaw in a system (hardware, software), personnel, or procedures, which may be exploited by threat actors in order to achieve their objectives.
  • In simple words, a security vulnerability can be defined as a weakness in any system that an adversary can exploit to compromise the confidentiality, integrity

--

--

Rajesh Laskary

Author, Cybersecurity, Cloud, Blockchain Professional(CISSP, CRISC, CISM, CCAK, CIAM, CIST, CEH, COBIT, CBSP, CBE, ISO27001 LA, ISO27005 RM, PMP, PMI-ACP)