Vulnerability, threat and risk are most common used terms in the information security domain. They form the building blocks of advanced concepts of designing and securing security posture of any organization. However, these terms are often confused and hence a clear understanding becomes utmost important. We have tried to make the concepts easy to remember with a learning key and relevant examples.
The definition of vulnerability, threat and risk are as follows:
For the purpose of easy remembrance, use this learning key. It is easy to recall for all practical/work purposes including interviews !
Examples always help relate with the concepts. Following are two commonly referred examples of these often confused interrelated concepts.
Read more about Steps of Physical Security Assessment