... "an inherent and potentially exploitable weakness in an information asset, system, process, organisation etc." [source: SecAware glossary]
... exposed by one or more missing, ineffective or inadequate controls
... “a security weakness in a computer” [source: NIST SP800-114 rev1]
... “a weakness, susceptibility or flaw of an asset or control
that can be exploited by one or more threats”
[source: Financial Stability Board Cyber Lexicon]
... "weakness of an asset or control that can be exploited
by one or more threats” [source: ISO/IEC 27000]
... "weakness in a system, system security procedures,
internal controls, or implementation that could be
exploited or triggered by a threat"
[source: NIST SP 1800-17b]
... a chink in the armour
... a gap in our defences
... revealed in incidents
... asking for trouble
... taking a chance
... misplaced trust
... the weak link
... unprotected
... an opening
... exploitable
... a soft spot
... deficiency
... endearing
... weakness
... inevitable
... inherent
... pathetic
... a flaw
... latent
No comments:
Post a Comment
The floor is yours ...