risk barometer
Depending upon information we have, we decide if a risk requires us to take an action or maybe we prefer choosing to ignore the risk.
The that information, a decision will be made resulting in an action, such as patching the vulnerable software by downloading and installing the latest version of the software where the vulnerability has been eliminated.
Important is that each:
-threat,
-vulnerability, and
all influence the way we assess a risk.
We use a ranking system that looks like this:
| CyTRAP Labs risk barometer for infosec |
||||
| low | ele- vated |
mode- rately critical |
critical | severe |
| 1 | 2 | 3 | 4 | 5 |
| CyTRAP Labs 5-Punkte InfoSec Risiko-Barometer | ||||
| niedrig | vorsichtig | mittel- gradig kritisch |
kritisch | extrem |
| 1 | 2 | 3 | 4 | 5 |
The above ranking scheme is used to assess the risk regarding a threat, vulnerability and impact.Here is additional information about the CyTRAP Labs risk barometer and how we get at the numbers we publish:
{ 3 trackbacks }
Comments on this entry are closed.