glossary

What is a threat (in cybersecurity)?

Source-cited RoleMath page about What is a threat (in cybersecurity)?.

Build my personalized career plan

Researched by RoleMath Research. Every figure on this page traces to the official source shown next to it.

What is a threat (in cybersecurity)?

A threat is any circumstance or event with the potential to adversely affect an organization's operations, assets, or people through an information system — for example via unauthorized access, disclosure, modification, or denial of service.

What it means

NIST frames a threat as the potential source of harm to a system. A threat differs from a vulnerability: the vulnerability is the weakness, the threat is what might exploit it (such as an attacker, malware, or even a natural event). Identifying and analyzing threats is part of risk assessment and security-operations work.

Sources

  • National Institute of Standards and Technology — NIST CSRC Glossary: https://csrc.nist.gov/glossary

Citation Ledger

IDSupportsEvidenceSource
CIT-01Definition source for What is a threat (in cybersecurity)?Official source pageNational Institute of Standards and Technology — NIST CSRC Glossary

Ready to see how this fits your background?

RoleMath planner