What is the difference between Threat, Vulnerability, and Risk?

  • Threat: Someone with the potential to cause harm by damaging or destroying the official data to a system or organization.
  • Vulnerability: It refers to weaknesses in a system that makes threat outcomes more possible and even more dangerous.
  • Risk: It refers to a combination of threat probability and impact/loss. In simple terms, it is related to potential damage or loss when threat exploits the vulnerability.

Threat probability * Potential loss = Risk