O'Reilly logo

Metrics and Methods for Security Risk Management by Carl Young

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 1. Security threats and risk
Threats are illogical. — Sarek.
“Journey to Babel,” Star Trek, Stardate 3842.3
1.1. Introduction to security risk or tales of the psychotic squirrel and the sociable shark
Ask a hundred people to state the difference between threat and risk and you will likely get a very diverse set of answers. I often ask this question when interviewing candidates for a security-related job. Even those who assess risk for a living are often stumped when asked for a working definition of these two terms. To complicate matters, colloquialisms abound to include “managing risk,” “risk relevance,” “concentration of risk,” “risk free,” and “risk averse.” Each implies something tangible if not downright quantifiable.
Many of us rely ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required