|1. Unknown unknowns refers to not having the knowledge on the every area within the organisation that is related to cyber security.
Notes (1): Having an understanding of what the organisation do not know is better than being completely oblivious. Information assets that are unbeknownst within the organization are deadly vulnerabilities that can be leveraged by cyber criminals at any time, creating substantial impact to operations or reputation.
Related Term: Malware
2. Knowing what you don’t know is a far better situation than not knowing what you don’t know. Unknown systems, accounts, software and data act as landmines for enterprises. Hidden and ready to detonate, these “unknown unknowns” can explode any time, resulting in substantial impact to operations or public perception.
Source: (Verizon, 2017)