risk barometer

3 comments 9.369 views

Depending upon information we have, we decide if a risk requires us to take an action or maybe we prefer choosing to ignore the risk.

The that information, a decision will be made resulting in an action, such as patching the vulnerable software by downloading and installing the latest version of the software where the vulnerability has been eliminated.

Important is that each:

threat,

vulnerability, and

impact

all influence the way we assess a risk.

We use a ranking system that looks like this:

CyTRAP Labs risk barometer for infosec
low ele-
vated
mode-
rately
critical
critical severe
1 2 3 4 5
CyTRAP Labs 5-Punkte InfoSec Risiko-Barometer
niedrig vorsichtig mittel-
gradig
kritisch
kritisch extrem
1 2 3 4 5

The above ranking scheme is used to assess the risk regarding a threat, vulnerability and impact.Here is additional information about the CyTRAP Labs risk barometer and how we get at the numbers we publish: