Difference between revisions of "Vulnerability"
(2 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
{| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px " | {| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px " | ||
| '''1.''' Vulnerability is the [[probability]] or [[likelihood]] of being exposed to an [[event]] that can cause actual [[loss]] to [[organization]] [[asset|assets]]. | | '''1.''' Vulnerability is the [[probability]] or [[likelihood]] of being exposed to an [[event]] that can cause actual [[loss]] to [[organization]] [[asset|assets]]. | ||
+ | {{Template:BL-BCM-5Banner}} | ||
+ | '''Related Terms''': [[Risk Likelihood]] | ||
− | + | {{Template:BCM Course}} | |
− | + | {{Template:BLCoursesBanner}} | |
+ | {{Bcm Institute Source}} | ||
|} | |} | ||
− | {{ | + | {{Template: BookMGISO22301}} |
− | |||
'''2.''' In a security context,vulnerability is a measure of the [[likelihood]] that various types of security/[[control]] measures(physical,personnel,policies,etc)against a [[threat]] source will fail.Vulnerability comprises '[[resilience]]' and 'susceptibility'.[[Resilience]] is related to existing controls and susceptibility is related to exposure. | '''2.''' In a security context,vulnerability is a measure of the [[likelihood]] that various types of security/[[control]] measures(physical,personnel,policies,etc)against a [[threat]] source will fail.Vulnerability comprises '[[resilience]]' and 'susceptibility'.[[Resilience]] is related to existing controls and susceptibility is related to exposure. | ||
− | + | <br> | |
{{HB292 Source}} | {{HB292 Source}} | ||
<br><br> | <br><br> | ||
Line 14: | Line 16: | ||
<br> | <br> | ||
{{ITIL Source}} | {{ITIL Source}} | ||
− | <br> | + | <br><br> |
'''4.''' A weakness of any [[system]], data, [[people]] or [[Process|processes]] that can be exploited by one or more [[Threat|threats]]. | '''4.''' A weakness of any [[system]], data, [[people]] or [[Process|processes]] that can be exploited by one or more [[Threat|threats]]. | ||
<br> | <br> | ||
{{MS1970 Source}} | {{MS1970 Source}} | ||
− | <br> | + | <br><br> |
'''5.''' The degree to which a person, asset, process, information, infrastructure or other resources | '''5.''' The degree to which a person, asset, process, information, infrastructure or other resources | ||
are exposed to the actions or effects of a risk, event or other occurrences. | are exposed to the actions or effects of a risk, event or other occurrences. | ||
<br> | <br> | ||
{{AS/NZS 5050.1 Source}} | {{AS/NZS 5050.1 Source}} | ||
+ | |||
+ | [[Category:BCM Institute Cyber Security Glossary]] |
Latest revision as of 07:12, 30 October 2020
1. Vulnerability is the probability or likelihood of being exposed to an event that can cause actual loss to organization assets.
Related Terms: Risk Likelihood
|
2. In a security context,vulnerability is a measure of the likelihood that various types of security/control measures(physical,personnel,policies,etc)against a threat source will fail.Vulnerability comprises 'resilience' and 'susceptibility'.Resilience is related to existing controls and susceptibility is related to exposure.
(Source: Australia. A Practitioner's Guide to Business Continuity Management HB292 - 2006 )
3. A weakness of the system and its assets which could be exploited by threats.
(Source: OGC, Information Technology Infrastructure Library (ITIL) v3)
4. A weakness of any system, data, people or processes that can be exploited by one or more threats.
(Source: Malaysia BCM Standard MS1970:2007)
5. The degree to which a person, asset, process, information, infrastructure or other resources
are exposed to the actions or effects of a risk, event or other occurrences.
(Source: AS/NZS 5050.1 Australian and New Zealand Standards for business continuity management.
Part 1: Business continuity management system specification)