Types of threat

There are various different types of threat:

• Physical damage, such as fire, water, and pollution
• Natural events, such as climatic conditions
• Loss of essential services, such as power, AC, and telecommunication
• Compromise of information, such as theft of media including HDD and CD drives
• Failure of technical equipment or software
• Abuse of rights and denial of actions

A threat agent is used to indicate an inpidual or group that can manifest a threat. It is essential to identify who would want to exploit the assets of a company, and how they might use them against the company.

Threat agents can take one or more of the following actions against an asset:

• Access: Simple unauthorized access
• Misuse: Unauthorized use of assets
• Disclose: The threat agent illicitly discloses sensitive information
• Modify: Unauthorized changes to an asset
• Deny access: Includes destruction, theft of non-data assets, and so on

The following are examples of the threat communities of the malicious threat landscape many companies face:

• Internal:
  • Employees
  • Vendors
  • Partners
•  External:
  •  Hackers
  • Spies
  • Nation-state intelligence services
  • Malware